Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Odd login IPs, think I might be infected?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 3rd, 2014, 9:24 pm

So I was checking through some forums I frequent and noticed strange IP logins, and wanted to see if I may be infected.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 10.67.2
Run by Lucas at 20:20:26 on 2014-12-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8074.4216 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: ESET Smart Security 6.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Lucas\AppData\Local\Skillbrains\lightshot\5.1.4.41\Lightshot.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\Lucas\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
E:\Teamspeak\ts3client_win64.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.229\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.13\deploy\LoLPatcher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.119\deploy\LolClient.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [ASRockXTU] <no file>
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Lucas\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm
IE: Open Client to monitor &7 - C:\Windows\web\AOpenClient.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Trusted Zone: muzzylane.com
Trusted Zone: muzzylane.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{00E32CAB-F465-4B6D-9060-C11D4696C843} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{00E32CAB-F465-4B6D-9060-C11D4696C843}\459737F6E6 : DHCPNameServer = 167.206.251.130 167.206.251.129
TCP: Interfaces\{00E32CAB-F465-4B6D-9060-C11D4696C843}\D656469616C696E6B6 : DHCPNameServer = 167.206.251.130 167.206.251.129
TCP: Interfaces\{00E32CAB-F465-4B6D-9060-C11D4696C843}\E4564776561627 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D642C3F8-8AF9-42A1-A493-AC48740D7F10} : DHCPNameServer = 8.8.8.8 8.8.4.4
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u wsauth livessp
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-BHO: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - <orphaned>
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\5g3b275o.default\
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Muzzy Lane Software\Sandstone Player\npSandstonePlayer.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Users\Lucas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Lucas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Users\Lucas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Lucas\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Lucas\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Users\Lucas\AppData\Roaming\raidcall\plugins\nprcplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
FF - plugin: E:\Program Files\VLC Media Player\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AsrRamDisk;AsrRamDisk;C:\Windows\System32\drivers\AsrRamDisk.sys [2013-4-13 31016]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-12-21 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-12-21 207904]
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2013-2-20 58416]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-5-22 22600]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-12-21 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-12-21 421704]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2013-2-20 213416]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2013-1-10 59440]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2013-4-13 16648]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-12-21 78648]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-4-30 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2013-8-4 72216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-6-25 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-6-25 969016]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 125584]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2014-10-31 183488]
R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2014-11-30 37184]
R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2014-11-30 129600]
R3 AsrVDrive;AsrVDrive;C:\Windows\System32\drivers\AsrVDrive.sys [2013-4-13 23048]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2014-8-19 110368]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-18 46568]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-27 788760]
R3 KeyScrambler;KeyScrambler;C:\Windows\System32\drivers\keyscrambler.sys [2013-12-21 222200]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-4-13 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-6-25 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-25 63704]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-4-13 32344]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2014-9-4 33448]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2014-9-4 39592]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2014-9-4 160424]
R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2014-9-4 31912]
R3 ucgnsta;BUFFALO WLI-UC-GN Series Wireless LAN Driver;C:\Windows\System32\drivers\ucgnstax.sys [2013-4-13 987648]
R3 vmwvusb;VMware View Generic USB Driver;C:\Windows\System32\drivers\vmwvusb.sys [2013-4-29 48240]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-21 80184]
S3 EasyAntiCheat;EasyAntiCheat;C:\Windows\System32\EasyAntiCheat.exe --> C:\Windows\System32\EasyAntiCheat.exe [?]
S3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2013-4-13 32320]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-6-6 13728]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-4-13 31800]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 VsEtwService120;Visual Studio ETW Event Collection Service;C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2014-7-22 89232]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-6-6 81824]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-6-6 15776]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-14 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Driver\WinRing0x64.sys [2012-11-13 14544]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
S4 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-3-7 50344]
S4 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-12-30 49152]
S4 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2013-6-21 2438696]
S4 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-2-27 70352]
S4 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-5-29 2094216]
S4 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-3-21 1341664]
S4 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2012-5-10 608864]
S4 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-6-6 135824]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-4-13 1432400]
S4 GeekBuddyRSP;GeekBuddyRSP Server;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-2-27 2327248]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-2-4 2222416]
S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-2-4 377616]
S4 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-6-1 4150112]
S4 wsnm;VMware View Client;E:\Program Files\VMware\VMware View\Client\bin\wsnm.exe [2011-9-7 494192]
S4 wsnm_usbctrl;VMware View USB Control;E:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe [2011-9-7 1125488]
S4 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2013-6-6 619904]
.
=============== File Associations ===============
.
FileExt: .scr: DWGTrueViewScriptFile=C:\Windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-12-03 02:29:03 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6EAEFA14-946C-451E-903C-CD0FDBB180E0}\gapaengine.dll
2014-12-03 02:28:53 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{21E56EA1-4AB0-475E-8304-E4CCF7E23598}\mpengine.dll
2014-12-01 21:15:00 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-01 02:17:51 -------- d-----w- C:\Users\Lucas\AppData\Roaming\NuGet
2014-12-01 01:29:21 1131840 ----a-w- C:\ProgramData\Microsoft\WDExpress\12.0\1033\ResourceCache.dll
2014-12-01 00:12:31 -------- d-----w- C:\Program Files\Microsoft SQL Server
2014-12-01 00:08:33 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-11-30 17:18:48 -------- d-----w- C:\ProgramData\NuGet
2014-11-30 17:18:48 -------- d-----w- C:\Program Files (x86)\NuGet
2014-11-30 17:04:25 -------- d-----w- C:\Program Files (x86)\Common Files\Merge Modules
2014-11-30 17:02:01 129600 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
2014-11-30 17:01:46 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft
2014-11-30 17:01:39 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
2014-11-30 16:59:36 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-20 08:23:06 9728 ----a-w- C:\Windows\SysWow64\RzStats.IPC.dll
2014-11-20 01:41:55 -------- d-----w- C:\Users\Lucas\AppData\Local\Cockatrice
2014-11-20 01:41:11 -------- d-----w- C:\Program Files (x86)\Cockatrice
2014-11-18 20:31:02 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-18 20:31:02 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-18 20:31:02 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-18 20:31:02 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-12 20:37:47 1882624 ----a-w- C:\Windows\System32\msxml3.dll
.
==================== Find3M ====================
.
2014-12-04 00:08:43 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-21 11:14:22 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 11:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 11:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-24 23:21:20 72336 ----a-w- C:\Windows\SysWow64\vsd3dwarpdebug.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-09 09:07:10 89088 ----a-w- C:\Windows\SysWow64\rzdevinfo.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-09-30 05:32:42 901632 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll
2014-09-30 05:32:36 419840 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-11 06:57:10 78848 ----a-w- C:\Windows\SysWow64\rzvirtualdev.dll
2014-09-11 06:57:08 155136 ----a-w- C:\Windows\SysWow64\rztouchdll.dll
2014-09-11 06:57:02 117248 ----a-w- C:\Windows\SysWow64\rzdisplaydll.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-05 03:28:00 33448 ----a-w- C:\Windows\System32\drivers\rzdaendpt.sys
2014-09-05 03:27:58 31912 ----a-w- C:\Windows\System32\drivers\rzvkeyboard.sys
2014-09-05 03:27:52 39592 ----a-w- C:\Windows\System32\drivers\rzendpt.sys
2014-09-05 03:27:52 160424 ----a-w- C:\Windows\System32\drivers\rzudd.sys
.
============= FINISH: 20:20:45.97 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/13/2013 1:03:03 AM
System Uptime: 12/3/2014 4:57:41 PM (4 hours ago)
.
Motherboard: ASRock | | Z77 Extreme6
Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz | CPUSocket | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 10.507 GiB free.
E: is FIXED (NTFS) - 932 GiB total, 661.498 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SASDIFSV
Device ID: ROOT\LEGACY_SASDIFSV\0000
Manufacturer:
Name: SASDIFSV
PNP Device ID: ROOT\LEGACY_SASDIFSV\0000
Service: SASDIFSV
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_1E221849&REV_04\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_1E221849&REV_04\3&11583659&0&FB
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SASKUTIL
Device ID: ROOT\LEGACY_SASKUTIL\0000
Manufacturer:
Name: SASKUTIL
PNP Device ID: ROOT\LEGACY_SASKUTIL\0000
Service: SASKUTIL
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_14E4&DEV_16B1&SUBSYS_96B11849&REV_10\4&C7A4F95&0&00E5
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_14E4&DEV_16B1&SUBSYS_96B11849&REV_10\4&C7A4F95&0&00E5
Service:
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1B6F&DEV_7023&SUBSYS_70231849&REV_01\4&443610C&0&00E6
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1B6F&DEV_7023&SUBSYS_70231849&REV_01\4&443610C&0&00E6
Service:
.
==== System Restore Points ===================
.
RP482: 11/30/2014 11:59:30 AM - Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
RP483: 11/30/2014 12:06:16 PM - Visual Studio 2012 Update 4 (KB2707250)
RP484: 11/30/2014 6:59:22 PM - Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4
RP485: 12/1/2014 9:46:01 PM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
4K Video Downloader 3.4
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Creative Cloud
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Help Manager
Adobe Photoshop CC
Adobe Reader XI (11.0.05)
Adobe Shockwave Player 12.1
Akamai NetSession Interface
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
AMD Wireless Display v3.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Profiles
Arma 2
Arma 2: Operation Arrowhead
ASRock 3TB+ Unlocker v1.1
ASRock eXtreme Tuner v0.1.250
ASRock InstantBoot v1.29
ASRock RapidStart v1.0.6
ASRock SmartConnect v1.0.6
ASRock XFast RAM v2.0.9
Assassin's Creed II
Autodesk Inventor 2013 Quick Uninstaller
Autodesk Inventor Professional 2013
Autodesk Inventor Professional 2013 English Language Pack
Autodesk Material Library 2013
Autodesk Material Library Base Resolution Image Library 2013
Autodesk Material Library Low Resolution Image Library 2013
Autodesk Sync
avast! Free Antivirus
Bamboo Dock
Bamboo Tablets Tutorial
Bandicam
Bandisoft MPEG-1 Decoder
Batman: Arkham Asylum GOTY Edition
Battle.net
BattlEye for OA Uninstall
Behaviors SDK (Windows Phone) for Visual Studio 2013
Behaviors SDK (Windows) for Visual Studio 2013
Blade Symphony
Blend for Visual Studio Add-in for Adobe FXG Import
Blend for Visual Studio SDK for .NET 4.5
Blend for Visual Studio SDK for Silverlight 5
Bonjour
BUFFALO AirStation Bandwidth Selection Tool
Build Tools - amd64
Build Tools - x86
Build Tools Language Resources - amd64
Build Tools Language Resources - x86
Call of Duty 4: Modern Warfare
Call of Duty: Black Ops II - Multiplayer
Call of Duty: Black Ops II - Zombies
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Call of Duty: Modern Warfare 3 - Multiplayer
Camtasia Studio 7
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cockatrice
Comodo Dragon
Counter-Strike: Global Offensive
Counter-Strike: Source
CyberGhost VPN
DayZ Commander
Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition
Disk Space Fan 4 4.5.4.152
Dropbox
DWG TrueView 2013
Eco Materials Adviser for Autodesk Inventor 2013
Entity Framework 6.1.1 Tools for Visual Studio 2013
Entity Framework Designer for Visual Studio 2012 - enu
EPSON Connect version 1.0
Epson Customer Participation
Epson Event Manager
Epson FAX Utility
EPSON Scan
EPSON WF-2540 Series Printer Uninstall
EpsonNet Print
ESET Online Scanner v3
ESET Smart Security
Facebook Video Calling 3.1.0.521
FileZilla Client 3.7.4.1
Five Nights at Freddy's
Fraps (remove only)
Garry's Mod
GeekBuddy
Google Chrome
Google Drive
Google Talk Plugin
Google Update Helper
Grand Theft Auto IV
Grooveshark
Gyazo 1.0
Hearthstone
Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Visual C# 2010 Express - ENU (KB2635973)
HydraVision
Intel(R) Processor Graphics
Intel(R) USB 3.0 eXtensible Host Controller Driver
iTunes
Java 7 Update 67
Java Auto Updater
join.me
Just Cause 2
Just Cause 2: Multiplayer Mod
KeyScrambler
League of Legends
Lightshot-5.1.4.41
LocalESPC
LogMeIn
LogMeIn Hamachi
LOLReplay
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5 SDK
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
Microsoft .NET Framework 4.5.1 SDK
Microsoft Application Error Reporting
Microsoft Azure Shared Components for Visual Studio 2013 - v1.3
Microsoft C++ REST SDK for Visual Studio 2013
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Help Viewer 1.1
Microsoft Help Viewer 2.0
Microsoft Help Viewer 2.1
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Portable Library Multi-Targeting Pack
Microsoft Report Viewer Add-On for Visual Studio 2013
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2012 Command Line Utilities
Microsoft SQL Server 2012 Data-Tier App Framework
Microsoft SQL Server 2012 Data-Tier App Framework (x64)
Microsoft SQL Server 2012 Express LocalDB
Microsoft SQL Server 2012 Management Objects
Microsoft SQL Server 2012 Management Objects (x64)
Microsoft SQL Server 2012 Native Client
Microsoft SQL Server 2012 T-SQL Language Service
Microsoft SQL Server 2012 Transact-SQL Compiler Service
Microsoft SQL Server 2012 Transact-SQL ScriptDom
Microsoft SQL Server 2014 Express LocalDB
Microsoft SQL Server 2014 Management Objects
Microsoft SQL Server 2014 Management Objects (x64)
Microsoft SQL Server 2014 T-SQL Language Service
Microsoft SQL Server 2014 Transact-SQL ScriptDom
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Compact 4.0 SP1 x64 ENU
Microsoft SQL Server Data Tools - enu (11.1.20828.01)
Microsoft SQL Server Data Tools - enu (12.0.41012.0)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
Microsoft SQL Server System CLR Types
Microsoft System CLR Types for SQL Server 2012
Microsoft System CLR Types for SQL Server 2012 (x64)
Microsoft System CLR Types for SQL Server 2014
Microsoft Team Foundation Server 2013 Update 4 Object Model (x64)
Microsoft Team Foundation Server 2013 Update 4 Object Model Language Pack (x64) - ENU
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ x64 Libraries
Microsoft Visual C++ x86 Libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
Microsoft Visual C++ 2012 Core Libraries
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86-x64 Compilers
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources
Microsoft Visual C++ 2013 Core Libraries
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86-x64 Compilers
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU
Microsoft Visual Studio 2012 Preparation
Microsoft Visual Studio 2012 Shell (Minimum)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
Microsoft Visual Studio 2012 Shell (Minimum) Resources
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
Microsoft Visual Studio 2013 Diagnostic Tools - amd64
Microsoft Visual Studio 2013 Diagnostic Tools - x86
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU
Microsoft Visual Studio 2013 Preparation
Microsoft Visual Studio 2013 Shell (Minimum)
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies
Microsoft Visual Studio 2013 Shell (Minimum) Resources
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU
Microsoft Visual Studio 2013 XAML UI Designer
Microsoft Visual Studio 2013 XAML UI Designer - ENU
Microsoft Visual Studio Express 2012 for Windows Desktop
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
Microsoft Visual Studio Express 2013 for Windows Desktop
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4
Microsoft Visual Studio Team Foundation Server 2012 Object Model
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
MouseFIGHTER
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nidhogg
No-IP DUC
Notepad++
NVIDIA PhysX
Open Broadcaster Software
OpenVPN 2.2.2
Origin
osu!
Paint.NET v3.5.11
PDF Settings CC
Pidgin
pidgin-otr 4.0.0-1
PowreShellIntegration.Notifications
Prerequisites for SSDT
Psi (remove only)
Python 2.7.1
Python Tools Redirection Template
QuickTime 7
RaidCall
Rainmeter
Raptr
Razer Game Booster
Razer Synapse 2.0
Realtek High Definition Audio Driver
RocketDock 1.3.5
Rust
Sandstone Player
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Skype Click to Call
Skype™ 6.21
Software Updater
Spotify
Star Wars: The Old Republic
StarCraft II
Steam
StepMania v5.0 beta 3 (remove only)
swMSM
T.E.C. 3001
Team Explorer for Microsoft Visual Studio 2013
TeamSpeak 3 Client
TeamViewer 8
Theme Manager
Trials Evolution Gold Edition
TypeScript Power Tool
TypeScript Tools for Microsoft Visual Studio 2013
U2bviews Software
Unity Web Player
Update for (KB2504637)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514)
Update for Microsoft Visual Studio 2013 (KB2932965)
Uplay
VBA (2627.01)
Virtual Audio Cable 4.14
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visual Studio 2012 Update 4 (KB2707250)
Visual Studio 2013 Update 4 (KB2829760)
Visual Studio Extensions for Windows Library for JavaScript
VLC media player
VMware View Client
VS Update core components
Wacom
War of the Vikings Early Access
WebTablet FB Plugin 32 bit
WebTablet FB Plugin 64 bit
Winamp
WinDirStat 1.1.2
Windows Live ID Sign-in Assistant
Windows Software Development Kit
Windows Software Development Kit DirectX x64 Remote
Windows Software Development Kit DirectX x86 Remote
Windows Software Development Kit for Windows Store Apps
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
Windows XP Targeting with C++
XFastUSB
.
==== Event Viewer Messages From Past Week ========
.
12/3/2014 4:57:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
11/30/2014 12:13:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
.
==== End Of File ===========================
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm
Advertisement
Register to Remove

Re: Odd login IPs, think I might be infected?

Unread postby pgmigg » December 6th, 2014, 1:06 pm

Hello lucaslee8498,

Welcome to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3175
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Odd login IPs, think I might be infected?

Unread postby pgmigg » December 6th, 2014, 5:09 pm

Hello lucaslee8498,

P2P Advisory!
IMPORTANT: There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent
As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s), please indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Step 1.
Remove P2P Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Click on 'Select all', then copy and paste the value below into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Locate the following program:
    µTorrent
  4. Click on the Change/Remove button to uninstall it.
    Repeat steps 2 and 3 for each program listed.
  5. When the program(s) have been uninstalled, please close Control Panel
  6. Reboot (restart) your computer.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program itself may be safe but the files may not - use P2P at your own risk!
Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

Step 2.
TSG - SysInfo utility
  1. Please download SysInfo.exe and save it to your Desktop.
  2. Right click SysInfo.exe and select "Run As Administrator" to run it... if UAC prompts, please allow it.
  3. The small square window will be opened with already highlighted text - please right click on it, select Copy and then paste it in your next post.

Step 3.
Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Step 4.
Run CodeCheck Scan
  1. Please download codecheck from here to your Desktop.
  2. Make sure that codecheck.exe is on the your Desktop before running the application!
  3. Right-click on codecheck.exe and select "Run as administrator..." to run it.
  4. After a very short time a codecheck.txt icon will appear on your Desktop
  5. Double-click on the codecheck.txt icon on your Desktop and copy/paste the contents in your next reply.

Step 5.
MGA Diagnostics
I need you to run a tool which will aid in determining what additional steps we'll need to perform.
  1. Please download this tool from Microsoft and save it to your Desktop.
  2. Right click on MGADiag.exe and select Run As Administrator to run it.
  3. Click "Run" again and then click "Continue".
  4. The program will run. It takes a while to finish the diagnosis, please be patient.
  5. Once done, click on Copy.
  6. Open Notepad and paste the contents in. Save this file and post it in your next reply.

Step 6.
WVCheck
  1. Please download WVCheck.exe and save it to your Desktop.
  2. Right-click WVCheck.exe and select Run as administrator... to run the process.
  3. Read the comments on the screen, then press Enter.
    The scan can take a while depending on the size of your hard drive.
  4. Once the program is done, Notepad will open with the scan report. Save the report to your Desktop.
  5. Please copy and paste the contents of the Notepad file in your next reply.

Then:
Please tell me is this computer used for business purposes and connected to a business or educational network?
I need to know it - so I can provide the proper instructions.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Your decision about P2P programs
  3. Contents of TSG - SysInfo utility
  4. Contents of CKFiles.txt log file
  5. Contents of a log created by codecheck.txt
  6. Contents of a log created by MGADiag.exe
  7. Contents of a log created by WVCheck.exe
  8. Answers to my question related to type of using of your computer

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3175
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 6th, 2014, 8:14 pm

A. No
B. I have removed the P2P programs listed.
C. Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8073 Mb
Graphics Card: Intel(R) HD Graphics, -1984 Mb
Hard Drives: C: Total - 114370 MB, Free - 11919 MB; E: Total - 953866 MB, Free - 677409 MB;
Motherboard: ASRock, Z77 Extreme6
Antivirus: Microsoft Security Essentials, Updated and Enabled

D. CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\riot games\league of legends\rads\projects\lol_game_client\filearchives\0.0.0.235\data\particles\odin_crystal_cracklight.troybin
scanner sequence 3.NA.11.WGAPFZ
----- EOF -----

E. Codecheck Version 1.0

12006

F. Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-KXVHB-GKVFT-M9XHT
Windows Product Key Hash: rBJlPNrarNRqlB3GsUhmBIQUvnE=
Windows Product ID: 00359-OEM-8704153-78653
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {464806F0-7A74-4ACE-B655-7735E6398DFB}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.140303-2144
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{464806F0-7A74-4ACE-B655-7735E6398DFB}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-M9XHT</PKey><PID>00359-OEM-8704153-78653</PID><PIDType>3</PIDType><SID>S-1-5-21-3937064695-4174873834-2997317461</SID><SYSTEM><Manufacturer>To Be Filled By O.E.M.</Manufacturer><Model>To Be Filled By O.E.M.</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P2.60</Version><SMBIOSVersion major="2" minor="7"/><Date>20130116000000.000000+000</Date></BIOS><HWID>54CA3807018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
Activation ID: 586bc076-c93d-429a-afe5-a69fbc644e88
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00174-041-578653-02-1033-7601.0000-1032013
Installation ID: 019030704464520644175182539856978506585042357973523294
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: M9XHT
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 12/6/2014 7:09:17 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 10:22:2014 13:38
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: RgAAAAEABAABAAMAAgAFAAAABAABAAEAln0mUR0wEsLo7XTEwr8M5EhWQB/OcAJgsvuKm0o6/EUG6bsonFL8FmXvDceWYw==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ALASKA A M I
FACP ALASKA A M I
HPET ALASKA A M I
MCFG ALASKA A M I
FPDT ALASKA A M I
SSDT Intel_ AoacTabl
AAFT ALASKA OEMAAFT
SSDT Intel_ AoacTabl
SSDT Intel_ AoacTabl
SSDT Intel_ AoacTabl
BGRT ALASKA A M I

G. Windows Validation Check
Version: 1.9.12.5
Log Created On: 1910_06-12-2014
-----------------------

Windows Information
-----------------------
Windows Version: Windows 7 Service Pack 1
Windows Mode: Normal
Systemroot Path: C:\Windows

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2014-12-06 23:51:25
Last Success Time for Update Download: 2014-12-01 21:08:22
Last Success Time for Update Installation: 2014-12-02 02:47:10


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
C:\Windows\System32\slwga.dll
Size: 14336 bytes
Creation; 20/11/2010 22:23:48
Modification; 20/11/2010 22:23:48
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\SysWOW64\slwga.dll
Size: 14336 bytes
Creation; 20/11/2010 22:23:48
Modification; 20/11/2010 22:23:48
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\amd64_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_5d778f71b9f4fd55\slwga.dll
Size: 15360 bytes
Creation; 20/11/2010 22:24:21
Modification; 20/11/2010 22:24:21
MD5; b6d6886149573278cba6abd44c4317f5
Matched: slwga.dll
-----------------------
C:\Windows\winsxs\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.1.7601.17514_none_0158f3ee01978c1f\slwga.dll
Size: 14336 bytes
Creation; 20/11/2010 22:23:48
Modification; 20/11/2010 22:23:48
MD5; 19f75d71e4256f5113d64ce2bb66b838
Matched: slwga.dll
-----------------------


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3


-------- End of File, program close at 1913_06-12-2014 --------

H. No, this computer is used solely for personal purposes and is not connected to a business or educational network.
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm

Re: Odd login IPs, think I might be infected?

Unread postby pgmigg » December 7th, 2014, 12:29 am

Hello lucaslee8498,

Step 1.
For safety reason (to have a good registry to restore if needed), I will ask you to create a System Restore Point (SRP) before most of my instructions sets...
Create a System Restore Point
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection, then choose Create.
  4. In the System Restore dialog box, type a description for the restore point and then click Create again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK, then close the System Restore dialog.

If you have successfully created a System Restore Point... we can proceed.
If you have NOT successfully created a System Restore Point... do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 2.
WARNING!
Multiple Anti Virus programs detected
  1. It looks like you are operating your computer with multiple Anti Virus programs installed at once:
    Microsoft Security Essentials
    ESET Smart Security 6.0
    avast! Antivirus
  2. Running - more than one - antivirus program is not recommended because:
    1. They can conflict with each other.
    2. Report the other antivirus software as malicious.
    3. Antivirus programs use an enormous amount of computer's resources... actively scanning your computer.
    4. Can cause your computer to run slowly, become unstable and crash.
  3. I strongly suggest you uninstall two of them. Which ones, is your decision, but if you asked me, I would recommend you to uninstall the
    Microsoft Security Essentials and ESET Smart Security 6.0 . How to do it? Please see Step 3 below.

Step 3.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without into the open text entry box:
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    ESET Online Scanner v3
    ESET Smart Security
    Microsoft Security Essentials
    Mozilla Firefox 20.0.1 (x86 en-US)
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.

Your another version of Firefox (25.01) is deeply out of date. You you plan to use it, please update Firefox - the latest version is 34.0!

Step 4.
AdwCleaner
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Right click on adwcleaner.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Clean button.
  5. A log file C:\AdwCleaner[Sn].txt will automatically open. ([Sn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Sn].txt log file in your next reply.

