Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Slow computer - memory low

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Slow computer - memory low

Unread postby iamdon » December 19th, 2014, 7:27 pm

Hello! I hope someone can help me with my issue. Recently my computer was infected. I noticed in the task manager that some processes such as scvhost are abnormally high. I get messages stating that a process must be closed because memory was low. Out of panic, I mindlessly ran Malwarebytes and quarantined/deleted the files found to be threat. Now I am not sure if my computer is free from any infected files. I will very much appreciate if someone can review my logs and provide additional steps to ensure that my system is clean.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17183 BrowserJavaVersion: 10.71.2
Run by Lyndon at 18:31:56 on 2014-12-19
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8183.5785 [GMT -5:00]
.
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Jump Desktop\JumpService.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PSIService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Box\