Step 5.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 6.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL - Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the AdwCleaner[Sn].txt log file
  3. Contents of the JRT.txt log file
  4. Contents of a OTL.txt log file
  5. Contents of a Extras.txt log file
  6. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3175
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 7th, 2014, 6:43 pm

A. No
B. 3:39 PM 12/7/2014# AdwCleaner v4.104 - Report created 07/12/2014 at 15:30:16
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lucas - LUCAS-PC
# Running from : C:\Users\Lucas\Desktop\adwcleaner_4.104.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Lucas\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
File Deleted : C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Deleted : C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : update-sys
Task Deleted : update-S-1-5-21-3937064695-4174873834-2997317461-1000

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.71

[C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

-\\ Comodo Dragon v27.0.4.0

[C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [1943 octets] - [03/01/2014 19:57:09]
AdwCleaner[R1].txt - [2003 octets] - [03/01/2014 20:00:52]
AdwCleaner[R2].txt - [2091 octets] - [25/06/2014 19:00:21]
AdwCleaner[R3].txt - [2514 octets] - [07/12/2014 15:26:44]
AdwCleaner[S0].txt - [2686 octets] - [07/12/2014 15:30:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2746 octets] ##########

C. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Lucas on Sun 12/07/2014 at 17:38:31.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/07/2014 at 17:40:37.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

D. OTL logfile created on: 12/7/2014 5:32:46 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.88 Gb Total Physical Memory | 5.70 Gb Available Physical Memory | 72.24% Memory free
15.77 Gb Paging File | 13.48 Gb Available in Paging File | 85.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 11.27 Gb Free Space | 10.09% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 661.96 Gb Free Space | 71.06% Space Free | Partition Type: NTFS

Computer Name: LUCAS-PC | User Name: Lucas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/12/07 17:29:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucas\Desktop\OTL.exe
PRC - [2014/11/21 16:09:00 | 000,455,168 | ---- | M] (Skillbrains) -- C:\Users\Lucas\AppData\Local\Skillbrains\lightshot\5.1.4.41\Lightshot.exe
PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/11/20 03:23:10 | 000,289,792 | ---- | M] () -- C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
PRC - [2014/11/17 16:42:19 | 000,217,304 | ---- | M] (Razer, Inc.) -- C:\Users\Lucas\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
PRC - [2014/11/17 16:42:15 | 000,214,232 | ---- | M] (Razer, Inc.) -- C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
PRC - [2014/11/13 01:58:58 | 035,419,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/11/03 15:47:52 | 000,585,536 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2014/10/31 18:27:38 | 000,183,488 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
PRC - [2014/10/18 11:50:13 | 001,514,040 | ---- | M] (Spotify Ltd) -- C:\Users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013/06/03 04:33:34 | 000,815,992 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2013/03/28 22:08:14 | 000,389,120 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe


========== Modules (No Company Name) ==========

MOD - [2014/12/07 15:32:18 | 000,043,008 | ---- | M] () -- c:\Users\Lucas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl7oupi.dll
MOD - [2014/11/20 03:23:10 | 000,289,792 | ---- | M] () -- C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
MOD - [2014/11/20 01:02:46 | 000,193,024 | ---- | M] () -- C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
MOD - [2014/11/13 01:49:58 | 003,610,624 | ---- | M] () -- C:\Users\Lucas\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/10/17 15:48:56 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll
MOD - [2014/10/17 15:48:35 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll
MOD - [2014/10/17 15:48:35 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9370714a38ae2805434296b26a9f5b14\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/10/16 17:30:44 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014/10/16 17:30:37 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014/10/16 17:30:33 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/16 17:30:32 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014/10/16 17:30:31 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/10/16 17:30:30 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/16 17:30:28 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/16 17:30:28 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/16 17:30:28 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014/10/16 17:30:27 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/16 17:30:27 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014/10/16 17:30:26 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/16 17:30:25 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/16 17:30:25 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\c90a4b709b46b64c89fce02585d55370\System.Management.ni.dll
MOD - [2014/10/16 17:30:25 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\902843918d037f5f3511d679bf1e2216\System.ServiceProcess.ni.dll
MOD - [2014/10/16 17:30:24 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/11 12:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/04/23 15:05:12 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/27 17:18:33 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/02/27 17:18:33 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c94c36c9ae776de930f2aacb6dd51c38\UIAutomationProvider.ni.dll
MOD - [2014/02/26 22:36:16 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/02/11 14:29:20 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2014/01/03 19:20:46 | 034,755,072 | ---- | M] () -- C:\Users\Lucas\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
MOD - [2014/01/03 19:20:46 | 000,970,240 | ---- | M] () -- C:\Users\Lucas\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\cef\ffmpegsumo.dll
MOD - [2013/08/23 14:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Lucas\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2010/01/21 00:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2014/11/05 22:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/22 14:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/08/22 14:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/12/06 15:52:10 | 000,239,616 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/13 04:10:53 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/03/21 14:19:46 | 001,341,664 | ---- | M] (ESET) [Disabled | Stopped] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2012/12/11 13:07:04 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2012/05/10 13:00:00 | 000,608,864 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled | Stopped] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2012/04/26 10:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [Disabled | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV:64bit: - [2011/12/11 23:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/11/18 15:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/10/31 18:27:38 | 000,183,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe -- (Razer Game Scanner Service)
SRV - [2014/07/22 21:17:28 | 000,089,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/14 13:39:53 | 000,093,048 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Windows\SysWOW64\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/03/11 14:07:16 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/27 12:33:02 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2014/02/27 10:28:36 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2014/02/04 14:56:50 | 002,222,416 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014/02/04 10:37:32 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/01/28 13:37:59 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/12/30 20:13:14 | 000,049,152 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/13 04:17:51 | 004,150,112 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/05/29 07:19:04 | 002,094,216 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/30 09:57:00 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2012/12/14 01:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/12/15 12:29:42 | 000,014,848 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011/09/07 17:43:26 | 001,125,488 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- E:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe -- (wsnm_usbctrl)
SRV - [2011/09/07 17:39:52 | 000,494,192 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- E:\Program Files\VMware\VMware View\Client\bin\wsnm.exe -- (wsnm)
SRV - [2010/01/09 19:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/12/07 16:01:12 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/11/17 16:37:21 | 000,129,600 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpnk.sys -- (rzpnk)
DRV:64bit: - [2014/10/31 18:27:07 | 000,037,184 | ---- | M] (Razer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rzpmgrk.sys -- (rzpmgrk)
DRV:64bit: - [2014/09/04 22:28:00 | 000,033,448 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzdaendpt.sys -- (rzdaendpt)
DRV:64bit: - [2014/09/04 22:27:58 | 000,031,912 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzvkeyboard.sys -- (rzvkeyboard)
DRV:64bit: - [2014/09/04 22:27:52 | 000,160,424 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2014/09/04 22:27:52 | 000,039,592 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2014/08/19 13:55:17 | 000,110,368 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2014/07/28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/07/17 17:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/01/28 13:37:55 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/12/06 16:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/12/06 15:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/09/24 09:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/06/24 12:36:45 | 000,032,320 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2013/05/31 09:53:12 | 000,222,200 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
DRV:64bit: - [2013/04/30 09:57:00 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2013/04/30 09:56:42 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2013/04/24 14:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/04/13 00:05:54 | 000,016,648 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2013/02/20 10:07:40 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/02/20 10:07:38 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/01/18 23:52:08 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2013/01/10 14:08:16 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/01/10 14:08:14 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/14 01:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/12/03 16:36:34 | 000,081,824 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/12/03 16:36:34 | 000,013,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/11/15 09:41:06 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 02:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 02:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 02:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/01/13 11:52:38 | 000,031,016 | ---- | M] (ASRock Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AsrRamDisk.sys -- (AsrRamDisk)
DRV:64bit: - [2011/12/15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/09/07 17:43:26 | 000,048,240 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmwvusb.sys -- (vmwvusb)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/26 16:11:06 | 000,023,048 | ---- | M] (ASRock Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsrVDrive.sys -- (AsrVDrive)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/12/30 09:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/11/18 06:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/08/05 07:59:48 | 000,987,648 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ucgnstax.sys -- (ucgnsta)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/04/30 09:57:00 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2012/08/01 15:44:04 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Razer\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 A3 A2 51 0A 38 CE 01 [binary data]
IE - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@muzzylane.com/SandstonePlayer: C:\Program Files (x86)\Muzzy Lane Software\Sandstone Player\npSandstonePlayer.dll (Muzzy Lane Software, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Lucas\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: E:\Program Files\VLC Media Player\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: E:\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Lucas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Lucas\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Lucas\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lucas\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lucas\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lucas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/07/10 07:38:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/07/10 07:38:22 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.8_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.9_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokahbgdhhcjfnjlfeiojfmgnoikpcco\1.3.1_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnninnhcleaikepmmomfnknbldalnjj\1.4.6_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.5.2_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000..\Run: [ASRockXTU] File not found
O4 - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000..\Run: [LightShot] C:\Users\Lucas\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000..\Run: [Spotify Web Helper] C:\Users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3937064695-4174873834-2997317461-1000..\Run: [zASRockInstantBoot] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lucas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Open Client to monitor &7 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &7 - C:\Windows\web\AOpenClient.htm File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: muzzylane.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: muzzylane.com ([]https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00E32CAB-F465-4B6D-9060-C11D4696C843}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wsauth) - C:\Windows\SysNative\wsauth.dll (VMware, Inc.)
O30 - LSA: Security Packages - (wsauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/12/07 15:32:23 | 000,033,405 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O33 - MountPoints2\{8853bff3-ce49-11e2-bfe8-fb8d46242347}\Shell - "" = AutoRun
O33 - MountPoints2\{8853bff3-ce49-11e2-bfe8-fb8d46242347}\Shell\AutoRun\command - "" = F:\SETUP.exe
O33 - MountPoints2\{942fec33-a4d8-11e2-b0df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{942fec33-a4d8-11e2-b0df-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AirNavi.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/12/07 17:24:37 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/12/07 17:21:22 | 001,707,646 | ---- | C] (Thisisu) -- C:\Users\Lucas\Desktop\JRT.exe
[2014/12/06 19:09:31 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2014/12/06 19:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2014/12/06 19:08:51 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Users\Lucas\Desktop\MGADiag.exe
[2014/12/06 19:03:32 | 000,509,440 | ---- | C] (Tech Support Guy System) -- C:\Users\Lucas\Desktop\SysInfo.exe
[2014/12/03 20:19:51 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Lucas\Desktop\dds.com
[2014/12/03 20:16:57 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\Lucas\Desktop\dds.scr
[2014/11/30 21:17:51 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Roaming\NuGet
[2014/11/30 20:28:59 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\Visual Studio 2013
[2014/11/30 19:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014/11/30 19:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
[2014/11/30 19:08:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 12.0
[2014/11/30 12:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NuGet
[2014/11/30 12:18:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NuGet
[2014/11/30 12:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
[2014/11/30 12:04:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2014/11/30 12:02:53 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2014/11/30 12:02:01 | 000,129,600 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\rzpnk.sys
[2014/11/30 12:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[2014/11/30 12:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2014/11/30 12:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 Express
[2014/11/30 12:01:39 | 000,037,184 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\rzpmgrk.sys
[2014/11/30 12:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[2014/11/30 11:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/11/28 22:36:40 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\Dolphin-x64
[2014/11/26 14:33:09 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\GSC
[2014/11/22 19:25:19 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\zen
[2014/11/20 03:23:06 | 000,009,728 | ---- | C] (Razer Inc.) -- C:\Windows\SysWow64\RzStats.IPC.dll
[2014/11/19 20:46:18 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\cockatrice
[2014/11/19 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\Lucas\AppData\Local\Cockatrice
[2014/11/19 20:41:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cockatrice
[2014/11/19 20:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cockatrice
[2014/11/18 21:28:25 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\inspiration
[2014/11/14 16:10:29 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Documents\Lightshot
[2014/11/12 15:38:18 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/11/12 15:38:18 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/11/12 15:38:18 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/11/12 15:38:17 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/11/12 15:38:17 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/11/12 15:38:17 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/11/12 15:38:17 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014/11/12 15:38:17 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014/11/12 15:38:15 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/11/12 15:38:15 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/11/12 15:38:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/11/12 15:38:15 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/11/12 15:38:15 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/11/12 15:38:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/11/12 15:38:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/11/12 15:38:14 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/12 15:38:14 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/11/12 15:38:13 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/11/12 15:38:13 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/11/12 15:38:13 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/11/12 15:38:13 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/11/12 15:38:13 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/11/12 15:38:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/11/12 15:38:12 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/11/12 15:38:12 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/11/12 15:38:12 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/11/12 15:38:12 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/11/12 15:38:12 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/11/12 15:38:12 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/11/12 15:38:12 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/11/12 15:38:11 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/11/12 15:38:11 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/11/12 15:38:11 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/11/12 15:38:11 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/11/12 15:38:10 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/11/12 15:38:10 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/11/12 15:38:10 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/11/12 15:38:10 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/11/12 15:38:10 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/11/12 15:38:09 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/11/12 15:38:09 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/11/12 15:38:09 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/11/12 15:38:09 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/11/12 15:37:46 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014/11/12 15:37:46 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014/11/12 15:37:46 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/11/12 15:37:46 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/11/12 15:37:46 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/11/12 15:37:46 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/11/12 15:37:46 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014/11/12 15:37:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/11/12 15:37:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/11/12 15:37:44 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/11/12 15:37:41 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/11/12 15:37:41 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/11/12 15:37:39 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/11/12 15:37:38 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/11/07 19:40:41 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\AffiliateEbookPart1
[2014/11/07 19:33:02 | 000,000,000 | ---D | C] -- C:\Users\Lucas\Desktop\Bank Simple (1.0)
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/12/07 17:29:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucas\Desktop\OTL.exe
[2014/12/07 17:26:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7fc52c4d0d55.job
[2014/12/07 17:21:27 | 001,707,646 | ---- | M] (Thisisu) -- C:\Users\Lucas\Desktop\JRT.exe
[2014/12/07 17:18:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3937064695-4174873834-2997317461-1000UA.job
[2014/12/07 17:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/07 16:52:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3937064695-4174873834-2997317461-1000UA1cecabbb27ddf70.job
[2014/12/07 16:26:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf29ad47bf989c.job
[2014/12/07 16:01:12 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/12/07 15:37:57 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/12/07 15:37:57 | 000,029,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/12/07 15:35:01 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/12/07 15:35:01 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/12/07 15:35:01 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/12/07 15:30:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/07 15:30:45 | 2054,619,135 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/07 15:25:35 | 002,153,472 | ---- | M] () -- C:\Users\Lucas\Desktop\adwcleaner_4.104.exe
[2014/12/06 21:52:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3937064695-4174873834-2997317461-1000Core1cf272315e0e483.job
[2014/12/06 20:30:18 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3937064695-4174873834-2997317461-1000Core.job
[2014/12/06 19:10:03 | 003,514,358 | ---- | M] () -- C:\Users\Lucas\Desktop\WVCheck.exe
[2014/12/06 19:08:53 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Lucas\Desktop\MGADiag.exe
[2014/12/06 19:07:32 | 000,025,088 | ---- | M] () -- C:\Users\Lucas\Desktop\codecheck.exe
[2014/12/06 19:04:59 | 000,468,480 | ---- | M] () -- C:\Users\Lucas\Desktop\CKScanner.exe
[2014/12/06 19:03:34 | 000,509,440 | ---- | M] (Tech Support Guy System) -- C:\Users\Lucas\Desktop\SysInfo.exe
[2014/12/03 20:19:54 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Lucas\Desktop\dds.com
[2014/12/03 20:17:01 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\Lucas\Desktop\dds.scr
[2014/12/01 20:02:31 | 001,890,951 | ---- | M] () -- C:\Users\Lucas\Desktop\Lakeside_Sunset_1920x1080.jpg
[2014/11/30 12:21:00 | 005,327,776 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/22 20:40:32 | 000,000,437 | ---- | M] () -- C:\Users\Lucas\AppData\Local\UserProducts.xml
[2014/11/22 19:28:16 | 000,000,556 | ---- | M] () -- C:\Users\Lucas\Desktop\zen.zip
[2014/11/22 19:20:47 | 000,002,012 | -H-- | M] () -- C:\Users\Lucas\Documents\Default.rdp
[2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/11/21 06:14:12 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/11/20 03:23:06 | 000,009,728 | ---- | M] (Razer Inc.) -- C:\Windows\SysWow64\RzStats.IPC.dll
[2014/11/17 16:37:21 | 000,129,600 | ---- | M] (Razer, Inc.) -- C:\Windows\SysNative\drivers\rzpnk.sys
[2014/11/14 14:17:03 | 000,090,099 | ---- | M] () -- C:\Users\Lucas\Desktop\math.jpg
[2014/11/14 14:08:21 | 000,001,049 | ---- | M] () -- C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/11/13 22:09:44 | 000,336,261 | ---- | M] () -- C:\Users\Lucas\Desktop\dog meme.png
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/12/07 15:26:04 | 002,153,472 | ---- | C] () -- C:\Users\Lucas\Desktop\adwcleaner_4.104.exe
[2014/12/06 19:09:59 | 003,514,358 | ---- | C] () -- C:\Users\Lucas\Desktop\WVCheck.exe
[2014/12/06 19:07:31 | 000,025,088 | ---- | C] () -- C:\Users\Lucas\Desktop\codecheck.exe
[2014/12/06 19:04:58 | 000,468,480 | ---- | C] () -- C:\Users\Lucas\Desktop\CKScanner.exe
[2014/12/01 20:02:31 | 001,890,951 | ---- | C] () -- C:\Users\Lucas\Desktop\Lakeside_Sunset_1920x1080.jpg
[2014/11/30 12:37:52 | 007,420,100 | ---- | C] () -- C:\Users\Lucas\Desktop\theweather.mp3
[2014/11/22 19:28:16 | 000,000,556 | ---- | C] () -- C:\Users\Lucas\Desktop\zen.zip
[2014/11/14 14:17:03 | 000,090,099 | ---- | C] () -- C:\Users\Lucas\Desktop\math.jpg
[2014/11/13 22:09:44 | 000,336,261 | ---- | C] () -- C:\Users\Lucas\Desktop\dog meme.png
[2014/11/07 19:47:29 | 005,937,526 | ---- | C] () -- C:\Users\Lucas\Desktop\Video Profit System.pdf
[2014/11/07 19:28:01 | 009,406,768 | ---- | C] () -- C:\Users\Lucas\Desktop\Lazy Paypal Sniper - zecok.com.mp3
[2014/11/07 19:28:01 | 000,098,540 | ---- | C] () -- C:\Users\Lucas\Desktop\Lazy Paypal Sniper Full Package - Zecok.com.pdf
[2014/11/07 19:28:01 | 000,043,418 | ---- | C] () -- C:\Users\Lucas\Desktop\How To Make Your Money Back In 3 Hours...and Make More Money - Paypal Sniper- zecok.com.pdf
[2013/12/06 16:44:26 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/07/26 13:19:55 | 000,000,220 | ---- | C] () -- C:\Users\Lucas\AppData\Roaming\mbam.context.scan
[2013/07/22 19:04:34 | 000,000,044 | ---- | C] () -- C:\Users\Lucas\jagex_cl_runescape_LIVE.dat
[2013/07/22 19:04:34 | 000,000,024 | ---- | C] () -- C:\Users\Lucas\random.dat
[2013/07/18 20:40:26 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2013/06/22 15:41:30 | 000,000,437 | ---- | C] () -- C:\Users\Lucas\AppData\Local\UserProducts.xml
[2013/06/06 19:09:03 | 000,000,045 | ---- | C] () -- C:\Windows\WF-2540.ini
[2013/05/07 17:48:27 | 000,000,132 | ---- | C] () -- C:\Users\Lucas\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/05/04 20:32:28 | 000,000,132 | ---- | C] () -- C:\Users\Lucas\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
[2013/05/01 18:18:54 | 000,007,168 | ---- | C] () -- C:\Users\Lucas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/13 09:23:17 | 000,001,456 | ---- | C] () -- C:\Users\Lucas\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/04/13 04:01:48 | 000,000,017 | ---- | C] () -- C:\Users\Lucas\AppData\Local\resmon.resmoncfg
[2013/04/13 00:51:14 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/04/13 00:46:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/04/13 00:06:16 | 000,000,003 | ---- | C] () -- C:\Users\Lucas\AppData\Local\user_data.ini
[2013/03/28 21:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/28 21:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2012/12/19 14:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/12/19 14:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/12/14 01:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 01:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 01:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 21:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 20:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/10/12 19:25:29 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\.minecraft
[2014/04/18 20:11:48 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\.purple
[2013/08/05 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\6179725
[2013/08/06 15:00:29 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\6401613
[2013/08/06 08:29:44 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\8948697
[2014/10/31 18:34:11 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Audacity
[2013/04/20 09:06:48 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Autodesk
[2013/04/19 11:14:47 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\BANDISOFT
[2013/11/30 20:06:19 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Battle.net
[2013/04/13 06:53:32 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/04/30 20:17:13 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Curse
[2014/07/08 13:23:11 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Curse Client
[2013/07/09 20:27:56 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\DiskSpaceFan
[2014/12/07 15:32:21 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Dropbox
[2013/06/13 14:10:51 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Epson
[2013/07/10 07:40:10 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\ESET
[2014/04/14 13:51:32 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Fatshark
[2014/03/07 19:15:45 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\FileZilla
[2014/07/31 21:57:20 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\GroovesharkDesktop.7F9BF17D6D9CB2159C78A6A6AB076EA0B1E0497C.1
[2013/04/20 09:13:59 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Gyazo
[2013/06/21 17:12:04 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\GZConnector
[2013/06/06 19:09:27 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Leadertech
[2014/02/17 17:09:38 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\library_dir
[2013/04/13 01:42:56 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\LolClient
[2013/05/05 10:47:16 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\MAXON
[2014/09/23 17:40:05 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\MMFApplications
[2013/05/03 19:38:27 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\MW3 FoV Changer
[2014/10/27 18:24:05 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Nidhogg
[2014/04/18 17:28:17 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Notepad++
[2014/11/30 21:17:51 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\NuGet
[2014/08/02 15:38:33 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\OBS
[2014/06/26 12:10:27 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\OmniCoin
[2014/08/19 18:09:53 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Oracle
[2014/02/17 21:00:00 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Origin
[2013/07/21 09:47:34 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\PDAppFlex
[2014/04/11 18:44:47 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Psi
[2013/05/03 18:13:44 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Publish Providers
[2013/12/22 12:13:06 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\QFX Software
[2013/04/23 17:33:34 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\raidcall
[2013/10/03 14:44:49 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Rainmeter
[2014/03/01 11:25:50 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Raptr
[2014/08/02 12:24:23 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\redsn0w
[2013/11/13 17:56:29 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Riot Games
[2013/05/23 15:59:11 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Sony
[2014/11/26 21:49:15 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Spotify
[2013/05/09 17:11:20 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/07/26 13:36:13 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\StepMania 5
[2013/07/08 10:58:30 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\TeamViewer
[2013/04/14 13:11:15 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\TechSmith
[2014/02/24 21:44:29 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Ubisoft
[2013/12/10 19:14:07 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Unity
[2014/12/06 19:01:03 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\uTorrent
[2013/06/06 13:57:30 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\Wacom
[2013/06/06 13:57:47 | 000,000,000 | ---D | M] -- C:\Users\Lucas\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

========== Purity Check ==========



< End of report >

Continued in next post because forum says I've exceeded the max character count.
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm

Re: Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 7th, 2014, 6:44 pm

E. OTL Extras logfile created on: 12/7/2014 5:32:46 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.88 Gb Total Physical Memory | 5.70 Gb Available Physical Memory | 72.24% Memory free
15.77 Gb Paging File | 13.48 Gb Available in Paging File | 85.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 11.27 Gb Free Space | 10.09% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 661.96 Gb Free Space | 71.06% Space Free | Partition Type: NTFS

Computer Name: LUCAS-PC | User Name: Lucas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3937064695-4174873834-2997317461-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "E:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Value error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files\VLC Media Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- E:\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files\VLC Media Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Value error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "E:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Value error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Program Files\VLC Media Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- E:\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Program Files\VLC Media Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Value error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07614A04-6F62-422B-9297-B4FBA1B8EB90}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0ECE7D8A-102A-4A23-A09B-56C79A9D7F79}" = rport=137 | protocol=17 | dir=out | app=system |
"{26AA87F6-4395-4AE2-A1E7-C76376E6E47B}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\wdexpress.exe |
"{2BC30D40-6FBD-44BC-9F2B-3A9575141877}" = lport=139 | protocol=6 | dir=in | app=system |
"{3B9F63F9-645A-4A1A-90C2-2CCC7A806431}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{4F22EFF5-24B9-4E97-BD6B-F5877CDCAD70}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{56201F28-BE52-4949-9024-9106F42908D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B8DC1CC-F500-421B-94BE-3C04A61CAF49}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{60ABB71A-91B0-4634-AACF-1E0A898CC215}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{767B3B5D-4D65-46F1-8EEC-0948482C5311}" = rport=445 | protocol=6 | dir=out | app=system |
"{7A9B4CA5-AB39-4160-8C39-E71710ED5E91}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7E2FB136-6762-40CB-AB60-E6B4BA2C8972}" = lport=138 | protocol=17 | dir=in | app=system |
"{800497EA-3D35-4993-B146-F5D9DE57688A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{858D1E3C-5BC7-42A1-9983-54081E258CC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86261E5A-E3DD-4042-92E3-3D010A4BB88B}" = rport=138 | protocol=17 | dir=out | app=system |
"{86DC425A-7965-43EC-84A2-BCF2A1F183C4}" = rport=139 | protocol=6 | dir=out | app=system |
"{8CD32264-7577-4D7D-94D5-80C61BFEF6FF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{976E8CFE-9EB9-4CEB-9390-AB865A28BA94}" = lport=445 | protocol=6 | dir=in | app=system |
"{BC9F5C1D-87D0-4824-9AB9-F4F17B151F6C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{C11E9D23-90B5-4CD2-8A9F-ADE1875E9AAB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D2CF5180-9768-439C-B286-F143B730ECCA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC6DCDE9-4A5E-426E-80E2-D17E051D28F5}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\wdexpress.exe |
"{E1031B4D-3A10-477F-8E84-62AF7B91C77B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E8B87C6E-C060-412B-A42D-5298F847C215}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EA8E318F-851B-413B-B98F-D43541702792}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{ED536339-B82E-4D08-B6EC-D26BBA2EA3BA}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{030323D4-5CEC-4DBC-9EB4-D28B2027BDCE}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{04B23098-E7B6-4745-911C-53652410890C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{05502BBC-29BC-43AF-8A71-72410AA8743A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{05CE6223-4F2B-4869-A41A-1D666C0367A7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{062EA981-DC59-4C62-88AF-ACE80CF73B88}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{07AA0BE5-2F03-4AE5-B315-188A561DF7A7}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\just cause 2\justcause2.exe |
"{08551E88-4AA6-41C8-8EB5-7870F3303B8B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{0A7A201E-1FB7-469B-965F-FC5C6F7B8BFD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0A7B37A2-F41D-47F4-8629-BA711AD3084C}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\blade symphony\berimbau.exe |
"{0B02C9E4-8496-4D12-B23D-91DB16349531}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0C0DE3C7-FD25-4C49-88ED-546BD363CFC5}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{0D451180-FC6C-418A-A82F-C901A6C46A01}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
"{0DBDA5C2-B199-4B40-9872-0A464DA1B363}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0E37920F-2B13-4E06-8A16-9BEEA6EFC104}" = protocol=17 | dir=in | app=c:\users\lucas\appdata\roaming\utorrent\utorrent.exe |
"{0FAE49BA-AB7B-43A9-BA92-DCA565E6A61F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2426\agent.exe |
"{104D9410-C988-430F-A6AB-809F0D4E6F1A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{131B32C7-C83E-49AD-9674-64C4667C0506}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{15FBE8A9-E747-4C5D-A8B9-40F4351C2FA2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{16348781-1B4E-4087-80CC-AC544B4377E9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2426\agent.exe |
"{169CCADB-E72A-441E-9CE5-ED690B910754}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{17950596-392E-4D74-997E-C5742914D184}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\garrysmod\hl2.exe |
"{19C37391-9BE0-4178-B339-548903EB1FB5}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{1B2594C0-762F-4836-840D-65A8F931DEFD}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\trialspc\datapack\trialsfmx.exe |
"{1B9B5DFD-E730-4FDF-8631-8EE2399B1A07}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{1BDB9493-3F0D-45EC-84FD-36CA3777D4D6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{1D227D7B-20B5-40D1-82E9-A78327EE184F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1E0538BA-9665-4E95-80FF-857AE77E27C5}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tec3001\tec3001.exe |
"{21672BEE-2479-4D61-85CD-09DCF79FB05C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2581\agent.exe |
"{22C57924-6E00-48AE-BBD0-6AD5A43318BE}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\nidhogg\nidhogg.exe |
"{230E9222-E521-47E5-A8F4-6B31E6A0367A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{23FA0291-3B03-444E-AC3F-6DD187F8204C}" = protocol=6 | dir=out | app=system |
"{24B5DD6E-498B-47FA-9AB2-41E3529D6897}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{27891EF9-E23C-4942-A3BD-EF685C0A3B4B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2514\agent.exe |
"{28703EEB-C1A5-425B-A3AF-69CCF3CE80C3}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{28BF452B-9879-4335-B82E-690787FD492D}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\war of the vikings\run_game.exe |
"{28F239EE-C9D5-416A-8A12-D4C7AB851119}" = protocol=17 | dir=in | app=e:\program files\starcraft ii\starcraft ii\starcraft ii public test.exe |
"{2CE37926-17BC-4B6C-961C-024A267DF70A}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{307B9569-3AE6-44A3-9569-D337979F465B}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\war of the vikings\run_game.exe |
"{314AB059-7021-45FB-B8D1-7AA134134916}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38E59D5A-F010-4B96-9692-48346939E315}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3958B3FE-7CF4-4F99-9AFF-D96958D8BA2A}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\trialspc\datapack\trialsfmx.exe |
"{39DC528C-44C5-4DFF-8D13-5F4B13853105}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe |
"{3B69869C-AB33-49E5-80C9-2626043145E3}" = protocol=6 | dir=in | app=e:\program files\vmware\vmware view\client\bin\wswc.exe |
"{3C77BF78-6C82-4AF4-8AF7-037A897CD893}" = protocol=6 | dir=in | app=e:\steam\bin\steamwebhelper.exe |
"{3D11454D-76C7-4C92-AFFA-87AD5A22BE54}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{3F0BC0C3-C00E-4531-AC61-7E4A5687FAC8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{40E5B1F4-BF48-459F-9DF0-626E5FA5D407}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{417D9E99-0EBE-48A5-8C70-BB26CC4D7D9C}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{41D90867-2EE3-46FF-968D-656828B7E011}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\trialspc\datapack\trialsfmx.exe |
"{432DC6C7-5699-40DA-9568-8C2F26DC11A4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{443EA97F-2AAF-480A-BB84-18C82EA93723}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{445C650B-065F-4E04-8B67-8F7E8269D9C0}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe |
"{452D498D-3857-4520-8B1C-A4F8F7AD1AAF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{455566CD-5197-4A04-A016-1D13014FFEE2}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{45CA908C-2216-497F-9B84-FE368014DD6C}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{45F8C82A-13DC-4950-8D84-794241E0D059}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{46230C1F-D600-4AED-B087-5E0A135E9CF1}" = protocol=17 | dir=in | app=e:\steam\bin\steamwebhelper.exe |
"{47647EDE-BEB6-4FCE-B3AB-A8D4A30790B8}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\trialspc\datapack\trialsfmx.exe |
"{4A389C0C-299A-4828-927F-67C6484BCA54}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\rust\rust.exe |
"{4A72819B-1816-4B91-A5D4-883A1E1344C2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{4C55BA88-284D-4133-AF47-2632DAAEDA3D}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{4DC5CAE1-EB32-4EFE-85BF-714278B7779C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{4F54E552-4026-4963-BBA7-48DC0AC2F4F8}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{562D6F79-C08A-443F-810F-7DF945485161}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{57936BBF-CEF5-4507-8BC2-E260683B758C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{57E9B00B-6B61-49BD-8A2D-9C52DEA11ADF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\rust\legacy\rust.exe |
"{58F0C273-9AED-4378-9574-B203DFE54D7B}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\five nights at freddy's\fivenightsatfreddys.exe |
"{5A4CE915-901A-4C13-8D91-5189483F2DBE}" = protocol=17 | dir=in | app=e:\program files\starcraft ii\starcraft ii\starcraft ii.exe |
"{5A935C0C-1DBF-4409-8EFD-C506AA12D73F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{5C3F7C21-2233-4D86-B8B2-3DF37F2ACF73}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty 4\iw3sp.exe |
"{5DA44E2D-9BB8-4F1D-AFB4-F8AB79709AB7}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{5E963CEE-D7A6-4FDA-AABF-327E04AD314C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2581\agent.exe |
"{5F33E887-4853-4B4E-BE4A-8C92C2A032BD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{5FEAC39E-94A0-4344-8DCC-E96396F5C3C7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{5FF00384-3D3B-49ED-9A4D-39B4C39535FF}" = protocol=17 | dir=in | app=e:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{61D3CB10-30ED-4A28-9281-692FF7636823}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\garrysmod\hl2.exe |
"{6310B10D-610F-4234-BA5F-3314B558D746}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6342947D-4416-4471-926F-616A3FA455F4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{63E743D4-6D6B-451E-BC9B-7B0867CC7EE4}" = protocol=17 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe |
"{66FC18D0-EEA9-495C-93E2-9488D46699AF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\rust\rust.exe |
"{696E3018-BE20-47E4-B0A1-716914442150}" = protocol=6 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe |
"{6AF9422D-9F72-471E-89B1-94842E193901}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{6C649E4D-D73C-43F6-9ED9-87EE2A2A93AE}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{6FB4F39D-299C-40A9-A895-C812B624A739}" = protocol=17 | dir=in | app=e:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{72DF9030-EE61-4EAD-BEFE-4C7D59DE99B9}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\rust\experimental\rust.exe |
"{79D4EEFD-3EF5-4525-9027-DF97A5434302}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{7AFD6720-F510-48FC-8F37-D0BC287EA6C2}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\counter-strike source\hl2.exe |
"{7B3FCD3C-9E65-4AF8-B3EF-94CF854FA186}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7BCD7187-7404-4772-8897-873C96090A3B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{7EDD2865-7625-41F1-8665-61AD450DD3C2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{832D8620-1299-479E-ADF7-B07F912157DF}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\just cause 2\justcause2.exe |
"{83D6DC8B-2F2C-42C1-A395-738C09F9B3B5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{8440898B-6421-40BA-B276-8E0C2047ACE8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{852FFDF0-CFE1-4A87-B236-CB99C42300DA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8588F497-1193-4038-ADB8-BA30F5F25AC0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{878F1364-B241-4CCD-8FF1-F66F15317C49}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{88F3AC7C-1223-4C69-869D-7BFCD7167B9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8DBED891-D71E-4F26-A460-664FDDDBF5AA}" = protocol=6 | dir=in | app=e:\program files\starcraft ii\starcraft ii\starcraft ii.exe |
"{902762E5-BA0D-4D14-9DA2-51EF35C5D825}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{92053871-9A2E-4F3D-94CA-E80F0CD81167}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{928852BF-51AB-4DC1-91B5-D26A6952B1E2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{9802CB10-ED7E-47C9-B139-88EA64A6ECAA}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\blade symphony\berimbau.exe |
"{98A08034-D1AD-480F-B235-705771002F36}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{990DD337-BC16-448B-9461-7AAA1D35F907}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tec3001\tec3001.exe |
"{99779DAD-717C-40A9-914F-AAC36E81E9E2}" = protocol=17 | dir=in | app=e:\program files\vmware\vmware view\client\bin\wswc.exe |
"{9A935D5F-75DF-41B5-B6CC-995F36A14820}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{9AE4A6DF-94F5-4775-B740-3C0C802FF26E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{9C46E4A3-DF54-4DAE-800E-474B77EC2BFF}" = protocol=6 | dir=in | app=e:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{9D7C1832-DD16-4306-8994-AD4329E95D31}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{A462D9CC-B6D3-479A-B4CA-787FB75C661F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{A5A0015E-40EE-4A67-B752-59F9B3DEBFEA}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{A5F592F6-A7F1-4B89-84EB-F58F1C7640E8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\counter-strike source\hl2.exe |
"{A8A2FBFF-F842-4F56-A7B3-B278A9F07051}" = protocol=6 | dir=in | app=e:\program files\vmware\vmware view\client\bin\wswc.exe |
"{A937C027-25B2-4690-BF9E-4E6C2033E123}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{A944FD41-B39F-4AC6-B452-95DB49482293}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{AB58D8D8-1406-4064-B838-B760FFD5F376}" = protocol=6 | dir=in | app=c:\users\lucas\appdata\roaming\spotify\spotify.exe |
"{AC4804F5-1FBC-4C34-8088-56A322E9055E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AF8A4FE2-2D07-4CBA-BC5A-BD555226E027}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AF9131AD-4B65-4764-B53D-7B26B3F93E1C}" = dir=in | app=c:\users\lucas\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{B4BE756D-99A9-436C-8385-DF1919E9BCBF}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\nidhogg\nidhogg.exe |
"{B535D24E-D699-4C0C-9671-AAEA203A990D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B6990A49-20B5-485A-BE93-6ADFEDB89A39}" = protocol=6 | dir=in | app=e:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{B77A0C88-DB14-4FF1-9A6D-6F22008D1BED}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2737\agent.exe |
"{BA79ECC9-CE33-41D2-9E2F-39636354ABF2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCABB786-DC21-44E4-B6E2-F8B2124F3CC2}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{BE825851-3450-42F8-A484-9B5F8B7E48BC}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\rust\rustlauncher.exe |
"{C2C07F04-8259-4CB5-8BB2-8DBDA2F41D87}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\arma 2\arma2.exe |
"{C451883E-F498-47FC-838D-3F6900EC4710}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{C6848EE0-2163-4F73-9785-1161225EB60D}" = protocol=17 | dir=in | app=c:\users\lucas\appdata\roaming\dropbox\bin\dropbox.exe |
"{C7FDB1A3-132B-4A7F-A7C9-3D0B2627C1AC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3526\agent.exe |
"{C8A533B7-B1CC-470B-9FA3-6700F91345AF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\rust\rustlauncher.exe |
"{C8BE5D8E-C6E3-41FF-9B83-0DB9FF8B687E}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\arma 2\arma2.exe |
"{CBCF5890-FD7E-46D6-A734-39F93413282B}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{CF5CA33B-2BF5-46E3-8AD4-F8BA5D578E82}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3526\agent.exe |
"{CFC8AFB4-5A8D-4DC6-92DE-C04EC34E2F18}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2FA220A-8192-4926-99BC-23951527E5CD}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\arma 2\arma2.exe |
"{DB19BB41-FC92-4EEF-A45E-21B8BB263EFB}" = protocol=6 | dir=in | app=c:\users\lucas\appdata\roaming\dropbox\bin\dropbox.exe |
"{DE56DCDD-488C-4A8E-ABDE-834F9A60BD98}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2391\agent.exe |
"{DE5B7312-EAC8-4311-B0E8-ED67A52BB74D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{E014AD13-737A-4FDA-B12D-8459309206A6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2737\agent.exe |
"{E056CC7E-BCB1-461C-8918-4D8520F081B2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{E2A2A681-26AD-49CE-9880-AE88EF86D241}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\rust\experimental\rust.exe |
"{E390EB15-85E8-4DFC-B5CC-D30691A2275C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{E4C283C3-CA6C-4670-8743-DC582E427994}" = protocol=17 | dir=in | app=e:\program files\vmware\vmware view\client\bin\wswc.exe |
"{E56D25AA-CDCF-4F14-AF0B-5AB890D529D3}" = protocol=6 | dir=in | app=e:\program files\starcraft ii\starcraft ii\starcraft ii public test.exe |
"{EBBBF9C8-22B4-42F0-8623-58B763C42027}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\rust\legacy\rust.exe |
"{F0F4D025-E1FF-4784-B093-66A22D8F2A87}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{F172D626-4284-4FBE-8359-588C034BBDC7}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{F1EF64FE-F779-46F3-AA9C-A38FBECCC7F6}" = protocol=6 | dir=in | app=c:\users\lucas\appdata\roaming\utorrent\utorrent.exe |
"{F41CB14A-1FD8-468E-BEAA-572D6CF9F427}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{F4ED7B8E-D1E4-4839-AE05-D294026F94AA}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\arma 2\arma2.exe |
"{F6DF9A50-0772-46CA-B250-3839A435D487}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{F7571D2E-263C-4737-8C0B-D6FE29A7F732}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\five nights at freddy's\fivenightsatfreddys.exe |
"{F7DCD387-D30D-49B1-A81F-8DCFE31EE32B}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{F8428068-506F-428A-97A2-B0A5B77BE939}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F8CCC632-BB45-4CCC-B7A3-1671275D974E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FA0855C3-F5E4-407F-BCD0-FB44AB81AD86}" = protocol=17 | dir=in | app=c:\users\lucas\appdata\roaming\spotify\spotify.exe |
"{FE03CB1B-BCDD-4CEB-A659-72E4FF7524D4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{FEF8EE46-BB02-4385-AF30-871A9700340D}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{FFD277E1-D7ED-43D1-AEF0-E56C904C8EFB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
"TCP Query User{084626AB-31F1-4DB6-8CF4-A285886291CB}C:\programdata\battle.net\agent\agent.3023\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"TCP Query User{13819B9A-6732-4891-810E-891A4C46CB8B}C:\programdata\battle.net\agent\agent.3478\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3478\agent.exe |
"TCP Query User{2535B14B-F01F-4276-8A99-DA632DFF5F3F}E:\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"TCP Query User{2A519FB5-B809-49D3-95CC-7A57FA4AC699}E:\program files\starcraft ii\starcraft ii\versions\base28667\sc2.exe" = protocol=6 | dir=in | app=e:\program files\starcraft ii\starcraft ii\versions\base28667\sc2.exe |
"TCP Query User{37AAD554-B3EE-4544-95D7-5C5954716B8F}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{54C856D3-AE1E-4BA9-AF35-52FBEA71E13D}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{6095B915-836D-49CD-913E-D10DF81A7842}C:\users\lucas\appdata\local\iw4m\iw4m.dat" = protocol=6 | dir=in | app=c:\users\lucas\appdata\local\iw4m\iw4m.dat |
"TCP Query User{60D8EC7C-33A4-4898-9B69-6177A3746FC7}C:\program files (x86)\psi\psi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\psi\psi.exe |
"TCP Query User{6951A58F-EBC6-42E9-89B8-4D6D0FE12C06}E:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=e:\program files\skype\phone\skype.exe |
"TCP Query User{75D2F008-C01D-4594-AB2B-163D96A10644}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{7BA28D2E-0F68-4EA5-9F57-4C0DFBA75408}C:\programdata\battle.net\agent\agent.3372\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3372\agent.exe |
"TCP Query User{7CE3EA0A-9910-4869-AFE4-C933970DAA3C}E:\program files\starcraft ii\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=e:\program files\starcraft ii\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{81DD505B-0742-484C-99C5-A45B69AF51FC}C:\games\stepmania 5\program\stepmania-sse2.exe" = protocol=6 | dir=in | app=c:\games\stepmania 5\program\stepmania-sse2.exe |
"TCP Query User{88F45EA2-8FAE-4BDE-AB56-476647309FB2}C:\users\lucas\desktop\omc\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\lucas\desktop\omc\omnicoin-qt.exe |
"TCP Query User{8CF5BA7B-3952-4CA3-A5EB-20CAB70E08F5}C:\users\lucas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\lucas\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{94C59B96-4FCD-4C64-B1E9-63B22018433C}E:\steam\steam.exe" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"TCP Query User{9AAA565D-65E8-4111-9A8E-38D87E768D6D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{9FCED074-195E-44FE-A079-BFE6CC6D977B}C:\users\lucas\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lucas\appdata\local\akamai\netsession_win.exe |
"TCP Query User{A4957774-39E0-4459-A4E2-7E87C1399A7F}E:\steam\steamapps\common\call of duty 4\iw3mp.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty 4\iw3mp.exe |
"TCP Query User{A6E894C0-BC6C-478A-A235-68E74F71467A}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{AAC24262-84B5-448D-BBF2-3FEB6B6E5973}C:\programdata\battle.net\agent\agent.3182\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"TCP Query User{AD488FCF-E0ED-47A5-99D6-328C17D60B4D}C:\users\lucas\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\lucas\appdata\local\akamai\netsession_win.exe |
"TCP Query User{B253CA01-79CA-4C24-914D-3372220398E8}C:\programdata\battle.net\agent\agent.3454\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3454\agent.exe |
"TCP Query User{B46F0F2B-EAD9-4A16-91F7-44B74469B9F2}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{B6596FAA-16E0-4B5E-98CB-D9B7045F0BD3}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{C5269C8D-2B85-4650-BE8F-1AAE4573D8D7}C:\users\lucas\desktop\ts3musicbot_v3.3_windows\system\app\virtualbox\virtualbox.exe" = protocol=6 | dir=in | app=c:\users\lucas\desktop\ts3musicbot_v3.3_windows\system\app\virtualbox\virtualbox.exe |
"TCP Query User{D1C9CCA7-53A9-4656-B0B5-DD07B422414D}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{E5801C64-DEF5-4B36-AB7D-CF4B2F29CADC}C:\users\lucas\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\lucas\appdata\roaming\spotify\spotify.exe |
"UDP Query User{06DB14D6-41E4-413C-954B-6D07D6683C7D}C:\programdata\battle.net\agent\agent.3023\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"UDP Query User{0E377692-BA95-4A4E-A3A3-77CB682EAC5D}C:\games\stepmania 5\program\stepmania-sse2.exe" = protocol=17 | dir=in | app=c:\games\stepmania 5\program\stepmania-sse2.exe |
"UDP Query User{14019A64-856D-4678-88F5-6C8408346D6E}C:\users\lucas\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lucas\appdata\local\akamai\netsession_win.exe |
"UDP Query User{16153DC1-A71F-4ED3-82AF-682EB79DBE48}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{163B0513-2C74-4C42-8531-E53E6D192FF9}C:\users\lucas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\lucas\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{18B8BD98-7D45-49D0-871F-AFBFBE20E7F2}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{190CABB5-C7AA-44DC-B157-BA603A8F1C67}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{1DBBCA62-6C27-4A46-9F13-2A4B340DE204}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{1FA6ECAE-E2AC-4ECE-B923-08922B03B9CC}C:\users\lucas\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\lucas\appdata\roaming\spotify\spotify.exe |
"UDP Query User{2DA77667-8EC6-4713-AF61-88813F09CD78}E:\steam\steamapps\common\call of duty 4\iw3mp.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty 4\iw3mp.exe |
"UDP Query User{3A44C80E-A6A7-4651-8286-72D0157A161E}C:\programdata\battle.net\agent\agent.3478\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3478\agent.exe |
"UDP Query User{3B5F136F-15C6-43E4-8262-BA549EED1EDE}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{3D926C3B-91E3-459E-ACD5-612DCD390A49}E:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=e:\program files\skype\phone\skype.exe |
"UDP Query User{514CA188-1300-4D33-A8D1-400EFD9AB492}C:\programdata\battle.net\agent\agent.3372\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3372\agent.exe |
"UDP Query User{55558F3E-66C1-49AE-84FD-FE4717729FA8}C:\users\lucas\appdata\local\iw4m\iw4m.dat" = protocol=17 | dir=in | app=c:\users\lucas\appdata\local\iw4m\iw4m.dat |
"UDP Query User{610E2AF5-AC4B-42EF-81B6-901C49E36AEF}E:\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"UDP Query User{985B889E-98BF-4EB8-882F-478B2D27A6D7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{9900B5FB-1659-4836-AA69-F9502B22807E}E:\program files\starcraft ii\starcraft ii\versions\base28667\sc2.exe" = protocol=17 | dir=in | app=e:\program files\starcraft ii\starcraft ii\versions\base28667\sc2.exe |
"UDP Query User{A11BC570-F287-49FC-A188-71D646A6CE69}C:\program files (x86)\psi\psi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\psi\psi.exe |
"UDP Query User{A92592AD-2627-40E1-8DBC-15E12A7501A6}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{AA7D219A-B726-44DD-95A2-063E8C8D328B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{AA923CFC-E103-4AE8-A6EB-CEBB7992B43B}E:\program files\starcraft ii\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=e:\program files\starcraft ii\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{AB9A0E4C-BF7C-474D-8A57-6B3F0094896C}C:\programdata\battle.net\agent\agent.3454\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3454\agent.exe |
"UDP Query User{B4694E4F-F4CC-4EF6-BC69-365CCD821D30}C:\users\lucas\desktop\ts3musicbot_v3.3_windows\system\app\virtualbox\virtualbox.exe" = protocol=17 | dir=in | app=c:\users\lucas\desktop\ts3musicbot_v3.3_windows\system\app\virtualbox\virtualbox.exe |
"UDP Query User{BA318813-1EAA-4804-92A7-5AE05B633C4D}C:\programdata\battle.net\agent\agent.3182\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"UDP Query User{E2613A0F-CA76-4EBD-A280-2ECB9CE51E57}C:\users\lucas\desktop\omc\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\lucas\desktop\omc\omnicoin-qt.exe |
"UDP Query User{EA8BFD23-3074-4BD9-B675-5D9DFD86EC37}C:\users\lucas\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\lucas\appdata\local\akamai\netsession_win.exe |
"UDP Query User{FC70393B-A6DB-4021-B8BB-AA9AB065B6A6}E:\steam\steam.exe" = protocol=17 | dir=in | app=e:\steam\steam.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020CDFE0-C127-4047-B571-37C82396B662}" = Microsoft SQL Server 2014 Transact-SQL ScriptDom
"{04573C2A-8756-E9F0-7878-C6029F6C7F25}" = AMD Drag and Drop Transcoding
"{05FF8209-C4F1-4C77-BC28-791653156D20}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}" = Microsoft SQL Server 2014 Management Objects (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}" = iTunes
"{308051DA-0048-7A07-FE8B-9B6EC119A9E8}" = AMD Catalyst Install Manager
"{30B7A7A6-D519-3332-BEB3-D105EFC7389A}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU
"{33B4C199-3463-30E8-B3D2-A0793DAC3607}" = Microsoft Team Foundation Server 2013 Update 4 Object Model Language Pack (x64) - ENU
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}" = Microsoft SQL Server 2012 Management Objects (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}" = Windows Software Development Kit DirectX x64 Remote
"{54C5041B-0E91-4E92-8417-AAA12493C790}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{5783F2D7-B028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2013
"{58FED865-4F13-408D-A5BF-996019C4B936}" = Microsoft SQL Server 2012 Command Line Utilities
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60391499-BB97-3FC7-9F17-2BF560DCE231}" = Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU
"{6C026A91-640F-4A23-8B68-05D589CC6F18}" = Microsoft SQL Server 2012 Express LocalDB
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{72EF03F5-0507-4861-9A44-D99FD4C41418}" = Paint.NET v3.5.11
"{7818198F-3A26-442D-B34D-1664D3ABC979}" = Microsoft Visual Studio 2013 Diagnostic Tools - amd64
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{792A9A32-718A-40D1-9867-A903F76AE2F8}" = Eco Materials Adviser for Autodesk Inventor 2013
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{7F4DD591-1764-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2013
"{7F4DD591-1764-0001-1033-7107D70F3DB4}" = Autodesk Inventor Professional 2013 English Language Pack
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C06D6DB-A391-4686-B050-99CC522A7843}" = Microsoft System CLR Types for SQL Server 2014
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{96F4525A-470D-F15C-796E-58D9988C3E5F}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A528BDDE-9C9F-11E2-9F0C-F04DA23A5C58}" = MSVCRT Redists
"{A5FF48A6-9056-3C1B-99C4-804BACB34F9D}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{A6BA243E-85A3-4635-A269-32949C98AC7F}" = Microsoft SQL Server 2012 Data-Tier App Framework (x64)
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AAFF73AD-3432-3575-ABD1-14E48EF2F4CB}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610
"{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}" = Microsoft SQL Server 2014 Express LocalDB
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AEF57B06-B494-8180-AFC7-05EFB1DB2B64}" = ccc-utility64
"{B74B199A-EDD4-B657-E055-327D454402D2}" = Windows Software Development Kit DirectX x64 Remote
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BD1BCEF8-5CD6-D8ED-7D36-31C2172076EA}" = AMD Media Foundation Decoders
"{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}" = Apple Mobile Device Support
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{C0DE47ED-AFAF-3B17-8268-D5BFDEC404A8}" = Microsoft Team Foundation Server 2013 Update 4 Object Model (x64)
"{C596D608-3E74-3232-8CA5-DF1DCB9F10DE}" = Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005
"{CC1F74DF-058F-406C-BC7D-F14D6E5F7CBD}" = Build Tools - amd64
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D25FF5C1-1764-469A-9794-69309387C193}" = Autodesk Inventor 2013 Quick Uninstaller
"{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}" = Microsoft SQL Server 2012 Native Client
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D5A1DA10-4A73-49A3-9C8A-C8CE9797DBBE}" = VMware View Client
"{E43BBAEB-4914-44C6-88C0-E7A1DBD20A91}" = Build Tools Language Resources - amd64
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{ED273D26-E354-1A5B-A0D0-CB5258D43BD2}" = AMD Wireless Display v3.0
"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync
"{F778BE47-F12E-36E1-8D6F-BD2FEF779F22}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{FCC4426F-0296-D30D-729C-E76C8E7252C7}" = AMD Accelerated Video Transcoding
"ASRock 3TB+ Unlocker_is1" = ASRock 3TB+ Unlocker v1.1
"ASRock RapidStart_is1" = ASRock RapidStart v1.0.6
"ASRock SmartConnect_is1" = ASRock SmartConnect v1.0.6
"ASRock XFast RAM_is1" = ASRock XFast RAM v2.0.9
"CCleaner" = CCleaner
"CyberGhost VPN_is1" = CyberGhost VPN
"DWG TrueView 2013" = DWG TrueView 2013
"EPSON WF-2540 Series" = EPSON WF-2540 Series Printer Uninstall
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Pen Tablet Driver" = Wacom
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Virtual Audio Cable 4.14" = Virtual Audio Cable 4.14
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0398BFBC-991B-3275-9463-D2BF91B3C80B}" = Microsoft Help Viewer 2.1
"{046B79EE-7ED3-37A4-621A-FE297EF484C2}" = CCC Help Greek
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}" = Microsoft SQL Server 2012 T-SQL Language Service
"{070C38AC-05CE-43DF-9A20-141332F6AB2B}" = Microsoft System CLR Types for SQL Server 2012
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09412B73-6159-40D6-B0B9-C11B30A7531E}" = Microsoft Visual Studio 2012 Preparation
"{0B698858-DAB0-4F9E-A10A-125B274EDA06}" = Microsoft Visual C++ x64 Libraries
"{0B6F9FD2-E845-4938-B6EA-F643413F5BBF}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}" = Blend for Visual Studio SDK for Silverlight 5
"{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}" = Google Talk Plugin
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}" = TypeScript Tools for Microsoft Visual Studio 2013
"{10CB5DDD-38E1-2EB2-F62C-C1948A99943E}" = AMD Catalyst Control Center
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{1194740D-0DB8-A508-31BA-E722597B4516}" = Catalyst Control Center Graphics Previews Common
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{17004FB0-9CFD-43DC-BB2D-E2BA612D98D0}" = GeekBuddy
"{19A5926D-66E1-46FC-854D-163AA10A52D3}" = Microsoft .NET Framework 4.5.1 SDK
"{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1BE2AFE6-209E-3862-AE45-DA9D3D21BD65}" = Microsoft Visual Studio Express 2012 for Windows Desktop
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1F1AA110-D758-30C1-A1B4-5484C72BCACE}" = Microsoft Visual Studio Express 2013 for Windows Desktop - ENU
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FB16E3B-3AFB-46CB-6E83-2F5A0CF4ED16}" = Catalyst Control Center Localization All
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{205A8E25-7ABE-30AB-929E-80A63A7AFBE3}" = Microsoft Portable Library Multi-Targeting Pack
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{21373064-AD95-48DB-A32E-0D9E08EF7355}" = Prerequisites for SSDT
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{222C5507-AC43-388F-808E-2266EC57E043}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.21
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 67
"{2774595F-BC2A-4B12-A25B-0C37A37049B0}" = Microsoft SQL Server 2014 Management Objects
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{28C7344F-E894-4CF5-8D05-EDC7ED71796C}" = Behaviors SDK (Windows) for Visual Studio 2013
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{2E3A81FB-7952-F8CB-9AD5-50544E2F4838}" = CCC Help Czech
"{2F7DBBE6-8EBC-495C-9041-46A772F4E311}" = Microsoft SQL Server 2012 Management Objects
"{32939827-d8e5-470a-b126-870db3c69fdf}" = Python 2.7.1
"{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}" = Prerequisites for SSDT
"{37464E70-B0B9-9DFF-649A-CBE169BAD657}" = Windows Software Development Kit for Windows Store Apps
"{37E53780-3944-4A6A-842F-727128E8616E}" = Blend for Visual Studio SDK for .NET 4.5
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3F29268A-F53A-4387-9F2B-E9368A823178}" = Entity Framework Designer for Visual Studio 2012 - enu
"{4172E797-CE12-AC47-05B7-0E48BDB33E75}" = CCC Help Russian
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{4428AEE6-FA5E-2913-8D12-B410E85E11AA}" = CCC Help Spanish
"{44F72193-F59C-4303-BAE8-E3E4BC1C122C}" = Epson Event Manager
"{4781443E-204D-4D98-8899-18A123C13B1E}" = Microsoft C++ REST SDK for Visual Studio 2013
"{47D08E7A-92A1-489B-B0BF-415516497BCE}" = Microsoft SQL Server 2014 T-SQL Language Service
"{492FCC0B-45E1-383A-A2CF-9E7F305AC200}" = Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU
"{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}" = Camtasia Studio 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE57014-05C4-4864-A13D-86517A7E1BA4}" = Microsoft .NET Framework 4.5 SDK
"{4AEB505C-95E1-4964-9B64-8D27F3186D30}" = Microsoft System CLR Types for SQL Server 2014
"{4F2B8233-35EE-4197-8C3B-EACCBF712029}" = Microsoft SQL Server Data Tools - enu (11.1.20828.01)
"{4FF1533E-FF2C-A04A-25DD-A8AEC6FA106B}" = CCC Help Chinese Standard
"{5411060C-8F8C-393D-8D3B-26AF2C92FABB}" = Microsoft Visual Studio 2013 Shell (Minimum)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56AD3004-0B49-967F-F682-B05650B61A78}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}" = Behaviors SDK (Windows Phone) for Visual Studio 2013
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D5CFAD6-9F93-8C63-3EB0-B6A0D3D4BD12}" = Windows Software Development Kit
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{6071CB80-DABC-B10D-F244-7F410FB3B150}" = CCC Help Polish
"{6098D454-CB7B-44C2-8615-D869FD9655C7}" = TypeScript Power Tool
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62910715-63E3-0AB0-0B29-99140DE1C15E}" = LocalESPC
"{63059735-CA97-FDFB-0E7A-3B8D81572EFD}" = Application Profiles
"{6343B6BA-F97F-B336-9ED8-FFD43776E84D}" = CCC Help Finnish
"{64484316-E4BA-38B3-8954-0358522A8D40}" = Microsoft Visual Studio Express 2013 for Windows Desktop
"{66FFC445-6EB0-3D02-95D7-925E3050FFB8}" = Microsoft Visual Studio 2013 XAML UI Designer - ENU
"{6781FF9B-E87D-4A03-9373-A55A288B83FA}" = Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
"{678800C0-D94E-4513-89CB-478F2B781A0B}" = Microsoft Visual C++ 2013 x86-x64 Compilers
"{6A0C6700-EA93-372C-8871-DCCF13D160A4}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
"{6C06FEE9-C64E-453F-B8A5-D9E9B79ED040}" = Microsoft Visual C++ 2013 32bit Compilers - ENU Resources
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 1.0
"{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}" = Bamboo Tablets Tutorial
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73629F80-9DFE-421A-908B-C71FBD243E5A}" = Microsoft Report Viewer Add-On for Visual Studio 2013
"{77E2D875-FD9E-3DEE-9A84-C34FDECB4ECA}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A05796B-4FB2-4BAE-8CDC-28F7ABBC6EF3}" = Microsoft Azure Shared Components for Visual Studio 2013 - v1.3
"{7AE61976-6FE2-4B65-9E1C-4DE44288772B}" = Visual Studio Extensions for Windows Library for JavaScript
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{834B6E00-F509-40F2-A677-E86261184576}" = Blend for Visual Studio Add-in for Adobe FXG Import
"{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}" = Apple Application Support
"{84D88F57-4130-30FE-A0B6-1E04428FE1F6}" = Microsoft Visual C++ 2013 Core Libraries
"{85253F13-EE42-4850-A3A5-79B90E92D7AC}" = Entity Framework 6.1.1 Tools for Visual Studio 2013
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{88707808-9420-4D55-8C94-622CF25A8750}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{8BD11F34-C26A-4E92-B2A2-4FFF5FC3FE67}" = Microsoft Visual Studio 2013 Diagnostic Tools - x86
"{8D3A11D0-D925-FA0F-43F3-242E49975CD2}" = CCC Help Danish
"{8EF39A9F-6A57-9706-86A5-9312D9ED8016}" = CCC Help Portuguese
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90de9437-2739-41d3-8dda-b380fdae40a0}" = osu!
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{92352C97-C657-DB89-5F3A-E8C3789D9C89}" = CCC Help Chinese Traditional
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95545E55-3309-1929-FF41-2908A9706742}" = CCC Help Turkish
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{984022F2-9BCA-A41D-6A38-1AE658F01415}" = Windows Software Development Kit
"{985EF141-95DD-3934-8F23-7C2C4C61E5F7}" = Microsoft Visual Studio 2013 Shell (Minimum) Resources
"{99FCCA2B-F1FD-E66E-E3B9-AA57FBBF2E66}" = Windows Software Development Kit for Windows Store Apps
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CA5F712-9CAA-B3CB-02D3-7134DFC8801E}" = CCC Help French
"{9E7DE17D-A9E2-4762-8C10-1E80F5976F4A}" = Microsoft Visual Studio 2013 Preparation
"{9F7DE660-6BFE-3BA2-A93D-4F13BD13E10B}" = VS Update core components
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A128A816-FD3F-990E-DD80-E1735BD718AE}" = CCC Help Italian
"{A1785BD4-3486-4E7E-8074-E3FC61B8F315}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1CB8286-CFB3-A985-D799-721A0F2A27F3}" = Windows Software Development Kit DirectX x86 Remote
"{A3B308B9-BE96-4334-816F-3D82B19A7DE2}" = Software Updater
"{A3B8D9FB-CA7D-4487-8CA2-A6A2C8AD1077}" = Microsoft Visual C++ x86 Libraries
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6030DAD-1600-F767-C8DD-C722ADFE8FBC}" = Windows Software Development Kit DirectX x86 Remote
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}" = Microsoft SQL Server Data Tools - enu (12.0.41012.0)
"{AE51BF89-81D8-4CCA-A1D5-D6E242F3A141}" = MouseFIGHTER
"{AE937DBA-FEFD-3BFE-9860-0591C0F91D61}" = Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AFC9ECA9-6A4E-1370-98F3-002B63B5AF8E}" = CCC Help Thai
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B255880F-8C5E-4FAF-8F9C-7DBA635B2615}" = Build Tools - x86
"{B3653588-3AC0-4A1D-950F-D96531E84374}" = DayZ Commander
"{B7EC0338-EAE9-ABEA-D202-95025E66CC8C}" = HydraVision
"{B88F2045-CF9A-996C-1670-6F7D65F1D18A}" = CCC Help Norwegian
"{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}" = Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4
"{B90F9678-82C0-32A3-996B-98AA7EA5D8F4}" = Microsoft Visual Studio 2013 XAML UI Designer
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BED96D0C-7743-3CE3-F7DF-A0A4475FBF2F}" = CCC Help Hungarian
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C218ABCD-2C64-49D4-A891-83BD007D55D5}" = Theme Manager
"{C4BF6461-F4E4-4A41-BBE2-350766C9420D}" = Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C6028E83-4C47-459F-9EDC-7D1412CBCD97}" = Python Tools Redirection Template
"{C60F3836-333A-4AE2-B526-CFDBA143A9BA}" = Google Drive
"{C9E7751E-88ED-36CF-B610-71A1D262E906}" = Team Explorer for Microsoft Visual Studio 2013
"{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
"{CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}" = LogMeIn
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D3517C62-68A5-37CF-92F7-93C029A89681}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
"{D37FDF2F-8766-4BDF-A0E3-A60BDBB630ED}" = Build Tools Language Resources - x86
"{D9706C72-EB6E-37CC-8E21-FCDC0F9F93EE}" = Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop
"{e0efdce9-a486-4676-8aa5-65bb08cbf34c}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{E297492A-E114-CAE0-502E-5F36C386DD30}" = CCC Help Dutch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5CAE8D2-9F9F-3BEA-AA0F-B5B40611C704}" = Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005
"{E6533A85-ED92-F897-2B68-58AC3BD87F94}" = CCC Help English
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{EBAC163A-588E-1E5A-3CE8-826E9A449244}" = CCC Help Korean
"{ED65BD75-CEF3-C0C2-9E9C-FA567484FF60}" = CCC Help Japanese
"{ED780CA9-0687-3C12-B439-3369F224941F}" = Microsoft Visual Studio 2010 Service Pack 1
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{ED8DFB38-C87B-42B3-A33E-B20DF935C055}" = PowreShellIntegration.Notifications
"{EEB34D84-92A1-7BE3-6DB7-ABD1C4912D6B}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F1289D68-1C48-930F-51CF-577BDB371252}" = CCC Help Swedish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F361FE04-789E-42F3-BBAB-E7B380AA5E06}" = Windows XP Targeting with C++
"{F3F340A5-64EC-AEEC-4BDF-DC537D390BF5}" = CCC Help German
"{F5CA78D9-B5E9-421E-8DF9-0B418BCBD563}" = LogMeIn Hamachi
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)
"{FEAF4197-BC22-467A-994A-B72E74DF57E2}" = U2bviews Software
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF}" = Microsoft Visual C++ 2012 Core Libraries
"4K Video Downloader_is1" = 4K Video Downloader 3.4
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.250
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.29
"Bamboo Dock" = Bamboo Dock
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battle.net" = Battle.net
"BattlEye for OA" = BattlEye for OA Uninstall
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Cockatrice" = Cockatrice
"Comodo Dragon" = Comodo Dragon
"Disk Space Fan 4_is1" = Disk Space Fan 4 4.5.4.152
"EPSON Connect_is1" = EPSON Connect version 1.0
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.7.4.1
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"Grooveshark" = Grooveshark
"Hearthstone" = Hearthstone
"KeyScrambler" = KeyScrambler
"League of Legends 3.0.0" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Help Viewer 2.1" = Microsoft Help Viewer 2.1
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Open Broadcaster Software" = Open Broadcaster Software
"OpenVPN" = OpenVPN 2.2.2
"Origin" = Origin
"Pidgin" = Pidgin
"pidgin-otr" = pidgin-otr 4.0.0-1
"Psi" = Psi (remove only)
"RaidCall" = RaidCall
"Rainmeter" = Rainmeter
"Raptr" = Raptr
"Razer Game Booster_is1" = Razer Game Booster
"RocketDock_is1" = RocketDock 1.3.5
"SandstonePlayer" = Sandstone Player
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 12210" = Grand Theft Auto IV
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 220160" = Trials Evolution Gold Edition
"Steam App 225600" = Blade Symphony
"Steam App 234530" = War of the Vikings Early Access
"Steam App 240" = Counter-Strike: Source
"Steam App 252490" = Rust
"Steam App 259080" = Just Cause 2: Multiplayer Mod
"Steam App 280910" = T.E.C. 3001
"Steam App 319510" = Five Nights at Freddy's
"Steam App 33230" = Assassin's Creed II
"Steam App 33900" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 35140" = Batman: Arkham Asylum GOTY Edition
"Steam App 4000" = Garry's Mod
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 7940" = Call of Duty 4: Modern Warfare
"Steam App 8190" = Just Cause 2
"Steam App 94400" = Nidhogg
"StepMania 5" = StepMania v5.0 beta 3 (remove only)
"TeamViewer 8" = TeamViewer 8
"UN900120" = BUFFALO AirStation Bandwidth Selection Tool
"Uplay" = Uplay
"VLC media player" = VLC media player
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"Winamp" = Winamp
"XFastUSB" = XFastUSB

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3937064695-4174873834-2997317461-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"JoinMe" = join.me
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"WinDirStat" = WinDirStat 1.1.2

< End of report >

F. Not so far.
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm

Re: Odd login IPs, think I might be infected?

Unread postby pgmigg » December 8th, 2014, 2:03 am

Hello lucaslee8498,

Step 1.
Security Check
Please download Security Check ... by screen317. Save it to your Desktop.
Alternate download site: Link 2
  1. Right click SecurityCheck.exe and select " Run as administrator... " , then follow the onscreen instructions inside of the black box. The program will add a number of progress lines as it performs the scans.
  2. Wait until the program tells you it has copied the information to checkup.txt and a Notepad document also should open automatically with all the information in it.
  3. Please copy/paste the entire contents of the checkup.txt file into your next reply.

Step 2.
ZOEK Auto Clean
  1. First please Disable any Antivirus you have active, as shown in This topic.
    Note: Don't forget to re-enable it after the scan.
  2. Next please download zoek.exe and save it to your desktop.
  3. Close any open browsers.
  4. Right click on zoek.exe and select "Run as administrator..." to run it.
  5. Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
  6. Click the More Options button below the large panel and check the box:
    • Auto Clean
  7. Click on Run script button
  8. Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  9. Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

    Note: It will also create a log in the C:\ directory named "zoek-results.log"

Step 3.
TDSSKiller - Rootkit Removal Tool Image
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Right-click on TDSSKiller.exe and select "Run As Administrator...".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. Click Change parameters
  4. Under Additional Options CHECK Verify file digital signatures
  5. IMPORTANT: Ensure Detect TDLFS file system remains UNCHECKED.
  6. Click OK if changes were made.
  7. Click Start scan and allow it to scan for Malicious objects.

    • If Malicious objects are detected, the default action will be Cure, ensure SKIP is selected... then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    DO NOT change the default actions, other than CURE to SKIP.
  8. You may be asked to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  9. A log will be created on your root drive (usually C:) drive. The log will have a name like Name.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  10. If no reboot is required, click on Report. A log file should appear.
  11. Please post the contents of the log file in your next reply

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of checkup.txt report after Security Check run
  3. Contents of the zoek-results.log file
  4. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3175
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 8th, 2014, 8:20 pm

A. Nope
B. Results of screen317's Security Check version 0.99.91
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
ESET Smart Security 6.0
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Visual Studio Extensions for Windows Library for JavaScript
Java version 32-bit out of Date!
Adobe Flash Player 12.0.0.77 Flash Player out of Date!
Adobe Reader XI
Google Chrome (39.0.2171.65)
Google Chrome (39.0.2171.71)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

C.
Zoek.exe v5.0.0.0 Updated 08-December-2014
Tool run by Lucas on Mon 12/08/2014 at 19:00:48.42.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lucas\Desktop\zoek.exe [Scan all users] [Checkboxes used]

==== System Restore Info ======================

12/8/2014 7:01:24 PM Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\Program Files\ASRock deleted successfully
C:\Program Files\Bluestacks deleted successfully
C:\Program Files\New folder deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Lucas\AppData\Roaming\6179725 deleted successfully
C:\Users\Lucas\AppData\Roaming\6401613 deleted successfully
C:\Users\Lucas\AppData\Roaming\8948697 deleted successfully
C:\Users\Lucas\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Lucas\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Lucas\AppData\Roaming\uTorrent deleted successfully
C:\Users\Lucas\AppData\Roaming\VMware deleted successfully
C:\Users\Lucas\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3937064695-4174873834-2997317461-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Skillbrains deleted
C:\Users\Lucas\AppData\Roaming\cpalander.ico deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\RENEAEB.tmp deleted
C:\Windows\Syswow64\RENEAEC.tmp deleted
"C:\Windows\Installer\d4ec8b5.msi" deleted
"C:\Users\Lucas\AppData\Local\Skillbrains\lightshot\5.1.4.41\Lightshot.dll" deleted
"C:\Users\Lucas\AppData\Local\Skillbrains\lightshot\5.1.4.41\Lightshot.exe" deleted
"C:\Users\Lucas\AppData\Local\Skillbrains\lightshot\5.1.4.41\uploader.dll" deleted
"C:\Users\Lucas\AppData\Local\Skillbrains" deleted
"C:\Users\Lucas\AppData\Local\Skillbrains\lightshot" deleted
"C:\Users\Lucas\AppData\Local\Skillbrains\lightshot\5.1.4.41" deleted

==== Chromium Look ======================

Google Voice Search Hotword (Beta) - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Tampermonkey - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
Material For Chrome - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokahbgdhhcjfnjlfeiojfmgnoikpcco
Imgur to Gfy - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnninnhcleaikepmmomfnknbldalnjj
Reddit Enhancement Suite - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb

==== Chromium Fix ======================

C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameslikefinder.com_0.localstorage deleted successfully
C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameslikefinder.com_0.localstorage-journal deleted successfully
C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_anonservices.net_0.localstorage deleted successfully
C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_anonservices.net_0.localstorage-journal deleted successfully
C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_snow-services.com_0.localstorage deleted successfully
C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_snow-services.com_0.localstorage-journal deleted successfully
C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.anonservices.net_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9B803B3A69EB433418F6D3281BA9D72E deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A3B308B9-BE96-4334-816F-3D82B19A7DE2} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9B803B3A69EB433418F6D3281BA9D72E deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightShot deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MusicManager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=534 folders=632 2559071151 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\hedev\AppData\Local\Temp emptied successfully
C:\Users\Lucas\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lucas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on Mon 12/08/2014 at 19:15:10.14 ======================

Continued in next post because of character count.
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm

Re: Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 8th, 2014, 8:22 pm

The TDSS rootkit log won't fit even in it's own individual message, what should I do?
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm

Re: Odd login IPs, think I might be infected?

Unread postby pgmigg » December 8th, 2014, 9:53 pm

Hello lucaslee8498,

The TDSS rootkit log won't fit even in it's own individual message, what should I do?
Please break it into several parts, each of which can fit in one post and place them piece by piece...

Microsoft Security Essentials
ESET Smart Security 6.0

May I draw your attention to Multiple Anti Virus programs detected WARNING! I placed previously. You uninstalled one of three but you still have two of them - we cannot go forward until you keep more then one Anti Virus program.
Please decide which one you would keep and uninstall another one.

Please don't forget to keep your Anti Virus program enable and updated![/list]

Then:
Fresh Security Check
You should still have SecurityCheck.exe on your desktop.
  1. Right click SecurityCheck.exe and select " Run as administrator... " , then follow the onscreen instructions inside of the black box. The program will add a number of progress lines as it performs the scans.
  2. Wait until the program tells you it has copied the information to checkup.txt and a Notepad document also should open automatically with all the information in it.
  3. Please copy/paste the entire contents of the checkup.txt file into your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of checkup.txt report after fresh Security Check run
  3. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3175
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 10th, 2014, 9:06 pm

A. Nope
B. Results of screen317's Security Check version 0.99.91
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
ESET Smart Security 6.0
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Visual Studio Extensions for Windows Library for JavaScript
Java version 32-bit out of Date!
Adobe Flash Player 12.0.0.77 Flash Player out of Date!
Adobe Reader XI
Google Chrome (39.0.2171.65)
Google Chrome (39.0.2171.71)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

C. 19:16:42.0003 0x0aac TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
19:16:44.0636 0x0aac ============================================================
19:16:44.0636 0x0aac Current date / time: 2014/12/08 19:16:44.0636
19:16:44.0636 0x0aac SystemInfo:
19:16:44.0636 0x0aac
19:16:44.0636 0x0aac OS Version: 6.1.7601 ServicePack: 1.0
19:16:44.0636 0x0aac Product type: Workstation
19:16:44.0636 0x0aac ComputerName: LUCAS-PC
19:16:44.0636 0x0aac UserName: Lucas
19:16:44.0636 0x0aac Windows directory: C:\Windows
19:16:44.0636 0x0aac System windows directory: C:\Windows
19:16:44.0636 0x0aac Running under WOW64
19:16:44.0636 0x0aac Processor architecture: Intel x64
19:16:44.0636 0x0aac Number of processors: 4
19:16:44.0636 0x0aac Page size: 0x1000
19:16:44.0636 0x0aac Boot type: Normal boot
19:16:44.0636 0x0aac ============================================================
19:16:44.0781 0x0aac KLMD registered as C:\Windows\system32\drivers\18034338.sys
19:16:44.0928 0x0aac System UUID: {3FA754BA-FE31-5D69-5E31-29AEFB872DF8}
19:16:45.0340 0x0aac Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:16:45.0341 0x0aac Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:16:46.0110 0x0aac ============================================================
19:16:46.0110 0x0aac \Device\Harddisk0\DR0:
19:16:46.0110 0x0aac MBR partitions:
19:16:46.0110 0x0aac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
19:16:46.0110 0x0aac \Device\Harddisk1\DR1:
19:16:46.0110 0x0aac MBR partitions:
19:16:46.0110 0x0aac \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:16:46.0110 0x0aac \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
19:16:46.0110 0x0aac ============================================================
19:16:46.0111 0x0aac C: <-> \Device\Harddisk1\DR1\Partition2
19:16:46.0126 0x0aac E: <-> \Device\Harddisk0\DR0\Partition1
19:16:46.0126 0x0aac ============================================================
19:16:46.0126 0x0aac Initialize success
19:16:46.0126 0x0aac ============================================================
19:16:58.0888 0x0a80 ============================================================
19:16:58.0888 0x0a80 Scan started
19:16:58.0888 0x0a80 Mode: Manual;
19:16:58.0888 0x0a80 ============================================================
19:16:58.0888 0x0a80 KSN ping started
19:17:01.0438 0x0a80 KSN ping finished: true
19:17:01.0672 0x0a80 ================ Scan system memory ========================
19:17:01.0672 0x0a80 System memory - ok
19:17:01.0672 0x0a80 ================ Scan services =============================
19:17:01.0707 0x0a80 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:17:01.0711 0x0a80 1394ohci - ok
19:17:01.0728 0x0a80 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:17:01.0734 0x0a80 ACPI - ok
19:17:01.0736 0x0a80 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:17:01.0737 0x0a80 AcpiPmi - ok
19:17:01.0744 0x0a80 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:17:01.0746 0x0a80 AdobeARMservice - ok
19:17:01.0771 0x0a80 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:17:01.0776 0x0a80 AdobeFlashPlayerUpdateSvc - ok
19:17:01.0787 0x0a80 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:17:01.0796 0x0a80 adp94xx - ok
19:17:01.0805 0x0a80 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:17:01.0811 0x0a80 adpahci - ok
19:17:01.0817 0x0a80 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:17:01.0821 0x0a80 adpu320 - ok
19:17:01.0826 0x0a80 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:17:01.0828 0x0a80 AeLookupSvc - ok
19:17:01.0839 0x0a80 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
19:17:01.0848 0x0a80 AFD - ok
19:17:01.0852 0x0a80 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:17:01.0853 0x0a80 agp440 - ok
19:17:01.0857 0x0a80 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:17:01.0859 0x0a80 ALG - ok
19:17:01.0861 0x0a80 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:17:01.0863 0x0a80 aliide - ok
19:17:01.0869 0x0a80 [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:17:01.0873 0x0a80 AMD External Events Utility - ok
19:17:01.0876 0x0a80 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:17:01.0877 0x0a80 amdide - ok
19:17:01.0880 0x0a80 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:17:01.0882 0x0a80 AmdK8 - ok
19:17:02.0117 0x0a80 [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:17:02.0268 0x0a80 amdkmdag - ok
19:17:02.0295 0x0a80 [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:17:02.0302 0x0a80 amdkmdap - ok
19:17:02.0306 0x0a80 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:17:02.0308 0x0a80 AmdPPM - ok
19:17:02.0312 0x0a80 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:17:02.0314 0x0a80 amdsata - ok
19:17:02.0319 0x0a80 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:17:02.0323 0x0a80 amdsbs - ok
19:17:02.0326 0x0a80 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:17:02.0327 0x0a80 amdxata - ok
19:17:02.0330 0x0a80 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
19:17:02.0332 0x0a80 AppID - ok
19:17:02.0334 0x0a80 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:17:02.0335 0x0a80 AppIDSvc - ok
19:17:02.0339 0x0a80 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:17:02.0341 0x0a80 Appinfo - ok
19:17:02.0345 0x0a80 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:17:02.0347 0x0a80 Apple Mobile Device - ok
19:17:02.0350 0x0a80 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
19:17:02.0352 0x0a80 arc - ok
19:17:02.0356 0x0a80 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:17:02.0358 0x0a80 arcsas - ok
19:17:02.0369 0x0a80 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:17:02.0373 0x0a80 aspnet_state - ok
19:17:02.0382 0x0a80 AsrCDDrv - ok
19:17:02.0385 0x0a80 [ 0C3F9E39C0B10D351026D580D9FF6F86, 0A19F09FD2EF200BED07CDBC4AAF41261A0C0468F680A5AAEBCD26B371676D53 ] AsrRamDisk C:\Windows\system32\DRIVERS\AsrRamDisk.sys
19:17:02.0386 0x0a80 AsrRamDisk - ok
19:17:02.0389 0x0a80 [ 30F92A4B666E1E53C418B2D3024FDF6E, 164639CD210201FFEE76E7F63A9484419BF396EA416AAACDECFC501349A790AB ] AsrVDrive C:\Windows\system32\DRIVERS\AsrVDrive.sys
19:17:02.0389 0x0a80 AsrVDrive - ok
19:17:02.0392 0x0a80 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:17:02.0393 0x0a80 AsyncMac - ok
19:17:02.0395 0x0a80 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:17:02.0396 0x0a80 atapi - ok
19:17:02.0401 0x0a80 [ 770A3B0D78232B0C1054495392A1FBA3, 733BB08BAFE42E848F3A3CDFD80A2C37DB829CAD2E18B3D6299FDEE6EF30C9CD ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:17:02.0403 0x0a80 AtiHDAudioService - ok
19:17:02.0416 0x0a80 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:17:02.0427 0x0a80 AudioEndpointBuilder - ok
19:17:02.0441 0x0a80 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:17:02.0449 0x0a80 AudioSrv - ok
19:17:02.0454 0x0a80 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:17:02.0456 0x0a80 AxInstSV - ok
19:17:02.0467 0x0a80 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:17:02.0475 0x0a80 b06bdrv - ok
19:17:02.0482 0x0a80 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:17:02.0487 0x0a80 b57nd60a - ok
19:17:02.0492 0x0a80 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:17:02.0494 0x0a80 BDESVC - ok
19:17:02.0497 0x0a80 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:17:02.0497 0x0a80 Beep - ok
19:17:02.0500 0x0a80 [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:17:02.0518 0x0a80 BEService - ok
19:17:02.0532 0x0a80 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:17:02.0543 0x0a80 BFE - ok
19:17:02.0561 0x0a80 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:17:02.0572 0x0a80 BITS - ok
19:17:02.0576 0x0a80 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:17:02.0577 0x0a80 blbdrive - ok
19:17:02.0587 0x0a80 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:17:02.0594 0x0a80 Bonjour Service - ok
19:17:02.0598 0x0a80 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:17:02.0600 0x0a80 bowser - ok
19:17:02.0603 0x0a80 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:17:02.0604 0x0a80 BrFiltLo - ok
19:17:02.0606 0x0a80 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:17:02.0606 0x0a80 BrFiltUp - ok
19:17:02.0611 0x0a80 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:17:02.0614 0x0a80 Browser - ok
19:17:02.0620 0x0a80 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:17:02.0625 0x0a80 Brserid - ok
19:17:02.0628 0x0a80 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:17:02.0630 0x0a80 BrSerWdm - ok
19:17:02.0632 0x0a80 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:17:02.0633 0x0a80 BrUsbMdm - ok
19:17:02.0635 0x0a80 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:17:02.0636 0x0a80 BrUsbSer - ok
19:17:02.0639 0x0a80 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:17:02.0641 0x0a80 BTHMODEM - ok
19:17:02.0645 0x0a80 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:17:02.0647 0x0a80 bthserv - ok
19:17:02.0673 0x0a80 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
19:17:02.0694 0x0a80 c2cautoupdatesvc - ok
19:17:02.0726 0x0a80 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
19:17:02.0753 0x0a80 c2cpnrsvc - ok
19:17:02.0759 0x0a80 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:17:02.0761 0x0a80 cdfs - ok
19:17:02.0766 0x0a80 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:17:02.0769 0x0a80 cdrom - ok
19:17:02.0773 0x0a80 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:17:02.0775 0x0a80 CertPropSvc - ok
19:17:02.0818 0x0a80 [ 213B6EC3DE19E35373A1906397588429, C72B74D4840946DC6952B9F6C4A568DA702DD2D6E211AA5BB7F82EF481F449C6 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
19:17:03.0534 0x0a80 CGVPNCliSrvc - ok
19:17:03.0539 0x0a80 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:17:03.0541 0x0a80 circlass - ok
19:17:03.0550 0x0a80 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:17:03.0556 0x0a80 CLFS - ok
19:17:03.0560 0x0a80 [ 48ADC94A8FD3E7013153A1E5CD74363F, 5F8D194B62457CE2E0445FD16863DF4DC33DBB52AAF0625D70DA3E5BEC576739 ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
19:17:03.0562 0x0a80 CLPSLauncher - ok
19:17:03.0567 0x0a80 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:17:03.0569 0x0a80 clr_optimization_v2.0.50727_32 - ok
19:17:03.0574 0x0a80 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:17:03.0577 0x0a80 clr_optimization_v2.0.50727_64 - ok
19:17:03.0585 0x0a80 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:17:03.0595 0x0a80 clr_optimization_v4.0.30319_32 - ok
19:17:03.0603 0x0a80 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:17:03.0608 0x0a80 clr_optimization_v4.0.30319_64 - ok
19:17:03.0612 0x0a80 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:17:03.0613 0x0a80 CmBatt - ok
19:17:03.0615 0x0a80 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:17:03.0616 0x0a80 cmdide - ok
19:17:03.0626 0x0a80 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
19:17:03.0633 0x0a80 CNG - ok
19:17:03.0637 0x0a80 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:17:03.0638 0x0a80 Compbatt - ok
19:17:03.0640 0x0a80 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:17:03.0642 0x0a80 CompositeBus - ok
19:17:03.0644 0x0a80 COMSysApp - ok
19:17:03.0669 0x0a80 [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:17:03.0675 0x0a80 cphs - ok
19:17:03.0678 0x0a80 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:17:03.0679 0x0a80 crcdisk - ok
19:17:03.0686 0x0a80 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:17:03.0690 0x0a80 CryptSvc - ok
19:17:03.0704 0x0a80 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:17:03.0714 0x0a80 DcomLaunch - ok
19:17:03.0723 0x0a80 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:17:03.0729 0x0a80 defragsvc - ok
19:17:03.0733 0x0a80 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:17:03.0735 0x0a80 DfsC - ok
19:17:03.0744 0x0a80 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:17:03.0750 0x0a80 Dhcp - ok
19:17:03.0754 0x0a80 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:17:03.0755 0x0a80 discache - ok
19:17:03.0759 0x0a80 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
19:17:03.0760 0x0a80 Disk - ok
19:17:03.0766 0x0a80 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:17:03.0770 0x0a80 Dnscache - ok
19:17:03.0777 0x0a80 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:17:03.0781 0x0a80 dot3svc - ok
19:17:03.0787 0x0a80 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:17:03.0790 0x0a80 DPS - ok
19:17:03.0828 0x0a80 [ 188D8586D8615279ED4C31144010B46A, C2D1DADE63188A93BD8C3F84CDBCEA5B85434F8DED7FDDB21D101356F52AE198 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
19:17:03.0861 0x0a80 DragonUpdater - ok
19:17:03.0866 0x0a80 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:17:03.0867 0x0a80 drmkaud - ok
19:17:03.0885 0x0a80 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:17:03.0897 0x0a80 DXGKrnl - ok
19:17:03.0904 0x0a80 [ 398904F1FBF13CEF0FCB822E9CA5F2D5, 7CC204FCC111C2098ECDBD0AA4EDA382091665ECAB1B50AD48E0A1766F589D82 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:17:03.0907 0x0a80 eamonm - ok
19:17:03.0913 0x0a80 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:17:03.0916 0x0a80 EapHost - ok
19:17:03.0919 0x0a80 EasyAntiCheat - ok
19:17:03.0975 0x0a80 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:17:04.0026 0x0a80 ebdrv - ok
19:17:04.0033 0x0a80 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
19:17:04.0034 0x0a80 EFS - ok
19:17:04.0039 0x0a80 [ 9E39134330C18CBAC0F24C1283701D7E, 6F6B2AB6CD1932216BA516F4DE8316BE9625CFAF602522A99F77351A538E5799 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:17:04.0041 0x0a80 ehdrv - ok
19:17:04.0055 0x0a80 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:17:04.0066 0x0a80 ehRecvr - ok
19:17:04.0071 0x0a80 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:17:04.0074 0x0a80 ehSched - ok
19:17:04.0101 0x0a80 [ 7FE34FD5652C54BDA8D2DF8AC92E833A, 2B2836F47398AAD173F0D5C016B3B4DAB13F4EEC991B05D3C8B1DF310B25A96A ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
19:17:04.0121 0x0a80 ekrn - ok
19:17:04.0134 0x0a80 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:17:04.0143 0x0a80 elxstor - ok
19:17:04.0149 0x0a80 [ 392EC4EA0C265F5BC50D057BEAA593CD, 389B99607D4F50508BD96FADD0280AFB91C28D2F13C07668B78DBF780AC4127C ] epfw C:\Windows\system32\DRIVERS\epfw.sys
19:17:04.0152 0x0a80 epfw - ok
19:17:04.0155 0x0a80 [ AD03E0C95E750F3FBE84EDA87B2C4E08, E76094B88030037903F2A2E21A55CAADB3828693E1EE2D8219DD440A2CAE14D0 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
19:17:04.0156 0x0a80 epfwwfp - ok
19:17:04.0168 0x0a80 [ 1E0764A8A8F39BAAEB271DA597422584, 0FEC21BF69925496E11DCDBB3409F63C0F7970FF2B68391CD6E3EF6F566FD2A3 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
19:17:04.0179 0x0a80 EpsonCustomerParticipation - ok
19:17:04.0184 0x0a80 [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
19:17:04.0187 0x0a80 EpsonScanSvc - ok
19:17:04.0189 0x0a80 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:17:04.0190 0x0a80 ErrDev - ok
19:17:04.0196 0x0a80 [ 4DFF30CABF8D894137AD7F4A78E2BCE0, 821245D23B979ADAA95F9059A27F3B9E772C4261B61868E8AF717512494A9B1F ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys
19:17:04.0205 0x0a80 EuMusDesignVirtualAudioCableWdm - ok
19:17:04.0216 0x0a80 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:17:04.0221 0x0a80 EventSystem - ok
19:17:04.0227 0x0a80 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:17:04.0231 0x0a80 exfat - ok
19:17:04.0236 0x0a80 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:17:04.0240 0x0a80 fastfat - ok
19:17:04.0256 0x0a80 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:17:04.0268 0x0a80 Fax - ok
19:17:04.0271 0x0a80 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
19:17:04.0272 0x0a80 fdc - ok
19:17:04.0275 0x0a80 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:17:04.0276 0x0a80 fdPHost - ok
19:17:04.0279 0x0a80 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:17:04.0280 0x0a80 FDResPub - ok
19:17:04.0283 0x0a80 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:17:04.0285 0x0a80 FileInfo - ok
19:17:04.0287 0x0a80 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:17:04.0288 0x0a80 Filetrace - ok
19:17:04.0314 0x0a80 [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:17:04.0371 0x0a80 FLEXnet Licensing Service 64 - ok
19:17:04.0375 0x0a80 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:17:04.0376 0x0a80 flpydisk - ok
19:17:04.0383 0x0a80 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:17:04.0388 0x0a80 FltMgr - ok
19:17:04.0391 0x0a80 [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
19:17:04.0398 0x0a80 FNETTBOH_305 - ok
19:17:04.0401 0x0a80 [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
19:17:04.0409 0x0a80 FNETURPX - ok
19:17:04.0431 0x0a80 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
19:17:04.0450 0x0a80 FontCache - ok
19:17:04.0454 0x0a80 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:17:04.0456 0x0a80 FontCache3.0.0.0 - ok
19:17:04.0459 0x0a80 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:17:04.0461 0x0a80 FsDepends - ok
19:17:04.0463 0x0a80 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:17:04.0464 0x0a80 Fs_Rec - ok
19:17:04.0470 0x0a80 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:17:04.0474 0x0a80 fvevol - ok
19:17:04.0478 0x0a80 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:17:04.0479 0x0a80 gagp30kx - ok
19:17:04.0483 0x0a80 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:17:04.0484 0x0a80 GEARAspiWDM - ok
19:17:04.0525 0x0a80 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
19:17:04.0560 0x0a80 GeekBuddyRSP - ok
19:17:04.0579 0x0a80 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:17:04.0592 0x0a80 gpsvc - ok
19:17:04.0598 0x0a80 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:17:04.0599 0x0a80 gupdate - ok
19:17:04.0602 0x0a80 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:17:04.0604 0x0a80 gupdatem - ok
19:17:04.0607 0x0a80 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:17:04.0608 0x0a80 hamachi - ok
19:17:04.0647 0x0a80 [ 55706A31E8E2E67763ECD10F19CC3449, C3AC7243B56B0420EBBC0E0D7DDA5D602A2C88349963B23101E49D456EED7A2D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:17:04.0681 0x0a80 Hamachi2Svc - ok
19:17:04.0687 0x0a80 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:17:04.0688 0x0a80 hcw85cir - ok
19:17:04.0697 0x0a80 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:17:04.0702 0x0a80 HdAudAddService - ok
19:17:04.0707 0x0a80 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:17:04.0710 0x0a80 HDAudBus - ok
19:17:04.0712 0x0a80 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:17:04.0713 0x0a80 HidBatt - ok
19:17:04.0717 0x0a80 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:17:04.0719 0x0a80 HidBth - ok
19:17:04.0723 0x0a80 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:17:04.0724 0x0a80 HidIr - ok
19:17:04.0727 0x0a80 [ 46BBE8EA221461A65F18A078528F4B2C, C0B0D35E2A6C750E5505156694F41F987AB548449F6C9DB1EEEAF12E5F146AD7 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
19:17:04.0728 0x0a80 hidkmdf - ok
19:17:04.0731 0x0a80 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:17:04.0732 0x0a80 hidserv - ok
19:17:04.0735 0x0a80 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:17:04.0743 0x0a80 HidUsb - ok
19:17:04.0746 0x0a80 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:17:04.0749 0x0a80 hkmsvc - ok
19:17:04.0755 0x0a80 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:17:04.0758 0x0a80 HomeGroupListener - ok
19:17:04.0764 0x0a80 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:17:04.0767 0x0a80 HomeGroupProvider - ok
19:17:04.0771 0x0a80 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:17:04.0773 0x0a80 HpSAMD - ok
19:17:04.0787 0x0a80 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:17:04.0799 0x0a80 HTTP - ok
19:17:04.0803 0x0a80 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:17:04.0803 0x0a80 hwpolicy - ok
19:17:04.0807 0x0a80 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:17:04.0810 0x0a80 i8042prt - ok
19:17:04.0820 0x0a80 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:17:04.0827 0x0a80 iaStorV - ok
19:17:04.0844 0x0a80 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:17:04.0858 0x0a80 idsvc - ok
19:17:04.0862 0x0a80 IEEtwCollectorService - ok
19:17:04.0952 0x0a80 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:17:05.0034 0x0a80 igfx - ok
19:17:05.0042 0x0a80 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:17:05.0044 0x0a80 iirsp - ok
19:17:05.0060 0x0a80 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:17:05.0074 0x0a80 IKEEXT - ok
19:17:05.0158 0x0a80 [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:17:05.0212 0x0a80 IntcAzAudAddService - ok
19:17:05.0220 0x0a80 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:17:05.0222 0x0a80 intelide - ok
19:17:05.0225 0x0a80 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:17:05.0226 0x0a80 intelppm - ok
19:17:05.0230 0x0a80 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:17:05.0233 0x0a80 IPBusEnum - ok
19:17:05.0236 0x0a80 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:17:05.0238 0x0a80 IpFilterDriver - ok
19:17:05.0252 0x0a80 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:17:05.0261 0x0a80 iphlpsvc - ok
19:17:05.0265 0x0a80 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:17:05.0267 0x0a80 IPMIDRV - ok
19:17:05.0271 0x0a80 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:17:05.0273 0x0a80 IPNAT - ok
19:17:05.0286 0x0a80 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:17:05.0294 0x0a80 iPod Service - ok
19:17:05.0298 0x0a80 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:17:05.0299 0x0a80 IRENUM - ok
19:17:05.0301 0x0a80 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:17:05.0302 0x0a80 isapnp - ok
19:17:05.0309 0x0a80 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:17:05.0314 0x0a80 iScsiPrt - ok
19:17:05.0318 0x0a80 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
19:17:05.0319 0x0a80 ISCT - ok
19:17:05.0322 0x0a80 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:17:05.0322 0x0a80 iusb3hcs - ok
19:17:05.0331 0x0a80 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
19:17:05.0335 0x0a80 iusb3hub - ok
19:17:05.0351 0x0a80 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:17:05.0361 0x0a80 iusb3xhc - ok
19:17:05.0365 0x0a80 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:17:05.0366 0x0a80 kbdclass - ok
19:17:05.0368 0x0a80 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:17:05.0375 0x0a80 kbdhid - ok
19:17:05.0378 0x0a80 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
19:17:05.0379 0x0a80 KeyIso - ok
19:17:05.0387 0x0a80 [ 783BEB99743BACB9586CCB70356449C5, CEE63FC2E7937B181743D4CFE837FFB29E3BF94BBA5394A3B5FFAF5142EF0D48 ] KeyScrambler C:\Windows\system32\drivers\keyscrambler.sys
19:17:05.0396 0x0a80 KeyScrambler - ok
19:17:05.0401 0x0a80 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:17:05.0402 0x0a80 KSecDD - ok
19:17:05.0407 0x0a80 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:17:05.0410 0x0a80 KSecPkg - ok
19:17:05.0413 0x0a80 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:17:05.0414 0x0a80 ksthunk - ok
19:17:05.0421 0x0a80 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:17:05.0428 0x0a80 KtmRm - ok
19:17:05.0435 0x0a80 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:17:05.0439 0x0a80 LanmanServer - ok
19:17:05.0444 0x0a80 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:17:05.0447 0x0a80 LanmanWorkstation - ok
19:17:05.0451 0x0a80 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:17:05.0453 0x0a80 lltdio - ok
19:17:05.0459 0x0a80 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:17:05.0465 0x0a80 lltdsvc - ok
19:17:05.0468 0x0a80 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:17:05.0469 0x0a80 lmhosts - ok
19:17:05.0478 0x0a80 [ 206D1495952A86E30CC997EA10A68A6C, 27020706A93B776FF3C839F7130B9D864C5BD2F401367C3E4D7729C968986B98 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
19:17:05.0484 0x0a80 LMIGuardianSvc - ok
19:17:05.0488 0x0a80 [ 0F28935ECF1FBDEC22BAF720A5A94564, A4E8E13FD7FE1882243AD7139D5E0925F09069616920382F952D79586A4936E7 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
19:17:05.0488 0x0a80 LMIInfo - ok
19:17:05.0494 0x0a80 [ FF0935EBF4008F9299450D4FB5307CC0, 6A5060904991CEC7D0335BCEC1EF5AFF4E02018D4B9779D55EF865D36E81E1AF ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
19:17:05.0499 0x0a80 LMIMaint - ok
19:17:05.0501 0x0a80 [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
19:17:05.0502 0x0a80 lmimirr - ok
19:17:05.0504 0x0a80 LMIRfsClientNP - ok
19:17:05.0507 0x0a80 [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
19:17:05.0509 0x0a80 LMIRfsDriver - ok
19:17:05.0517 0x0a80 [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
19:17:05.0524 0x0a80 LogMeIn - ok
19:17:05.0529 0x0a80 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:17:05.0532 0x0a80 LSI_FC - ok
19:17:05.0536 0x0a80 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:17:05.0538 0x0a80 LSI_SAS - ok
19:17:05.0541 0x0a80 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:17:05.0543 0x0a80 LSI_SAS2 - ok
19:17:05.0547 0x0a80 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:17:05.0549 0x0a80 LSI_SCSI - ok
19:17:05.0553 0x0a80 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:17:05.0555 0x0a80 luafv - ok
19:17:05.0558 0x0a80 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:17:05.0559 0x0a80 MBAMProtector - ok
19:17:05.0590 0x0a80 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
19:17:05.0619 0x0a80 MBAMScheduler - ok
19:17:05.0639 0x0a80 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
19:17:05.0654 0x0a80 MBAMService - ok
19:17:05.0660 0x0a80 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:17:05.0670 0x0a80 MBAMSwissArmy - ok
19:17:05.0674 0x0a80 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:17:05.0675 0x0a80 MBAMWebAccessControl - ok
19:17:05.0678 0x0a80 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
19:17:05.0679 0x0a80 MBfilt - ok
19:17:05.0682 0x0a80 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:17:05.0685 0x0a80 Mcx2Svc - ok
19:17:05.0687 0x0a80 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:17:05.0689 0x0a80 megasas - ok
19:17:05.0695 0x0a80 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:17:05.0700 0x0a80 MegaSR - ok
19:17:05.0704 0x0a80 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:17:05.0705 0x0a80 MEIx64 - ok
19:17:05.0709 0x0a80 Microsoft SharePoint Workspace Audit Service - ok
19:17:05.0712 0x0a80 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:17:05.0714 0x0a80 MMCSS - ok
19:17:05.0717 0x0a80 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:17:05.0718 0x0a80 Modem - ok
19:17:05.0721 0x0a80 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:17:05.0721 0x0a80 monitor - ok
19:17:05.0725 0x0a80 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:17:05.0726 0x0a80 mouclass - ok
19:17:05.0728 0x0a80 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:17:05.0735 0x0a80 mouhid - ok
19:17:05.0738 0x0a80 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:17:05.0740 0x0a80 mountmgr - ok
19:17:05.0748 0x0a80 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:17:05.0752 0x0a80 MpFilter - ok
19:17:05.0757 0x0a80 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:17:05.0760 0x0a80 mpio - ok
19:17:05.0764 0x0a80 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:17:05.0765 0x0a80 mpsdrv - ok
19:17:05.0780 0x0a80 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:17:05.0794 0x0a80 MpsSvc - ok
19:17:05.0800 0x0a80 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:17:05.0803 0x0a80 MRxDAV - ok
19:17:05.0807 0x0a80 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:17:05.0811 0x0a80 mrxsmb - ok
19:17:05.0818 0x0a80 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:17:05.0823 0x0a80 mrxsmb10 - ok
19:17:05.0828 0x0a80 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:17:05.0830 0x0a80 mrxsmb20 - ok
19:17:05.0833 0x0a80 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:17:05.0834 0x0a80 msahci - ok
19:17:05.0838 0x0a80 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:17:05.0841 0x0a80 msdsm - ok
19:17:05.0846 0x0a80 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:17:05.0849 0x0a80 MSDTC - ok
19:17:05.0854 0x0a80 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:17:05.0855 0x0a80 Msfs - ok
19:17:05.0857 0x0a80 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:17:05.0857 0x0a80 mshidkmdf - ok
19:17:05.0860 0x0a80 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:17:05.0860 0x0a80 msisadrv - ok
19:17:05.0865 0x0a80 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:17:05.0869 0x0a80 MSiSCSI - ok
19:17:05.0871 0x0a80 msiserver - ok
19:17:05.0874 0x0a80 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:17:05.0875 0x0a80 MSKSSRV - ok
19:17:05.0878 0x0a80 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:17:05.0879 0x0a80 MsMpSvc - ok
19:17:05.0881 0x0a80 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:17:05.0881 0x0a80 MSPCLOCK - ok
19:17:05.0884 0x0a80 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:17:05.0884 0x0a80 MSPQM - ok
19:17:05.0892 0x0a80 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:17:05.0898 0x0a80 MsRPC - ok
19:17:05.0902 0x0a80 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:17:05.0903 0x0a80 mssmbios - ok
19:17:05.0905 0x0a80 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:17:05.0906 0x0a80 MSTEE - ok
19:17:05.0908 0x0a80 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:17:05.0909 0x0a80 MTConfig - ok
19:17:05.0912 0x0a80 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:17:05.0913 0x0a80 Mup - ok
19:17:05.0923 0x0a80 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:17:05.0931 0x0a80 napagent - ok
19:17:05.0939 0x0a80 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:17:05.0944 0x0a80 NativeWifiP - ok
19:17:05.0962 0x0a80 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:17:05.0977 0x0a80 NDIS - ok
19:17:05.0980 0x0a80 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:17:05.0982 0x0a80 NdisCap - ok
19:17:05.0985 0x0a80 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:17:05.0986 0x0a80 NdisTapi - ok
19:17:05.0989 0x0a80 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:17:05.0990 0x0a80 Ndisuio - ok
19:17:05.0995 0x0a80 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:17:05.0998 0x0a80 NdisWan - ok
19:17:06.0001 0x0a80 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:17:06.0003 0x0a80 NDProxy - ok
19:17:06.0005 0x0a80 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:17:06.0006 0x0a80 NetBIOS - ok
19:17:06.0013 0x0a80 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:17:06.0017 0x0a80 NetBT - ok
19:17:06.0020 0x0a80 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
19:17:06.0021 0x0a80 Netlogon - ok
19:17:06.0030 0x0a80 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:17:06.0035 0x0a80 Netman - ok
19:17:06.0043 0x0a80 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:06.0047 0x0a80 NetMsmqActivator - ok
19:17:06.0051 0x0a80 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:06.0053 0x0a80 NetPipeActivator - ok
19:17:06.0063 0x0a80 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:17:06.0069 0x0a80 netprofm - ok
19:17:06.0073 0x0a80 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:06.0075 0x0a80 NetTcpActivator - ok
19:17:06.0079 0x0a80 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:06.0081 0x0a80 NetTcpPortSharing - ok
19:17:06.0084 0x0a80 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:17:06.0085 0x0a80 nfrd960 - ok
19:17:06.0090 0x0a80 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:17:06.0092 0x0a80 NisDrv - ok
19:17:06.0100 0x0a80 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:17:06.0106 0x0a80 NisSrv - ok
19:17:06.0114 0x0a80 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:17:06.0120 0x0a80 NlaSvc - ok
19:17:06.0123 0x0a80 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:17:06.0124 0x0a80 Npfs - ok
19:17:06.0127 0x0a80 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:17:06.0128 0x0a80 nsi - ok
19:17:06.0130 0x0a80 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:17:06.0131 0x0a80 nsiproxy - ok
19:17:06.0161 0x0a80 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:17:06.0186 0x0a80 Ntfs - ok
19:17:06.0191 0x0a80 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:17:06.0192 0x0a80 Null - ok
19:17:06.0196 0x0a80 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:17:06.0199 0x0a80 nvraid - ok
19:17:06.0204 0x0a80 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:17:06.0207 0x0a80 nvstor - ok
19:17:06.0212 0x0a80 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:17:06.0214 0x0a80 nv_agp - ok
19:17:06.0218 0x0a80 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:17:06.0219 0x0a80 ohci1394 - ok
19:17:06.0223 0x0a80 [ EC322186D8FCE3D632F3F597D67747DD, 3011E02C695B006EF9A82ACC030953B9BEA6CE9AD28D63E4AA7FB4CC14F05CF2 ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
19:17:06.0232 0x0a80 OpenVPNService - ok
19:17:06.0237 0x0a80 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:17:06.0240 0x0a80 ose - ok
19:17:06.0383 0x0a80 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:17:06.0583 0x0a80 osppsvc - ok
19:17:06.0599 0x0a80 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:17:06.0603 0x0a80 p2pimsvc - ok
19:17:06.0614 0x0a80 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:17:06.0619 0x0a80 p2psvc - ok
19:17:06.0624 0x0a80 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
19:17:06.0626 0x0a80 Parport - ok
19:17:06.0630 0x0a80 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:17:06.0631 0x0a80 partmgr - ok
19:17:06.0637 0x0a80 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:17:06.0641 0x0a80 PcaSvc - ok
19:17:06.0646 0x0a80 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:17:06.0649 0x0a80 pci - ok
19:17:06.0652 0x0a80 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:17:06.0653 0x0a80 pciide - ok
19:17:06.0659 0x0a80 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:17:06.0663 0x0a80 pcmcia - ok
19:17:06.0667 0x0a80 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:17:06.0668 0x0a80 pcw - ok
19:17:06.0680 0x0a80 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:17:06.0691 0x0a80 PEAUTH - ok
19:17:06.0715 0x0a80 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:17:06.0716 0x0a80 PerfHost - ok
19:17:06.0745 0x0a80 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:17:06.0767 0x0a80 pla - ok
19:17:06.0778 0x0a80 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:17:06.0785 0x0a80 PlugPlay - ok
19:17:06.0788 0x0a80 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:17:06.0790 0x0a80 PNRPAutoReg - ok
19:17:06.0798 0x0a80 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:17:06.0803 0x0a80 PNRPsvc - ok
19:17:06.0814 0x0a80 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm

Re: Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 10th, 2014, 9:08 pm

19:17:06.0822 0x0a80 PolicyAgent - ok
19:17:06.0829 0x0a80 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:17:06.0833 0x0a80 Power - ok
19:17:06.0837 0x0a80 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:17:06.0839 0x0a80 PptpMiniport - ok
19:17:06.0842 0x0a80 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:17:06.0844 0x0a80 Processor - ok
19:17:06.0850 0x0a80 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
19:17:06.0854 0x0a80 ProfSvc - ok
19:17:06.0857 0x0a80 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:17:06.0858 0x0a80 ProtectedStorage - ok
19:17:06.0862 0x0a80 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:17:06.0865 0x0a80 Psched - ok
19:17:06.0893 0x0a80 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:17:06.0916 0x0a80 ql2300 - ok
19:17:06.0922 0x0a80 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:17:06.0925 0x0a80 ql40xx - ok
19:17:06.0932 0x0a80 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:17:06.0937 0x0a80 QWAVE - ok
19:17:06.0940 0x0a80 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:17:06.0942 0x0a80 QWAVEdrv - ok
19:17:06.0944 0x0a80 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:17:06.0945 0x0a80 RasAcd - ok
19:17:06.0949 0x0a80 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:17:06.0950 0x0a80 RasAgileVpn - ok
19:17:06.0954 0x0a80 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:17:06.0957 0x0a80 RasAuto - ok
19:17:06.0962 0x0a80 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:17:06.0964 0x0a80 Rasl2tp - ok
19:17:06.0972 0x0a80 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:17:06.0979 0x0a80 RasMan - ok
19:17:06.0983 0x0a80 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:17:06.0985 0x0a80 RasPppoe - ok
19:17:06.0989 0x0a80 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:17:06.0990 0x0a80 RasSstp - ok
19:17:06.0997 0x0a80 [ 3B4642DE518A76310C62EEB9A64F771A, 198CF37D779FF9D3D529CF8C222A0A35D04AE3EF69D7861FB3F14D5CC3B3406C ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
19:17:07.0009 0x0a80 Razer Game Scanner Service - ok
19:17:07.0016 0x0a80 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:17:07.0022 0x0a80 rdbss - ok
19:17:07.0025 0x0a80 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:17:07.0026 0x0a80 rdpbus - ok
19:17:07.0028 0x0a80 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:17:07.0029 0x0a80 RDPCDD - ok
19:17:07.0032 0x0a80 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:17:07.0033 0x0a80 RDPENCDD - ok
19:17:07.0036 0x0a80 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:17:07.0037 0x0a80 RDPREFMP - ok
19:17:07.0042 0x0a80 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:17:07.0046 0x0a80 RDPWD - ok
19:17:07.0052 0x0a80 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:17:07.0055 0x0a80 rdyboost - ok
19:17:07.0060 0x0a80 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:17:07.0062 0x0a80 RemoteAccess - ok
19:17:07.0067 0x0a80 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:17:07.0070 0x0a80 RemoteRegistry - ok
19:17:07.0074 0x0a80 [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
19:17:07.0081 0x0a80 Revoflt - ok
19:17:07.0085 0x0a80 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:17:07.0087 0x0a80 RpcEptMapper - ok
19:17:07.0089 0x0a80 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:17:07.0090 0x0a80 RpcLocator - ok
19:17:07.0102 0x0a80 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:17:07.0108 0x0a80 RpcSs - ok
19:17:07.0112 0x0a80 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:17:07.0114 0x0a80 rspndr - ok
19:17:07.0117 0x0a80 [ 0988FECD9D924F5B4855D049E68BAAD3, 788B379B01F26C7C46DF0D3E9E37F9964831AAFD0762DDD17345478A97ADE83D ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
19:17:07.0125 0x0a80 rzdaendpt - ok
19:17:07.0128 0x0a80 [ 41F8F530DEDCF7DB8C567E527658A088, C859269018CC51D8557C33B45FD0ED9B1F80D505DEBC581249F6FB4648E22DEB ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
19:17:07.0136 0x0a80 rzendpt - ok
19:17:07.0140 0x0a80 [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys
19:17:07.0148 0x0a80 rzpmgrk - ok
19:17:07.0153 0x0a80 [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk C:\Windows\system32\drivers\rzpnk.sys
19:17:07.0161 0x0a80 rzpnk - ok
19:17:07.0167 0x0a80 [ C2A49525F6CEEED97A1D9FC950AAF863, DAA57C1C446861C733D3BE668EB247E40CE3871EF8FA0BB91CEB074B7357E0D8 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
19:17:07.0175 0x0a80 rzudd - ok
19:17:07.0179 0x0a80 [ 2AD977273D8B3F2169411E8AED7C8702, FCC3D579AFC9958C0CE3FB202061D36C66FC6803AFD7B99DBFC41412F9131E34 ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
19:17:07.0186 0x0a80 rzvkeyboard - ok
19:17:07.0189 0x0a80 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
19:17:07.0190 0x0a80 SamSs - ok
19:17:07.0191 0x0a80 SASDIFSV - ok
19:17:07.0194 0x0a80 SASKUTIL - ok
19:17:07.0198 0x0a80 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:17:07.0200 0x0a80 sbp2port - ok
19:17:07.0207 0x0a80 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:17:07.0211 0x0a80 SCardSvr - ok
19:17:07.0214 0x0a80 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:17:07.0215 0x0a80 scfilter - ok
19:17:07.0235 0x0a80 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:17:07.0253 0x0a80 Schedule - ok
19:17:07.0258 0x0a80 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:17:07.0259 0x0a80 SCPolicySvc - ok
19:17:07.0264 0x0a80 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:17:07.0268 0x0a80 SDRSVC - ok
19:17:07.0271 0x0a80 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:17:07.0272 0x0a80 secdrv - ok
19:17:07.0275 0x0a80 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:17:07.0277 0x0a80 seclogon - ok
19:17:07.0280 0x0a80 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:17:07.0282 0x0a80 SENS - ok
19:17:07.0286 0x0a80 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:17:07.0287 0x0a80 SensrSvc - ok
19:17:07.0290 0x0a80 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:17:07.0291 0x0a80 Serenum - ok
19:17:07.0295 0x0a80 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:17:07.0297 0x0a80 Serial - ok
19:17:07.0299 0x0a80 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:17:07.0300 0x0a80 sermouse - ok
19:17:07.0307 0x0a80 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:17:07.0310 0x0a80 SessionEnv - ok
19:17:07.0313 0x0a80 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:17:07.0314 0x0a80 sffdisk - ok
19:17:07.0316 0x0a80 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:17:07.0317 0x0a80 sffp_mmc - ok
19:17:07.0319 0x0a80 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:17:07.0320 0x0a80 sffp_sd - ok
19:17:07.0323 0x0a80 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:17:07.0324 0x0a80 sfloppy - ok
19:17:07.0332 0x0a80 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:17:07.0338 0x0a80 SharedAccess - ok
19:17:07.0346 0x0a80 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:17:07.0353 0x0a80 ShellHWDetection - ok
19:17:07.0356 0x0a80 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:17:07.0358 0x0a80 SiSRaid2 - ok
19:17:07.0361 0x0a80 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:17:07.0363 0x0a80 SiSRaid4 - ok
19:17:07.0371 0x0a80 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:17:07.0376 0x0a80 SkypeUpdate - ok
19:17:07.0380 0x0a80 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:17:07.0382 0x0a80 Smb - ok
19:17:07.0387 0x0a80 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:17:07.0388 0x0a80 SNMPTRAP - ok
19:17:07.0391 0x0a80 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:17:07.0391 0x0a80 spldr - ok
19:17:07.0403 0x0a80 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:17:07.0413 0x0a80 Spooler - ok
19:17:07.0474 0x0a80 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:17:07.0515 0x0a80 sppsvc - ok
19:17:07.0522 0x0a80 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:17:07.0524 0x0a80 sppuinotify - ok
19:17:07.0530 0x0a80 [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:17:07.0532 0x0a80 SQLWriter - ok
19:17:07.0542 0x0a80 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:17:07.0550 0x0a80 srv - ok
19:17:07.0560 0x0a80 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:17:07.0567 0x0a80 srv2 - ok
19:17:07.0572 0x0a80 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:17:07.0575 0x0a80 srvnet - ok
19:17:07.0582 0x0a80 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:17:07.0585 0x0a80 SSDPSRV - ok
19:17:07.0589 0x0a80 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:17:07.0592 0x0a80 SstpSvc - ok
19:17:07.0609 0x0a80 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:17:07.0622 0x0a80 Steam Client Service - ok
19:17:07.0626 0x0a80 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:17:07.0627 0x0a80 stexstor - ok
19:17:07.0639 0x0a80 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:17:07.0649 0x0a80 stisvc - ok
19:17:07.0652 0x0a80 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:17:07.0653 0x0a80 swenum - ok
19:17:07.0664 0x0a80 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:17:07.0674 0x0a80 swprv - ok
19:17:07.0708 0x0a80 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:17:07.0736 0x0a80 SysMain - ok
19:17:07.0742 0x0a80 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:17:07.0746 0x0a80 TabletInputService - ok
19:17:07.0749 0x0a80 [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
19:17:07.0750 0x0a80 tap0901 - ok
19:17:07.0754 0x0a80 [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
19:17:07.0755 0x0a80 taphss6 - ok
19:17:07.0763 0x0a80 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:17:07.0769 0x0a80 TapiSrv - ok
19:17:07.0773 0x0a80 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:17:07.0775 0x0a80 TBS - ok
19:17:07.0809 0x0a80 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:17:07.0838 0x0a80 Tcpip - ok
19:17:07.0874 0x0a80 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:17:07.0896 0x0a80 TCPIP6 - ok
19:17:07.0903 0x0a80 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:17:07.0904 0x0a80 tcpipreg - ok
19:17:07.0908 0x0a80 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:17:07.0909 0x0a80 TDPIPE - ok
19:17:07.0912 0x0a80 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:17:07.0913 0x0a80 TDTCP - ok
19:17:07.0917 0x0a80 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:17:07.0920 0x0a80 tdx - ok
19:17:07.0993 0x0a80 [ 57DDE1395F86EE048AB25717EEB8CAEB, 762771C81A229D860968409929A14838C4F0362A3061DFB62F34066CDD1B27B5 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:17:08.0058 0x0a80 TeamViewer8 - ok
19:17:08.0066 0x0a80 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:17:08.0067 0x0a80 TermDD - ok
19:17:08.0081 0x0a80 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:17:08.0093 0x0a80 TermService - ok
19:17:08.0097 0x0a80 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:17:08.0099 0x0a80 Themes - ok
19:17:08.0102 0x0a80 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:17:08.0103 0x0a80 THREADORDER - ok
19:17:08.0108 0x0a80 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:17:08.0111 0x0a80 TrkWks - ok
19:17:08.0117 0x0a80 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:17:08.0120 0x0a80 TrustedInstaller - ok
19:17:08.0125 0x0a80 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:17:08.0126 0x0a80 tssecsrv - ok
19:17:08.0129 0x0a80 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:17:08.0131 0x0a80 TsUsbFlt - ok
19:17:08.0134 0x0a80 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:17:08.0135 0x0a80 TsUsbGD - ok
19:17:08.0140 0x0a80 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:17:08.0142 0x0a80 tunnel - ok
19:17:08.0145 0x0a80 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:17:08.0147 0x0a80 uagp35 - ok
19:17:08.0166 0x0a80 [ 26672F93749AC9FD28DA1B0F94EFA78D, 4DC4AE5FFC4A126E289D317979E3ED8F7235C4836AF6C161C4068DBC06948CEF ] ucgnsta C:\Windows\system32\DRIVERS\ucgnstax.sys
19:17:08.0190 0x0a80 ucgnsta - ok
19:17:08.0199 0x0a80 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:17:08.0205 0x0a80 udfs - ok
19:17:08.0210 0x0a80 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:17:08.0212 0x0a80 UI0Detect - ok
19:17:08.0216 0x0a80 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:17:08.0217 0x0a80 uliagpkx - ok
19:17:08.0221 0x0a80 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:17:08.0222 0x0a80 umbus - ok
19:17:08.0225 0x0a80 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:17:08.0226 0x0a80 UmPass - ok
19:17:08.0235 0x0a80 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:17:08.0240 0x0a80 upnphost - ok
19:17:08.0244 0x0a80 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:17:08.0246 0x0a80 USBAAPL64 - ok
19:17:08.0250 0x0a80 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:17:08.0252 0x0a80 usbaudio - ok
19:17:08.0256 0x0a80 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:17:08.0258 0x0a80 usbccgp - ok
19:17:08.0262 0x0a80 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:17:08.0265 0x0a80 usbcir - ok
19:17:08.0268 0x0a80 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:17:08.0270 0x0a80 usbehci - ok
19:17:08.0278 0x0a80 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:17:08.0283 0x0a80 usbhub - ok
19:17:08.0287 0x0a80 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:17:08.0288 0x0a80 usbohci - ok
19:17:08.0290 0x0a80 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:17:08.0292 0x0a80 usbprint - ok
19:17:08.0296 0x0a80 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:17:08.0298 0x0a80 USBSTOR - ok
19:17:08.0301 0x0a80 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:17:08.0302 0x0a80 usbuhci - ok
19:17:08.0305 0x0a80 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:17:08.0307 0x0a80 UxSms - ok
19:17:08.0310 0x0a80 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
19:17:08.0311 0x0a80 VaultSvc - ok
19:17:08.0314 0x0a80 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:17:08.0315 0x0a80 vdrvroot - ok
19:17:08.0326 0x0a80 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:17:08.0335 0x0a80 vds - ok
19:17:08.0339 0x0a80 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:17:08.0340 0x0a80 vga - ok
19:17:08.0342 0x0a80 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:17:08.0344 0x0a80 VgaSave - ok
19:17:08.0349 0x0a80 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:17:08.0353 0x0a80 vhdmp - ok
19:17:08.0356 0x0a80 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:17:08.0357 0x0a80 viaide - ok
19:17:08.0361 0x0a80 [ F9D116EF357C1026B4F6BF670541426A, FA6F29EB0A6A5788E67EC1EC0B120B0E7E1B3E722AE6A405A8F7907A3A9A9C8E ] vmwvusb C:\Windows\system32\Drivers\vmwvusb.sys
19:17:08.0362 0x0a80 vmwvusb - ok
19:17:08.0365 0x0a80 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:17:08.0367 0x0a80 volmgr - ok
19:17:08.0375 0x0a80 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:17:08.0380 0x0a80 volmgrx - ok
19:17:08.0388 0x0a80 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:17:08.0392 0x0a80 volsnap - ok
19:17:08.0398 0x0a80 [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
19:17:08.0401 0x0a80 VsEtwService120 - ok
19:17:08.0406 0x0a80 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:17:08.0409 0x0a80 vsmraid - ok
19:17:08.0442 0x0a80 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:17:08.0469 0x0a80 VSS - ok
19:17:08.0474 0x0a80 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:17:08.0475 0x0a80 vwifibus - ok
19:17:08.0478 0x0a80 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:17:08.0480 0x0a80 vwififlt - ok
19:17:08.0482 0x0a80 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:17:08.0483 0x0a80 vwifimp - ok
19:17:08.0492 0x0a80 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:17:08.0499 0x0a80 W32Time - ok
19:17:08.0504 0x0a80 [ FDA15A0510F84FA46452B74529147A15, DAF92C2B733311B767895175E27B671C80DC028EEB477C28E0209C6467E072D1 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
19:17:08.0506 0x0a80 WacHidRouter - ok
19:17:08.0509 0x0a80 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:17:08.0510 0x0a80 WacomPen - ok
19:17:08.0513 0x0a80 [ EABFDBDC9BEDD325F260A3A9FEE5B3F9, 496AD989DA6F500140FCDB88C65CECD4F306D3FBDAACE1D42C5312C1E321B9D1 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
19:17:08.0514 0x0a80 wacomrouterfilter - ok
19:17:08.0518 0x0a80 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:17:08.0519 0x0a80 WANARP - ok
19:17:08.0522 0x0a80 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:17:08.0524 0x0a80 Wanarpv6 - ok
19:17:08.0546 0x0a80 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:17:08.0566 0x0a80 WatAdminSvc - ok
19:17:08.0595 0x0a80 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:17:08.0619 0x0a80 wbengine - ok
19:17:08.0627 0x0a80 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:17:08.0632 0x0a80 WbioSrvc - ok
19:17:08.0640 0x0a80 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:17:08.0647 0x0a80 wcncsvc - ok
19:17:08.0651 0x0a80 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:17:08.0653 0x0a80 WcsPlugInService - ok
19:17:08.0656 0x0a80 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:17:08.0657 0x0a80 Wd - ok
19:17:08.0660 0x0a80 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:17:08.0661 0x0a80 WDC_SAM - ok
19:17:08.0676 0x0a80 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:17:08.0688 0x0a80 Wdf01000 - ok
19:17:08.0693 0x0a80 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:17:08.0696 0x0a80 WdiServiceHost - ok
19:17:08.0699 0x0a80 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:17:08.0701 0x0a80 WdiSystemHost - ok
19:17:08.0708 0x0a80 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
19:17:08.0713 0x0a80 WebClient - ok
19:17:08.0720 0x0a80 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:17:08.0725 0x0a80 Wecsvc - ok
19:17:08.0729 0x0a80 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:17:08.0732 0x0a80 wercplsupport - ok
19:17:08.0736 0x0a80 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:17:08.0738 0x0a80 WerSvc - ok
19:17:08.0741 0x0a80 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:17:08.0742 0x0a80 WfpLwf - ok
19:17:08.0744 0x0a80 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:17:08.0745 0x0a80 WIMMount - ok
19:17:08.0747 0x0a80 WinDefend - ok
19:17:08.0751 0x0a80 WinHttpAutoProxySvc - ok
19:17:08.0760 0x0a80 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:17:08.0764 0x0a80 Winmgmt - ok
19:17:08.0768 0x0a80 [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\Razer\Driver\WinRing0x64.sys
19:17:08.0775 0x0a80 WinRing0_1_2_0 - ok
19:17:08.0810 0x0a80 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
19:17:08.0841 0x0a80 WinRM - ok
19:17:08.0850 0x0a80 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:17:08.0851 0x0a80 WinUsb - ok
19:17:08.0868 0x0a80 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:17:08.0883 0x0a80 Wlansvc - ok
19:17:08.0923 0x0a80 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:17:08.0949 0x0a80 wlidsvc - ok
19:17:08.0955 0x0a80 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:17:08.0955 0x0a80 WmiAcpi - ok
19:17:08.0962 0x0a80 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:17:08.0965 0x0a80 wmiApSrv - ok
19:17:08.0967 0x0a80 WMPNetworkSvc - ok
19:17:08.0970 0x0a80 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:17:08.0972 0x0a80 WPCSvc - ok
19:17:08.0976 0x0a80 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:17:08.0979 0x0a80 WPDBusEnum - ok
19:17:08.0983 0x0a80 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:17:08.0984 0x0a80 ws2ifsl - ok
19:17:08.0988 0x0a80 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:17:08.0990 0x0a80 wscsvc - ok
19:17:08.0992 0x0a80 WSearch - ok
19:17:09.0071 0x0a80 [ D50CD7E45963F42F54B045BFB22A41EF, A0E42E5ECFB564AF7386F9A40E41AB951C90B8790D33EAFE3AA14B18E818CEF7 ] wsnm E:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
19:17:09.0121 0x0a80 wsnm - ok
19:17:09.0161 0x0a80 [ 0872B00981A1D64ABED903023D2D7F26, 992D057889BBAA215BC3402AEFC37B60356C883FB74D14E8DAD11AE7DFE385C3 ] wsnm_usbctrl E:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
19:17:09.0207 0x0a80 wsnm_usbctrl - ok
19:17:09.0223 0x0a80 [ FF3F745A22B0C9C2EF1600762E8858A1, A63A66537A5316963825A963F2A9EC2BEB68027EB3A2EF28DC2C936FF194915A ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
19:17:09.0244 0x0a80 WTabletServiceCon - ok
19:17:09.0288 0x0a80 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
19:17:09.0317 0x0a80 wuauserv - ok
19:17:09.0324 0x0a80 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:17:09.0326 0x0a80 WudfPf - ok
19:17:09.0333 0x0a80 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:17:09.0338 0x0a80 WUDFRd - ok
19:17:09.0342 0x0a80 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:17:09.0345 0x0a80 wudfsvc - ok
19:17:09.0351 0x0a80 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:17:09.0356 0x0a80 WwanSvc - ok
19:17:09.0378 0x0a80 X6va012 - ok
19:17:09.0380 0x0a80 X6va013 - ok
19:17:09.0385 0x0a80 ================ Scan global ===============================
19:17:09.0388 0x0a80 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:17:09.0395 0x0a80 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:17:09.0404 0x0a80 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:17:09.0409 0x0a80 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:17:09.0417 0x0a80 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:17:09.0423 0x0a80 [ Global ] - ok
19:17:09.0424 0x0a80 ================ Scan MBR ==================================
19:17:09.0425 0x0a80 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:17:09.0428 0x0a80 \Device\Harddisk0\DR0 - ok
19:17:09.0430 0x0a80 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:17:09.0500 0x0a80 \Device\Harddisk1\DR1 - ok
19:17:09.0500 0x0a80 ================ Scan VBR ==================================
19:17:09.0503 0x0a80 [ AEE8A30EC961C59DDAD87A3F4B563CD4 ] \Device\Harddisk0\DR0\Partition1
19:17:09.0572 0x0a80 \Device\Harddisk0\DR0\Partition1 - ok
19:17:09.0575 0x0a80 [ E2B77965A304B0F2B8476A05EBAA3158 ] \Device\Harddisk1\DR1\Partition1
19:17:09.0577 0x0a80 \Device\Harddisk1\DR1\Partition1 - ok
19:17:09.0580 0x0a80 [ 62DDE1E8501E8093071421319C7EF1B7 ] \Device\Harddisk1\DR1\Partition2
19:17:09.0581 0x0a80 \Device\Harddisk1\DR1\Partition2 - ok
19:17:09.0582 0x0a80 ================ Scan generic autorun ======================
19:17:09.0619 0x0a80 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
19:17:09.0634 0x0a80 MSC - ok
19:17:09.0657 0x0a80 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:17:09.0675 0x0a80 Sidebar - ok
19:17:09.0680 0x0a80 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:17:09.0682 0x0a80 mctadmin - ok
19:17:09.0704 0x0a80 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:17:09.0717 0x0a80 Sidebar - ok
19:17:09.0721 0x0a80 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:17:09.0723 0x0a80 mctadmin - ok
19:17:09.0756 0x0a80 [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
19:17:09.0821 0x0a80 Spotify Web Helper - ok
19:17:09.0828 0x0a80 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe
19:17:09.0830 0x0a80 Google Update - ok
19:17:09.0838 0x0a80 [ F6672A0D95E30629D38AA9DC56CD458A, 80F926287A91C2092AE0AC3EF1FA99342AAA6916D9526E94B1A0A974FB7E86A5 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
19:17:09.0842 0x0a80 HydraVisionDesktopManager - ok
19:17:09.0843 0x0a80 LightShot - ok
19:17:09.0844 0x0a80 Waiting for KSN requests completion. In queue: 325
19:17:10.0844 0x0a80 Waiting for KSN requests completion. In queue: 325
19:17:11.0844 0x0a80 Waiting for KSN requests completion. In queue: 19
19:17:12.0871 0x0a80 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
19:17:12.0874 0x0a80 AV detected via SS2: ESET Smart Security 6.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 6.0.316.0 ), 0x40010 ( disabled : outofdate )
19:17:12.0876 0x0a80 FW detected via SS2: ESET Personal firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 6.0.316.0 ), 0x40010 ( disabled )
19:17:12.0882 0x0a80 Win FW state via NFP2: disabled
19:17:15.0513 0x0a80 ============================================================
19:17:15.0513 0x0a80 Scan finished
19:17:15.0513 0x0a80 ============================================================
19:17:15.0521 0x1638 Detected object count: 0
19:17:15.0521 0x1638 Actual detected object count: 0
19:17:32.0941 0x1510 ============================================================
19:17:32.0941 0x1510 Scan started
19:17:32.0941 0x1510 Mode: Manual; SigCheck;
19:17:32.0941 0x1510 ============================================================
19:17:32.0941 0x1510 KSN ping started
19:17:35.0724 0x1510 KSN ping finished: true
19:17:35.0858 0x1510 ================ Scan system memory ========================
19:17:35.0858 0x1510 System memory - ok
19:17:35.0859 0x1510 ================ Scan services =============================
19:17:35.0905 0x1510 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:17:35.0941 0x1510 1394ohci - ok
19:17:35.0950 0x1510 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:17:35.0962 0x1510 ACPI - ok
19:17:35.0965 0x1510 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:17:35.0982 0x1510 AcpiPmi - ok
19:17:35.0989 0x1510 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:17:35.0996 0x1510 AdobeARMservice - ok
19:17:36.0031 0x1510 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:17:36.0040 0x1510 AdobeFlashPlayerUpdateSvc - ok
19:17:36.0052 0x1510 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:17:36.0065 0x1510 adp94xx - ok
19:17:36.0074 0x1510 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:17:36.0085 0x1510 adpahci - ok
19:17:36.0091 0x1510 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:17:36.0099 0x1510 adpu320 - ok
19:17:36.0105 0x1510 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:17:36.0163 0x1510 AeLookupSvc - ok
19:17:36.0177 0x1510 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
19:17:36.0197 0x1510 AFD - ok
19:17:36.0202 0x1510 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:17:36.0208 0x1510 agp440 - ok
19:17:36.0213 0x1510 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:17:36.0223 0x1510 ALG - ok
19:17:36.0226 0x1510 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:17:36.0233 0x1510 aliide - ok
19:17:36.0240 0x1510 [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:17:36.0259 0x1510 AMD External Events Utility - ok
19:17:36.0262 0x1510 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:17:36.0269 0x1510 amdide - ok
19:17:36.0273 0x1510 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:17:36.0283 0x1510 AmdK8 - ok
19:17:36.0525 0x1510 [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:17:36.0753 0x1510 amdkmdag - ok
19:17:36.0783 0x1510 [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:17:36.0803 0x1510 amdkmdap - ok
19:17:36.0808 0x1510 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:17:36.0817 0x1510 AmdPPM - ok
19:17:36.0822 0x1510 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:17:36.0830 0x1510 amdsata - ok
19:17:36.0836 0x1510 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:17:36.0845 0x1510 amdsbs - ok
19:17:36.0848 0x1510 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:17:36.0855 0x1510 amdxata - ok
19:17:36.0859 0x1510 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
19:17:36.0920 0x1510 AppID - ok
19:17:36.0924 0x1510 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:17:36.0945 0x1510 AppIDSvc - ok
19:17:36.0949 0x1510 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:17:36.0959 0x1510 Appinfo - ok
19:17:36.0965 0x1510 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:17:36.0971 0x1510 Apple Mobile Device - ok
19:17:36.0975 0x1510 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
19:17:36.0982 0x1510 arc - ok
19:17:36.0986 0x1510 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:17:36.0993 0x1510 arcsas - ok
19:17:37.0009 0x1510 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:17:37.0017 0x1510 aspnet_state - ok
19:17:37.0020 0x1510 AsrCDDrv - ok
19:17:37.0023 0x1510 [ 0C3F9E39C0B10D351026D580D9FF6F86, 0A19F09FD2EF200BED07CDBC4AAF41261A0C0468F680A5AAEBCD26B371676D53 ] AsrRamDisk C:\Windows\system32\DRIVERS\AsrRamDisk.sys
19:17:37.0033 0x1510 AsrRamDisk - ok
19:17:37.0036 0x1510 [ 30F92A4B666E1E53C418B2D3024FDF6E, 164639CD210201FFEE76E7F63A9484419BF396EA416AAACDECFC501349A790AB ] AsrVDrive C:\Windows\system32\DRIVERS\AsrVDrive.sys
19:17:37.0042 0x1510 AsrVDrive - ok
19:17:37.0045 0x1510 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:17:37.0066 0x1510 AsyncMac - ok
19:17:37.0070 0x1510 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:17:37.0076 0x1510 atapi - ok
19:17:37.0082 0x1510 [ 770A3B0D78232B0C1054495392A1FBA3, 733BB08BAFE42E848F3A3CDFD80A2C37DB829CAD2E18B3D6299FDEE6EF30C9CD ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:17:37.0091 0x1510 AtiHDAudioService - ok
19:17:37.0106 0x1510 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:17:37.0126 0x1510 AudioEndpointBuilder - ok
19:17:37.0140 0x1510 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:17:37.0158 0x1510 AudioSrv - ok
19:17:37.0163 0x1510 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:17:37.0182 0x1510 AxInstSV - ok
19:17:37.0193 0x1510 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:17:37.0208 0x1510 b06bdrv - ok
19:17:37.0216 0x1510 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:17:37.0228 0x1510 b57nd60a - ok
19:17:37.0233 0x1510 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:17:37.0242 0x1510 BDESVC - ok
19:17:37.0245 0x1510 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:17:37.0266 0x1510 Beep - ok
19:17:37.0269 0x1510 [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:17:37.0273 0x1510 BEService - detected UnsignedFile.Multi.Generic ( 1 )
19:17:37.0273 0x1510 Detect skipped due to KSN trusted
19:17:37.0274 0x1510 BEService - ok
19:17:37.0288 0x1510 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:17:37.0307 0x1510 BFE - ok
19:17:37.0325 0x1510 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:17:37.0359 0x1510 BITS - ok
19:17:37.0364 0x1510 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:17:37.0372 0x1510 blbdrive - ok
19:17:37.0383 0x1510 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:17:37.0394 0x1510 Bonjour Service - ok
19:17:37.0399 0x1510 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:17:37.0408 0x1510 bowser - ok
19:17:37.0412 0x1510 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:17:37.0421 0x1510 BrFiltLo - ok
19:17:37.0423 0x1510 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:17:37.0432 0x1510 BrFiltUp - ok
19:17:37.0437 0x1510 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:17:37.0448 0x1510 Browser - ok
19:17:37.0455 0x1510 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:17:37.0468 0x1510 Brserid - ok
19:17:37.0472 0x1510 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:17:37.0482 0x1510 BrSerWdm - ok
19:17:37.0485 0x1510 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:17:37.0494 0x1510 BrUsbMdm - ok
19:17:37.0497 0x1510 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:17:37.0504 0x1510 BrUsbSer - ok
19:17:37.0508 0x1510 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:17:37.0518 0x1510 BTHMODEM - ok
19:17:37.0523 0x1510 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:17:37.0545 0x1510 bthserv - ok
19:17:37.0572 0x1510 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
19:17:37.0599 0x1510 c2cautoupdatesvc - ok
19:17:37.0633 0x1510 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
19:17:37.0666 0x1510 c2cpnrsvc - ok
19:17:37.0672 0x1510 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:17:37.0694 0x1510 cdfs - ok
19:17:37.0700 0x1510 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:17:37.0710 0x1510 cdrom - ok
19:17:37.0714 0x1510 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:17:37.0735 0x1510 CertPropSvc - ok
19:17:37.0781 0x1510 [ 213B6EC3DE19E35373A1906397588429, C72B74D4840946DC6952B9F6C4A568DA702DD2D6E211AA5BB7F82EF481F449C6 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
19:17:37.0821 0x1510 CGVPNCliSrvc - ok
19:17:37.0827 0x1510 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:17:37.0837 0x1510 circlass - ok
19:17:37.0846 0x1510 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:17:37.0857 0x1510 CLFS - ok
19:17:37.0862 0x1510 [ 48ADC94A8FD3E7013153A1E5CD74363F, 5F8D194B62457CE2E0445FD16863DF4DC33DBB52AAF0625D70DA3E5BEC576739 ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
19:17:37.0868 0x1510 CLPSLauncher - ok
19:17:37.0874 0x1510 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:17:37.0881 0x1510 clr_optimization_v2.0.50727_32 - ok
19:17:37.0887 0x1510 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:17:37.0895 0x1510 clr_optimization_v2.0.50727_64 - ok
19:17:37.0906 0x1510 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:17:37.0915 0x1510 clr_optimization_v4.0.30319_32 - ok
19:17:37.0928 0x1510 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:17:37.0937 0x1510 clr_optimization_v4.0.30319_64 - ok
19:17:37.0941 0x1510 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:17:37.0949 0x1510 CmBatt - ok
19:17:37.0952 0x1510 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:17:37.0958 0x1510 cmdide - ok
19:17:37.0969 0x1510 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
19:17:37.0986 0x1510 CNG - ok
19:17:37.0990 0x1510 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:17:37.0997 0x1510 Compbatt - ok
19:17:38.0000 0x1510 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:17:38.0010 0x1510 CompositeBus - ok
19:17:38.0013 0x1510 COMSysApp - ok
19:17:38.0050 0x1510 [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:17:38.0064 0x1510 cphs - ok
19:17:38.0068 0x1510 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:17:38.0074 0x1510 crcdisk - ok
19:17:38.0081 0x1510 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:17:38.0092 0x1510 CryptSvc - ok
19:17:38.0105 0x1510 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:17:38.0134 0x1510 DcomLaunch - ok
19:17:38.0142 0x1510 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:17:38.0168 0x1510 defragsvc - ok
19:17:38.0173 0x1510 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:17:38.0195 0x1510 DfsC - ok
19:17:38.0203 0x1510 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:17:38.0217 0x1510 Dhcp - ok
19:17:38.0221 0x1510 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:17:38.0242 0x1510 discache - ok
19:17:38.0246 0x1510 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
19:17:38.0253 0x1510 Disk - ok
19:17:38.0259 0x1510 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:17:38.0270 0x1510 Dnscache - ok
19:17:38.0277 0x1510 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:17:38.0301 0x1510 dot3svc - ok
19:17:38.0307 0x1510 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:17:38.0330 0x1510 DPS - ok
19:17:38.0370 0x1510 [ 188D8586D8615279ED4C31144010B46A, C2D1DADE63188A93BD8C3F84CDBCEA5B85434F8DED7FDDB21D101356F52AE198 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
19:17:38.0406 0x1510 DragonUpdater - ok
19:17:38.0412 0x1510 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:17:38.0420 0x1510 drmkaud - ok
19:17:38.0440 0x1510 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:17:38.0460 0x1510 DXGKrnl - ok
19:17:38.0468 0x1510 [ 398904F1FBF13CEF0FCB822E9CA5F2D5, 7CC204FCC111C2098ECDBD0AA4EDA382091665ECAB1B50AD48E0A1766F589D82 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
19:17:38.0477 0x1510 eamonm - ok
19:17:38.0482 0x1510 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:17:38.0506 0x1510 EapHost - ok
19:17:38.0508 0x1510 EasyAntiCheat - ok
19:17:38.0565 0x1510 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:17:38.0626 0x1510 ebdrv - ok
19:17:38.0633 0x1510 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
19:17:38.0642 0x1510 EFS - ok
19:17:38.0647 0x1510 [ 9E39134330C18CBAC0F24C1283701D7E, 6F6B2AB6CD1932216BA516F4DE8316BE9625CFAF602522A99F77351A538E5799 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
19:17:38.0655 0x1510 ehdrv - ok
19:17:38.0669 0x1510 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:17:38.0688 0x1510 ehRecvr - ok
19:17:38.0693 0x1510 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:17:38.0703 0x1510 ehSched - ok
19:17:38.0728 0x1510 [ 7FE34FD5652C54BDA8D2DF8AC92E833A, 2B2836F47398AAD173F0D5C016B3B4DAB13F4EEC991B05D3C8B1DF310B25A96A ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
19:17:38.0752 0x1510 ekrn - ok
19:17:38.0766 0x1510 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:17:38.0780 0x1510 elxstor - ok
19:17:38.0786 0x1510 [ 392EC4EA0C265F5BC50D057BEAA593CD, 389B99607D4F50508BD96FADD0280AFB91C28D2F13C07668B78DBF780AC4127C ] epfw C:\Windows\system32\DRIVERS\epfw.sys
19:17:38.0794 0x1510 epfw - ok
19:17:38.0798 0x1510 [ AD03E0C95E750F3FBE84EDA87B2C4E08, E76094B88030037903F2A2E21A55CAADB3828693E1EE2D8219DD440A2CAE14D0 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
19:17:38.0804 0x1510 epfwwfp - ok
19:17:38.0817 0x1510 [ 1E0764A8A8F39BAAEB271DA597422584, 0FEC21BF69925496E11DCDBB3409F63C0F7970FF2B68391CD6E3EF6F566FD2A3 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
19:17:38.0831 0x1510 EpsonCustomerParticipation - ok
19:17:38.0837 0x1510 [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
19:17:38.0844 0x1510 EpsonScanSvc - ok
19:17:38.0846 0x1510 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:17:38.0854 0x1510 ErrDev - ok
19:17:38.0860 0x1510 [ 4DFF30CABF8D894137AD7F4A78E2BCE0, 821245D23B979ADAA95F9059A27F3B9E772C4261B61868E8AF717512494A9B1F ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys
19:17:38.0868 0x1510 EuMusDesignVirtualAudioCableWdm - ok
19:17:38.0880 0x1510 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:17:38.0908 0x1510 EventSystem - ok
19:17:38.0916 0x1510 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:17:38.0939 0x1510 exfat - ok
19:17:38.0945 0x1510 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:17:38.0969 0x1510 fastfat - ok
19:17:38.0985 0x1510 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:17:39.0004 0x1510 Fax - ok
19:17:39.0008 0x1510 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
19:17:39.0016 0x1510 fdc - ok
19:17:39.0020 0x1510 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:17:39.0042 0x1510 fdPHost - ok
19:17:39.0046 0x1510 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:17:39.0067 0x1510 FDResPub - ok
19:17:39.0070 0x1510 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:17:39.0077 0x1510 FileInfo - ok
19:17:39.0080 0x1510 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:17:39.0103 0x1510 Filetrace - ok
19:17:39.0128 0x1510 [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:17:39.0154 0x1510 FLEXnet Licensing Service 64 - ok
19:17:39.0159 0x1510 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:17:39.0167 0x1510 flpydisk - ok
19:17:39.0175 0x1510 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:17:39.0185 0x1510 FltMgr - ok
19:17:39.0189 0x1510 [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
19:17:39.0195 0x1510 FNETTBOH_305 - ok
19:17:39.0198 0x1510 [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
19:17:39.0204 0x1510 FNETURPX - ok
19:17:39.0227 0x1510 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
19:17:39.0253 0x1510 FontCache - ok
19:17:39.0258 0x1510 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:17:39.0264 0x1510 FontCache3.0.0.0 - ok
19:17:39.0268 0x1510 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:17:39.0275 0x1510 FsDepends - ok
19:17:39.0279 0x1510 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:17:39.0285 0x1510 Fs_Rec - ok
19:17:39.0292 0x1510 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:17:39.0302 0x1510 fvevol - ok
19:17:39.0307 0x1510 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:17:39.0313 0x1510 gagp30kx - ok
19:17:39.0317 0x1510 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:17:39.0322 0x1510 GEARAspiWDM - ok
19:17:39.0367 0x1510 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
19:17:39.0405 0x1510 GeekBuddyRSP - ok
19:17:39.0548 0x1510 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:17:39.0596 0x1510 gpsvc - ok
19:17:39.0602 0x1510 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:17:39.0609 0x1510 gupdate - ok
19:17:39.0613 0x1510 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:17:39.0619 0x1510 gupdatem - ok
19:17:39.0622 0x1510 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:17:39.0628 0x1510 hamachi - ok
19:17:39.0666 0x1510 [ 55706A31E8E2E67763ECD10F19CC3449, C3AC7243B56B0420EBBC0E0D7DDA5D602A2C88349963B23101E49D456EED7A2D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:17:39.0703 0x1510 Hamachi2Svc - ok
19:17:39.0710 0x1510 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:17:39.0718 0x1510 hcw85cir - ok
19:17:39.0727 0x1510 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:17:39.0741 0x1510 HdAudAddService - ok
19:17:39.0746 0x1510 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:17:39.0758 0x1510 HDAudBus - ok
19:17:39.0761 0x1510 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:17:39.0769 0x1510 HidBatt - ok
19:17:39.0777 0x1510 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:17:39.0788 0x1510 HidBth - ok
19:17:39.0792 0x1510 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:17:39.0801 0x1510 HidIr - ok
19:17:39.0805 0x1510 [ 46BBE8EA221461A65F18A078528F4B2C, C0B0D35E2A6C750E5505156694F41F987AB548449F6C9DB1EEEAF12E5F146AD7 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
19:17:39.0811 0x1510 hidkmdf - ok
19:17:39.0814 0x1510 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:17:39.0836 0x1510 hidserv - ok
19:17:39.0839 0x1510 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:17:39.0847 0x1510 HidUsb - ok
19:17:39.0851 0x1510 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:17:39.0872 0x1510 hkmsvc - ok
19:17:39.0879 0x1510 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:17:39.0890 0x1510 HomeGroupListener - ok
19:17:39.0897 0x1510 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:17:39.0908 0x1510 HomeGroupProvider - ok
19:17:39.0912 0x1510 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:17:39.0919 0x1510 HpSAMD - ok
19:17:39.0934 0x1510 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:17:39.0965 0x1510 HTTP - ok
19:17:39.0969 0x1510 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:17:39.0975 0x1510 hwpolicy - ok
19:17:39.0980 0x1510 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:17:39.0989 0x1510 i8042prt - ok
19:17:39.0999 0x1510 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:17:40.0011 0x1510 iaStorV - ok
19:17:40.0029 0x1510 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:17:40.0046 0x1510 idsvc - ok
19:17:40.0050 0x1510 IEEtwCollectorService - ok
19:17:40.0139 0x1510 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:17:40.0240 0x1510 igfx - ok
19:17:40.0250 0x1510 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:17:40.0257 0x1510 iirsp - ok
19:17:40.0274 0x1510 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:17:40.0296 0x1510 IKEEXT - ok
19:17:40.0398 0x1510 [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:17:40.0474 0x1510 IntcAzAudAddService - ok
19:17:40.0484 0x1510 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:17:40.0490 0x1510 intelide - ok
19:17:40.0495 0x1510 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:17:40.0504 0x1510 intelppm - ok
19:17:40.0510 0x1510 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:17:40.0534 0x1510 IPBusEnum - ok
19:17:40.0538 0x1510 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:17:40.0561 0x1510 IpFilterDriver - ok
19:17:40.0574 0x1510 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:17:40.0592 0x1510 iphlpsvc - ok
19:17:40.0597 0x1510 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:17:40.0606 0x1510 IPMIDRV - ok
19:17:40.0611 0x1510 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:17:40.0633 0x1510 IPNAT - ok
19:17:40.0646 0x1510 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:17:40.0661 0x1510 iPod Service - ok
19:17:40.0666 0x1510 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:17:40.0676 0x1510 IRENUM - ok
19:17:40.0679 0x1510 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:17:40.0686 0x1510 isapnp - ok
19:17:40.0694 0x1510 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:17:40.0703 0x1510 iScsiPrt - ok
19:17:40.0707 0x1510 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
19:17:40.0713 0x1510 ISCT - ok
19:17:40.0716 0x1510 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:17:40.0722 0x1510 iusb3hcs - ok
19:17:40.0732 0x1510 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
19:17:40.0742 0x1510 iusb3hub - ok
19:17:40.0759 0x1510 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:17:40.0775 0x1510 iusb3xhc - ok
19:17:40.0781 0x1510 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:17:40.0788 0x1510 kbdclass - ok
19:17:40.0792 0x1510 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:17:40.0800 0x1510 kbdhid - ok
19:17:40.0803 0x1510 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
19:17:40.0811 0x1510 KeyIso - ok
19:17:40.0817 0x1510 [ 783BEB99743BACB9586CCB70356449C5, CEE63FC2E7937B181743D4CFE837FFB29E3BF94BBA5394A3B5FFAF5142EF0D48 ] KeyScrambler C:\Windows\system32\drivers\keyscrambler.sys
19:17:40.0826 0x1510 KeyScrambler - ok
19:17:40.0831 0x1510 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:17:40.0838 0x1510 KSecDD - ok
19:17:40.0845 0x1510 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:17:40.0853 0x1510 KSecPkg - ok
19:17:40.0856 0x1510 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:17:40.0877 0x1510 ksthunk - ok
19:17:40.0886 0x1510 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:17:40.0914 0x1510 KtmRm - ok
19:17:40.0921 0x1510 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:17:40.0946 0x1510 LanmanServer - ok
19:17:40.0951 0x1510 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:17:40.0974 0x1510 LanmanWorkstation - ok
19:17:40.0979 0x1510 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:17:41.0000 0x1510 lltdio - ok
19:17:41.0007 0x1510 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:17:41.0033 0x1510 lltdsvc - ok
19:17:41.0036 0x1510 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:17:41.0057 0x1510 lmhosts - ok
19:17:41.0066 0x1510 [ 206D1495952A86E30CC997EA10A68A6C, 27020706A93B776FF3C839F7130B9D864C5BD2F401367C3E4D7729C968986B98 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
19:17:41.0077 0x1510 LMIGuardianSvc - ok
19:17:41.0081 0x1510 [ 0F28935ECF1FBDEC22BAF720A5A94564, A4E8E13FD7FE1882243AD7139D5E0925F09069616920382F952D79586A4936E7 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
19:17:41.0086 0x1510 LMIInfo - ok
19:17:41.0092 0x1510 [ FF0935EBF4008F9299450D4FB5307CC0, 6A5060904991CEC7D0335BCEC1EF5AFF4E02018D4B9779D55EF865D36E81E1AF ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
19:17:41.0100 0x1510 LMIMaint - ok
19:17:41.0103 0x1510 [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
19:17:41.0109 0x1510 lmimirr - ok
19:17:41.0112 0x1510 LMIRfsClientNP - ok
19:17:41.0115 0x1510 [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
19:17:41.0121 0x1510 LMIRfsDriver - ok
19:17:41.0130 0x1510 [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
19:17:41.0141 0x1510 LogMeIn - ok
19:17:41.0147 0x1510 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:17:41.0154 0x1510 LSI_FC - ok
19:17:41.0159 0x1510 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:17:41.0167 0x1510 LSI_SAS - ok
19:17:41.0171 0x1510 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:17:41.0177 0x1510 LSI_SAS2 - ok
19:17:41.0182 0x1510 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:17:41.0190 0x1510 LSI_SCSI - ok
19:17:41.0196 0x1510 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:17:41.0218 0x1510 luafv - ok
19:17:41.0222 0x1510 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:17:41.0228 0x1510 MBAMProtector - ok
19:17:41.0259 0x1510 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
19:17:41.0292 0x1510 MBAMScheduler - ok
19:17:41.0314 0x1510 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
19:17:41.0333 0x1510 MBAMService - ok
19:17:41.0339 0x1510 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:17:41.0347 0x1510 MBAMSwissArmy - ok
19:17:41.0351 0x1510 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:17:41.0357 0x1510 MBAMWebAccessControl - ok
19:17:41.0362 0x1510 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
19:17:41.0367 0x1510 MBfilt - ok
19:17:41.0372 0x1510 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:17:41.0381 0x1510 Mcx2Svc - ok
19:17:41.0385 0x1510 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:17:41.0391 0x1510 megasas - ok
19:17:41.0399 0x1510 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:17:41.0409 0x1510 MegaSR - ok
19:17:41.0414 0x1510 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:17:41.0420 0x1510 MEIx64 - ok
19:17:41.0424 0x1510 Microsoft SharePoint Workspace Audit Service - ok
19:17:41.0428 0x1510 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:17:41.0450 0x1510 MMCSS - ok
19:17:41.0453 0x1510 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:17:41.0475 0x1510 Modem - ok
19:17:41.0479 0x1510 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:17:41.0488 0x1510 monitor - ok
19:17:41.0493 0x1510 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:17:41.0499 0x1510 mouclass - ok
19:17:41.0503 0x1510 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:17:41.0511 0x1510 mouhid - ok
19:17:41.0515 0x1510 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:17:41.0523 0x1510 mountmgr - ok
19:17:41.0531 0x1510 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:17:41.0542 0x1510 MpFilter - ok
19:17:41.0547 0x1510 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:17:41.0555 0x1510 mpio - ok
19:17:41.0559 0x1510 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:17:41.0581 0x1510 mpsdrv - ok
19:17:41.0597 0x1510 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:17:41.0632 0x1510 MpsSvc - ok
19:17:41.0638 0x1510 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:17:41.0648 0x1510 MRxDAV - ok
19:17:41.0653 0x1510 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:17:41.0663 0x1510 mrxsmb - ok
19:17:41.0670 0x1510 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:17:41.0682 0x1510 mrxsmb10 - ok
19:17:41.0687 0x1510 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:17:41.0696 0x1510 mrxsmb20 - ok
19:17:41.0700 0x1510 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:17:41.0706 0x1510 msahci - ok
19:17:41.0711 0x1510 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:17:41.0720 0x1510 msdsm - ok
19:17:41.0725 0x1510 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:17:41.0736 0x1510 MSDTC - ok
19:17:41.0741 0x1510 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:17:41.0762 0x1510 Msfs - ok
19:17:41.0764 0x1510 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:17:41.0786 0x1510 mshidkmdf - ok
19:17:41.0789 0x1510 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:17:41.0795 0x1510 msisadrv - ok
19:17:41.0800 0x1510 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:17:41.0824 0x1510 MSiSCSI - ok
19:17:41.0827 0x1510 msiserver - ok
19:17:41.0830 0x1510 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:17:41.0850 0x1510 MSKSSRV - ok
19:17:41.0853 0x1510 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:17:41.0861 0x1510 MsMpSvc - ok
19:17:41.0863 0x1510 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:17:41.0884 0x1510 MSPCLOCK - ok
19:17:41.0886 0x1510 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:17:41.0907 0x1510 MSPQM - ok
19:17:41.0916 0x1510 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:17:41.0928 0x1510 MsRPC - ok
19:17:41.0933 0x1510 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:17:41.0939 0x1510 mssmbios - ok
19:17:41.0942 0x1510 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:17:41.0964 0x1510 MSTEE - ok
19:17:41.0966 0x1510 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:17:41.0974 0x1510 MTConfig - ok
19:17:41.0981 0x1510 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:17:41.0988 0x1510 Mup - ok
19:17:42.0000 0x1510 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:17:42.0026 0x1510 napagent - ok
19:17:42.0035 0x1510 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:17:42.0049 0x1510 NativeWifiP - ok
19:17:42.0067 0x1510 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:17:42.0086 0x1510 NDIS - ok
19:17:42.0090 0x1510 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:17:42.0110 0x1510 NdisCap - ok
19:17:42.0113 0x1510 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:17:42.0133 0x1510 NdisTapi - ok
19:17:42.0136 0x1510 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:17:42.0156 0x1510 Ndisuio - ok
19:17:42.0161 0x1510 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:17:42.0183 0x1510 NdisWan - ok
19:17:42.0186 0x1510 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:17:42.0206 0x1510 NDProxy - ok
19:17:42.0210 0x1510 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:17:42.0231 0x1510 NetBIOS - ok
19:17:42.0238 0x1510 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:17:42.0261 0x1510 NetBT - ok
19:17:42.0265 0x1510 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
19:17:42.0273 0x1510 Netlogon - ok
19:17:42.0282 0x1510 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm

Re: Odd login IPs, think I might be infected?

Unread postby lucaslee8498 » December 10th, 2014, 9:09 pm

19:17:42.0309 0x1510 Netman - ok
19:17:42.0318 0x1510 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:42.0326 0x1510 NetMsmqActivator - ok
19:17:42.0331 0x1510 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:42.0340 0x1510 NetPipeActivator - ok
19:17:42.0351 0x1510 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:17:42.0380 0x1510 netprofm - ok
19:17:42.0385 0x1510 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:42.0393 0x1510 NetTcpActivator - ok
19:17:42.0398 0x1510 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:42.0406 0x1510 NetTcpPortSharing - ok
19:17:42.0410 0x1510 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:17:42.0416 0x1510 nfrd960 - ok
19:17:42.0421 0x1510 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:17:42.0429 0x1510 NisDrv - ok
19:17:42.0437 0x1510 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:17:42.0449 0x1510 NisSrv - ok
19:17:42.0457 0x1510 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:17:42.0469 0x1510 NlaSvc - ok
19:17:42.0473 0x1510 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:17:42.0494 0x1510 Npfs - ok
19:17:42.0497 0x1510 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:17:42.0518 0x1510 nsi - ok
19:17:42.0521 0x1510 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:17:42.0542 0x1510 nsiproxy - ok
19:17:42.0573 0x1510 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:17:42.0604 0x1510 Ntfs - ok
19:17:42.0610 0x1510 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:17:42.0630 0x1510 Null - ok
19:17:42.0635 0x1510 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:17:42.0643 0x1510 nvraid - ok
19:17:42.0649 0x1510 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:17:42.0658 0x1510 nvstor - ok
19:17:42.0664 0x1510 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:17:42.0672 0x1510 nv_agp - ok
19:17:42.0676 0x1510 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:17:42.0684 0x1510 ohci1394 - ok
19:17:42.0687 0x1510 [ EC322186D8FCE3D632F3F597D67747DD, 3011E02C695B006EF9A82ACC030953B9BEA6CE9AD28D63E4AA7FB4CC14F05CF2 ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
19:17:42.0691 0x1510 OpenVPNService - detected UnsignedFile.Multi.Generic ( 1 )
19:17:42.0691 0x1510 Detect skipped due to KSN trusted
19:17:42.0691 0x1510 OpenVPNService - ok
19:17:42.0696 0x1510 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:17:42.0703 0x1510 ose - ok
19:17:42.0775 0x1510 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:17:42.0853 0x1510 osppsvc - ok
19:17:42.0871 0x1510 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:17:42.0884 0x1510 p2pimsvc - ok
19:17:42.0895 0x1510 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:17:42.0909 0x1510 p2psvc - ok
19:17:42.0915 0x1510 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
19:17:42.0924 0x1510 Parport - ok
19:17:42.0929 0x1510 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:17:42.0936 0x1510 partmgr - ok
19:17:42.0942 0x1510 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:17:42.0956 0x1510 PcaSvc - ok
19:17:42.0962 0x1510 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:17:42.0971 0x1510 pci - ok
19:17:42.0974 0x1510 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:17:42.0981 0x1510 pciide - ok
19:17:42.0988 0x1510 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:17:42.0998 0x1510 pcmcia - ok
19:17:43.0003 0x1510 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:17:43.0010 0x1510 pcw - ok
19:17:43.0023 0x1510 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:17:43.0056 0x1510 PEAUTH - ok
19:17:43.0077 0x1510 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:17:43.0086 0x1510 PerfHost - ok
19:17:43.0114 0x1510 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:17:43.0158 0x1510 pla - ok
19:17:43.0169 0x1510 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:17:43.0184 0x1510 PlugPlay - ok
19:17:43.0188 0x1510 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:17:43.0196 0x1510 PNRPAutoReg - ok
19:17:43.0204 0x1510 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:17:43.0217 0x1510 PNRPsvc - ok
19:17:43.0228 0x1510 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:17:43.0256 0x1510 PolicyAgent - ok
19:17:43.0263 0x1510 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:17:43.0287 0x1510 Power - ok
19:17:43.0291 0x1510 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:17:43.0314 0x1510 PptpMiniport - ok
19:17:43.0318 0x1510 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:17:43.0327 0x1510 Processor - ok
19:17:43.0334 0x1510 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
19:17:43.0345 0x1510 ProfSvc - ok
19:17:43.0348 0x1510 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:17:43.0356 0x1510 ProtectedStorage - ok
19:17:43.0360 0x1510 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:17:43.0383 0x1510 Psched - ok
19:17:43.0411 0x1510 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:17:43.0440 0x1510 ql2300 - ok
19:17:43.0448 0x1510 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:17:43.0456 0x1510 ql40xx - ok
19:17:43.0463 0x1510 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:17:43.0478 0x1510 QWAVE - ok
19:17:43.0482 0x1510 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:17:43.0493 0x1510 QWAVEdrv - ok
19:17:43.0496 0x1510 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:17:43.0518 0x1510 RasAcd - ok
19:17:43.0522 0x1510 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:17:43.0544 0x1510 RasAgileVpn - ok
19:17:43.0548 0x1510 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:17:43.0571 0x1510 RasAuto - ok
19:17:43.0577 0x1510 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:17:43.0598 0x1510 Rasl2tp - ok
19:17:43.0606 0x1510 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:17:43.0633 0x1510 RasMan - ok
19:17:43.0638 0x1510 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:17:43.0661 0x1510 RasPppoe - ok
19:17:43.0665 0x1510 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:17:43.0688 0x1510 RasSstp - ok
19:17:43.0695 0x1510 [ 3B4642DE518A76310C62EEB9A64F771A, 198CF37D779FF9D3D529CF8C222A0A35D04AE3EF69D7861FB3F14D5CC3B3406C ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
19:17:43.0703 0x1510 Razer Game Scanner Service - ok
19:17:43.0711 0x1510 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:17:43.0737 0x1510 rdbss - ok
19:17:43.0741 0x1510 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:17:43.0750 0x1510 rdpbus - ok
19:17:43.0753 0x1510 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:17:43.0774 0x1510 RDPCDD - ok
19:17:43.0780 0x1510 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:17:43.0801 0x1510 RDPENCDD - ok
19:17:43.0805 0x1510 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:17:43.0826 0x1510 RDPREFMP - ok
19:17:43.0832 0x1510 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:17:43.0842 0x1510 RDPWD - ok
19:17:43.0849 0x1510 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:17:43.0858 0x1510 rdyboost - ok
19:17:43.0863 0x1510 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:17:43.0885 0x1510 RemoteAccess - ok
19:17:43.0891 0x1510 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:17:43.0914 0x1510 RemoteRegistry - ok
19:17:43.0917 0x1510 [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
19:17:43.0924 0x1510 Revoflt - ok
19:17:43.0929 0x1510 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:17:43.0951 0x1510 RpcEptMapper - ok
19:17:43.0955 0x1510 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:17:43.0963 0x1510 RpcLocator - ok
19:17:43.0974 0x1510 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:17:44.0003 0x1510 RpcSs - ok
19:17:44.0008 0x1510 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:17:44.0030 0x1510 rspndr - ok
19:17:44.0033 0x1510 [ 0988FECD9D924F5B4855D049E68BAAD3, 788B379B01F26C7C46DF0D3E9E37F9964831AAFD0762DDD17345478A97ADE83D ] rzdaendpt C:\Windows\system32\DRIVERS\rzdaendpt.sys
19:17:44.0039 0x1510 rzdaendpt - ok
19:17:44.0043 0x1510 [ 41F8F530DEDCF7DB8C567E527658A088, C859269018CC51D8557C33B45FD0ED9B1F80D505DEBC581249F6FB4648E22DEB ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
19:17:44.0048 0x1510 rzendpt - ok
19:17:44.0052 0x1510 [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys
19:17:44.0058 0x1510 rzpmgrk - ok
19:17:44.0063 0x1510 [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk C:\Windows\system32\drivers\rzpnk.sys
19:17:44.0070 0x1510 rzpnk - ok
19:17:44.0075 0x1510 [ C2A49525F6CEEED97A1D9FC950AAF863, DAA57C1C446861C733D3BE668EB247E40CE3871EF8FA0BB91CEB074B7357E0D8 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
19:17:44.0083 0x1510 rzudd - ok
19:17:44.0087 0x1510 [ 2AD977273D8B3F2169411E8AED7C8702, FCC3D579AFC9958C0CE3FB202061D36C66FC6803AFD7B99DBFC41412F9131E34 ] rzvkeyboard C:\Windows\system32\DRIVERS\rzvkeyboard.sys
19:17:44.0094 0x1510 rzvkeyboard - ok
19:17:44.0097 0x1510 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
19:17:44.0104 0x1510 SamSs - ok
19:17:44.0105 0x1510 SASDIFSV - ok
19:17:44.0107 0x1510 SASKUTIL - ok
19:17:44.0112 0x1510 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:17:44.0119 0x1510 sbp2port - ok
19:17:44.0126 0x1510 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:17:44.0149 0x1510 SCardSvr - ok
19:17:44.0152 0x1510 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:17:44.0172 0x1510 scfilter - ok
19:17:44.0194 0x1510 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:17:44.0232 0x1510 Schedule - ok
19:17:44.0237 0x1510 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:17:44.0257 0x1510 SCPolicySvc - ok
19:17:44.0263 0x1510 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:17:44.0273 0x1510 SDRSVC - ok
19:17:44.0276 0x1510 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:17:44.0296 0x1510 secdrv - ok
19:17:44.0299 0x1510 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:17:44.0319 0x1510 seclogon - ok
19:17:44.0322 0x1510 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:17:44.0343 0x1510 SENS - ok
19:17:44.0347 0x1510 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:17:44.0354 0x1510 SensrSvc - ok
19:17:44.0357 0x1510 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:17:44.0365 0x1510 Serenum - ok
19:17:44.0369 0x1510 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:17:44.0378 0x1510 Serial - ok
19:17:44.0381 0x1510 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:17:44.0388 0x1510 sermouse - ok
19:17:44.0396 0x1510 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:17:44.0418 0x1510 SessionEnv - ok
19:17:44.0421 0x1510 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:17:44.0430 0x1510 sffdisk - ok
19:17:44.0434 0x1510 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:17:44.0443 0x1510 sffp_mmc - ok
19:17:44.0446 0x1510 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:17:44.0455 0x1510 sffp_sd - ok
19:17:44.0458 0x1510 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:17:44.0466 0x1510 sfloppy - ok
19:17:44.0475 0x1510 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:17:44.0501 0x1510 SharedAccess - ok
19:17:44.0511 0x1510 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:17:44.0537 0x1510 ShellHWDetection - ok
19:17:44.0541 0x1510 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:17:44.0548 0x1510 SiSRaid2 - ok
19:17:44.0552 0x1510 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:17:44.0560 0x1510 SiSRaid4 - ok
19:17:44.0568 0x1510 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:17:44.0579 0x1510 SkypeUpdate - ok
19:17:44.0584 0x1510 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:17:44.0606 0x1510 Smb - ok
19:17:44.0612 0x1510 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:17:44.0620 0x1510 SNMPTRAP - ok
19:17:44.0624 0x1510 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:17:44.0630 0x1510 spldr - ok
19:17:44.0642 0x1510 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:17:44.0659 0x1510 Spooler - ok
19:17:44.0722 0x1510 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:17:44.0802 0x1510 sppsvc - ok
19:17:44.0811 0x1510 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:17:44.0834 0x1510 sppuinotify - ok
19:17:44.0839 0x1510 [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:17:44.0848 0x1510 SQLWriter - ok
19:17:44.0859 0x1510 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:17:44.0875 0x1510 srv - ok
19:17:44.0885 0x1510 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:17:44.0900 0x1510 srv2 - ok
19:17:44.0906 0x1510 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:17:44.0916 0x1510 srvnet - ok
19:17:44.0922 0x1510 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:17:44.0949 0x1510 SSDPSRV - ok
19:17:44.0953 0x1510 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:17:44.0976 0x1510 SstpSvc - ok
19:17:44.0992 0x1510 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:17:45.0048 0x1510 Steam Client Service - ok
19:17:45.0052 0x1510 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:17:45.0059 0x1510 stexstor - ok
19:17:45.0072 0x1510 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:17:45.0093 0x1510 stisvc - ok
19:17:45.0097 0x1510 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:17:45.0103 0x1510 swenum - ok
19:17:45.0115 0x1510 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:17:45.0145 0x1510 swprv - ok
19:17:45.0179 0x1510 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:17:45.0219 0x1510 SysMain - ok
19:17:45.0226 0x1510 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:17:45.0238 0x1510 TabletInputService - ok
19:17:45.0242 0x1510 [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
19:17:45.0251 0x1510 tap0901 - ok
19:17:45.0255 0x1510 [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
19:17:45.0261 0x1510 taphss6 - ok
19:17:45.0270 0x1510 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:17:45.0296 0x1510 TapiSrv - ok
19:17:45.0301 0x1510 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:17:45.0322 0x1510 TBS - ok
19:17:45.0357 0x1510 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:17:45.0391 0x1510 Tcpip - ok
19:17:45.0428 0x1510 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:17:45.0462 0x1510 TCPIP6 - ok
19:17:45.0469 0x1510 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:17:45.0478 0x1510 tcpipreg - ok
19:17:45.0483 0x1510 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:17:45.0491 0x1510 TDPIPE - ok
19:17:45.0494 0x1510 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:17:45.0502 0x1510 TDTCP - ok
19:17:45.0506 0x1510 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:17:45.0528 0x1510 tdx - ok
19:17:45.0599 0x1510 [ 57DDE1395F86EE048AB25717EEB8CAEB, 762771C81A229D860968409929A14838C4F0362A3061DFB62F34066CDD1B27B5 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:17:45.0664 0x1510 TeamViewer8 - ok
19:17:45.0674 0x1510 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:17:45.0681 0x1510 TermDD - ok
19:17:45.0696 0x1510 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:17:45.0716 0x1510 TermService - ok
19:17:45.0720 0x1510 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:17:45.0731 0x1510 Themes - ok
19:17:45.0735 0x1510 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:17:45.0757 0x1510 THREADORDER - ok
19:17:45.0762 0x1510 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:17:45.0785 0x1510 TrkWks - ok
19:17:45.0791 0x1510 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:17:45.0814 0x1510 TrustedInstaller - ok
19:17:45.0819 0x1510 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:17:45.0827 0x1510 tssecsrv - ok
19:17:45.0831 0x1510 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:17:45.0839 0x1510 TsUsbFlt - ok
19:17:45.0843 0x1510 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:17:45.0850 0x1510 TsUsbGD - ok
19:17:45.0855 0x1510 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:17:45.0877 0x1510 tunnel - ok
19:17:45.0881 0x1510 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:17:45.0887 0x1510 uagp35 - ok
19:17:45.0906 0x1510 [ 26672F93749AC9FD28DA1B0F94EFA78D, 4DC4AE5FFC4A126E289D317979E3ED8F7235C4836AF6C161C4068DBC06948CEF ] ucgnsta C:\Windows\system32\DRIVERS\ucgnstax.sys
19:17:45.0933 0x1510 ucgnsta - ok
19:17:45.0943 0x1510 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:17:45.0967 0x1510 udfs - ok
19:17:45.0973 0x1510 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:17:45.0981 0x1510 UI0Detect - ok
19:17:45.0985 0x1510 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:17:45.0991 0x1510 uliagpkx - ok
19:17:45.0995 0x1510 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:17:46.0003 0x1510 umbus - ok
19:17:46.0005 0x1510 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:17:46.0013 0x1510 UmPass - ok
19:17:46.0021 0x1510 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:17:46.0048 0x1510 upnphost - ok
19:17:46.0052 0x1510 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:17:46.0060 0x1510 USBAAPL64 - ok
19:17:46.0065 0x1510 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:17:46.0074 0x1510 usbaudio - ok
19:17:46.0079 0x1510 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:17:46.0088 0x1510 usbccgp - ok
19:17:46.0093 0x1510 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:17:46.0102 0x1510 usbcir - ok
19:17:46.0106 0x1510 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:17:46.0115 0x1510 usbehci - ok
19:17:46.0123 0x1510 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:17:46.0135 0x1510 usbhub - ok
19:17:46.0139 0x1510 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:17:46.0147 0x1510 usbohci - ok
19:17:46.0150 0x1510 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:17:46.0159 0x1510 usbprint - ok
19:17:46.0163 0x1510 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:17:46.0172 0x1510 USBSTOR - ok
19:17:46.0177 0x1510 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:17:46.0185 0x1510 usbuhci - ok
19:17:46.0189 0x1510 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:17:46.0212 0x1510 UxSms - ok
19:17:46.0215 0x1510 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
19:17:46.0222 0x1510 VaultSvc - ok
19:17:46.0225 0x1510 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:17:46.0231 0x1510 vdrvroot - ok
19:17:46.0242 0x1510 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:17:46.0271 0x1510 vds - ok
19:17:46.0274 0x1510 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:17:46.0283 0x1510 vga - ok
19:17:46.0286 0x1510 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:17:46.0306 0x1510 VgaSave - ok
19:17:46.0313 0x1510 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:17:46.0322 0x1510 vhdmp - ok
19:17:46.0325 0x1510 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:17:46.0332 0x1510 viaide - ok
19:17:46.0335 0x1510 [ F9D116EF357C1026B4F6BF670541426A, FA6F29EB0A6A5788E67EC1EC0B120B0E7E1B3E722AE6A405A8F7907A3A9A9C8E ] vmwvusb C:\Windows\system32\Drivers\vmwvusb.sys
19:17:46.0342 0x1510 vmwvusb - ok
19:17:46.0347 0x1510 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:17:46.0354 0x1510 volmgr - ok
19:17:46.0362 0x1510 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:17:46.0374 0x1510 volmgrx - ok
19:17:46.0382 0x1510 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:17:46.0392 0x1510 volsnap - ok
19:17:46.0398 0x1510 [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
19:17:46.0407 0x1510 VsEtwService120 - ok
19:17:46.0412 0x1510 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:17:46.0420 0x1510 vsmraid - ok
19:17:46.0453 0x1510 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:17:46.0499 0x1510 VSS - ok
19:17:46.0504 0x1510 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:17:46.0513 0x1510 vwifibus - ok
19:17:46.0516 0x1510 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:17:46.0527 0x1510 vwififlt - ok
19:17:46.0530 0x1510 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:17:46.0539 0x1510 vwifimp - ok
19:17:46.0549 0x1510 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:17:46.0575 0x1510 W32Time - ok
19:17:46.0582 0x1510 [ FDA15A0510F84FA46452B74529147A15, DAF92C2B733311B767895175E27B671C80DC028EEB477C28E0209C6467E072D1 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
19:17:46.0587 0x1510 WacHidRouter - ok
19:17:46.0590 0x1510 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:17:46.0598 0x1510 WacomPen - ok
19:17:46.0601 0x1510 [ EABFDBDC9BEDD325F260A3A9FEE5B3F9, 496AD989DA6F500140FCDB88C65CECD4F306D3FBDAACE1D42C5312C1E321B9D1 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
19:17:46.0606 0x1510 wacomrouterfilter - ok
19:17:46.0610 0x1510 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:17:46.0630 0x1510 WANARP - ok
19:17:46.0633 0x1510 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:17:46.0653 0x1510 Wanarpv6 - ok
19:17:46.0676 0x1510 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:17:46.0700 0x1510 WatAdminSvc - ok
19:17:46.0730 0x1510 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:17:46.0763 0x1510 wbengine - ok
19:17:46.0771 0x1510 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:17:46.0784 0x1510 WbioSrvc - ok
19:17:46.0793 0x1510 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:17:46.0809 0x1510 wcncsvc - ok
19:17:46.0813 0x1510 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:17:46.0820 0x1510 WcsPlugInService - ok
19:17:46.0823 0x1510 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:17:46.0829 0x1510 Wd - ok
19:17:46.0832 0x1510 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:17:46.0838 0x1510 WDC_SAM - ok
19:17:46.0853 0x1510 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:17:46.0871 0x1510 Wdf01000 - ok
19:17:46.0877 0x1510 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:17:46.0889 0x1510 WdiServiceHost - ok
19:17:46.0892 0x1510 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:17:46.0904 0x1510 WdiSystemHost - ok
19:17:46.0910 0x1510 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
19:17:46.0922 0x1510 WebClient - ok
19:17:46.0929 0x1510 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:17:46.0953 0x1510 Wecsvc - ok
19:17:46.0957 0x1510 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:17:46.0978 0x1510 wercplsupport - ok
19:17:46.0982 0x1510 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:17:47.0004 0x1510 WerSvc - ok
19:17:47.0007 0x1510 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:17:47.0027 0x1510 WfpLwf - ok
19:17:47.0029 0x1510 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:17:47.0035 0x1510 WIMMount - ok
19:17:47.0038 0x1510 WinDefend - ok
19:17:47.0042 0x1510 WinHttpAutoProxySvc - ok
19:17:47.0051 0x1510 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:17:47.0076 0x1510 Winmgmt - ok
19:17:47.0079 0x1510 [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\Razer\Driver\WinRing0x64.sys
19:17:47.0087 0x1510 WinRing0_1_2_0 - ok
19:17:47.0122 0x1510 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
19:17:47.0175 0x1510 WinRM - ok
19:17:47.0186 0x1510 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:17:47.0196 0x1510 WinUsb - ok
19:17:47.0213 0x1510 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:17:47.0238 0x1510 Wlansvc - ok
19:17:47.0279 0x1510 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:17:47.0317 0x1510 wlidsvc - ok
19:17:47.0324 0x1510 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:17:47.0332 0x1510 WmiAcpi - ok
19:17:47.0340 0x1510 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:17:47.0350 0x1510 wmiApSrv - ok
19:17:47.0353 0x1510 WMPNetworkSvc - ok
19:17:47.0356 0x1510 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:17:47.0363 0x1510 WPCSvc - ok
19:17:47.0368 0x1510 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:17:47.0379 0x1510 WPDBusEnum - ok
19:17:47.0382 0x1510 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:17:47.0403 0x1510 ws2ifsl - ok
19:17:47.0407 0x1510 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:17:47.0419 0x1510 wscsvc - ok
19:17:47.0421 0x1510 WSearch - ok
19:17:47.0432 0x1510 [ D50CD7E45963F42F54B045BFB22A41EF, A0E42E5ECFB564AF7386F9A40E41AB951C90B8790D33EAFE3AA14B18E818CEF7 ] wsnm E:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
19:17:47.0444 0x1510 wsnm - ok
19:17:47.0463 0x1510 [ 0872B00981A1D64ABED903023D2D7F26, 992D057889BBAA215BC3402AEFC37B60356C883FB74D14E8DAD11AE7DFE385C3 ] wsnm_usbctrl E:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
19:17:47.0485 0x1510 wsnm_usbctrl - ok
19:17:47.0500 0x1510 [ FF3F745A22B0C9C2EF1600762E8858A1, A63A66537A5316963825A963F2A9EC2BEB68027EB3A2EF28DC2C936FF194915A ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
19:17:47.0514 0x1510 WTabletServiceCon - ok
19:17:47.0558 0x1510 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
19:17:47.0601 0x1510 wuauserv - ok
19:17:47.0609 0x1510 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:17:47.0617 0x1510 WudfPf - ok
19:17:47.0624 0x1510 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:17:47.0634 0x1510 WUDFRd - ok
19:17:47.0638 0x1510 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:17:47.0647 0x1510 wudfsvc - ok
19:17:47.0654 0x1510 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:17:47.0666 0x1510 WwanSvc - ok
19:17:47.0685 0x1510 X6va012 - ok
19:17:47.0689 0x1510 X6va013 - ok
19:17:47.0695 0x1510 ================ Scan global ===============================
19:17:47.0698 0x1510 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:17:47.0703 0x1510 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:17:47.0711 0x1510 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:17:47.0717 0x1510 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:17:47.0724 0x1510 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:17:47.0729 0x1510 [ Global ] - ok
19:17:47.0729 0x1510 ================ Scan MBR ==================================
19:17:47.0731 0x1510 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:17:47.0734 0x1510 \Device\Harddisk0\DR0 - ok
19:17:47.0736 0x1510 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:17:47.0791 0x1510 \Device\Harddisk1\DR1 - ok
19:17:47.0791 0x1510 ================ Scan VBR ==================================
19:17:47.0793 0x1510 [ AEE8A30EC961C59DDAD87A3F4B563CD4 ] \Device\Harddisk0\DR0\Partition1
19:17:47.0794 0x1510 \Device\Harddisk0\DR0\Partition1 - ok
19:17:47.0795 0x1510 [ E2B77965A304B0F2B8476A05EBAA3158 ] \Device\Harddisk1\DR1\Partition1
19:17:47.0796 0x1510 \Device\Harddisk1\DR1\Partition1 - ok
19:17:47.0797 0x1510 [ 62DDE1E8501E8093071421319C7EF1B7 ] \Device\Harddisk1\DR1\Partition2
19:17:47.0798 0x1510 \Device\Harddisk1\DR1\Partition2 - ok
19:17:47.0798 0x1510 ================ Scan generic autorun ======================
19:17:47.0821 0x1510 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
19:17:47.0848 0x1510 MSC - ok
19:17:47.0871 0x1510 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:17:47.0897 0x1510 Sidebar - ok
19:17:47.0902 0x1510 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:17:47.0915 0x1510 mctadmin - ok
19:17:47.0936 0x1510 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:17:47.0962 0x1510 Sidebar - ok
19:17:47.0968 0x1510 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:17:47.0980 0x1510 mctadmin - ok
19:17:48.0011 0x1510 [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
19:17:48.0038 0x1510 Spotify Web Helper - ok
19:17:48.0044 0x1510 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe
19:17:48.0051 0x1510 Google Update - ok
19:17:48.0059 0x1510 [ F6672A0D95E30629D38AA9DC56CD458A, 80F926287A91C2092AE0AC3EF1FA99342AAA6916D9526E94B1A0A974FB7E86A5 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
19:17:48.0068 0x1510 HydraVisionDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
19:17:48.0068 0x1510 Detect skipped due to KSN trusted
19:17:48.0068 0x1510 HydraVisionDesktopManager - ok
19:17:48.0068 0x1510 LightShot - ok
19:17:48.0072 0x1510 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
19:17:48.0073 0x1510 AV detected via SS2: ESET Smart Security 6.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 6.0.316.0 ), 0x40010 ( disabled : outofdate )
19:17:48.0073 0x1510 FW detected via SS2: ESET Personal firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 6.0.316.0 ), 0x40010 ( disabled )
19:17:48.0075 0x1510 Win FW state via NFP2: disabled
19:18:01.0540 0x1510 ============================================================
19:18:01.0540 0x1510 Scan finished
19:18:01.0540 0x1510 ============================================================
19:18:01.0545 0x14d4 Detected object count: 0
19:18:01.0545 0x14d4 Actual detected object count: 0
19:19:31.0450 0x1664 Deinitialize success

Just thought I'd mention that this scan shows that I still have ESET even though I uninstalled it, as well as Microsoft Security Essentials.

D. None so far.
lucaslee8498
Regular Member
 
Posts: 16
Joined: December 3rd, 2014, 9:22 pm

Re: Odd login IPs, think I might be infected?

Unread postby pgmigg » December 11th, 2014, 2:10 am

Hello lucaslee8498,

ESET Smart Security 6.0
The Security Check noted about one Anti-virus program installed.
Just thought I'd mention that this scan shows that I still have ESET even though I uninstalled it, as well as Microsoft Security Essentials.
It looks like you uninstalled all Anti-virus programs and it is wrong!

No Anti-virus Software Installed!
Looking over your log... there is NO evidence of anti-virus software installed.. This puts you at serious risk.
Anti-virus software will help detect, cleanse, and erase harmful virus files on a computer, Web server, or network.
Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories.

To protect your computer from infection please download a (free for personal use) anti-virus program from one these reliable vendors.

  1. avast! Free Antivirus - Excellent detection, the freeware version includes email scanning.
  2. Microsoft Security Essentials ** - New, from Microsoft, with email scanning, easy to install, easy to use.
    ** Your PC must run genuine Windows to install Microsoft Security Essentials.
  3. A good (pay for) Anti-virus program is ESET NOD32 Antivirus - 30 day free trial.

Installing a new AV product.
Do NOT uninstall any existing anti-virus product yet!
  1. Download the new Anti-virus product to your computer desktop.
  2. Save any work. Close all applications, especially your Internet connection.
  3. Uninstall any existing anti-virus product... Use the AV uninstall option if available.
  4. Reboot your computer, if not done during the uninstall.
  5. Install the new AV product, following installation instructions.
  6. Check for updates to the new AV product, if not done during install setup.
  7. Run a full scan of your computer.
It is strongly recommended that you run only one antivirus program at a time.
Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.


Please let me know which Anti-virus you selected and installed.
Then we will continue our treatment...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3175
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 44 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware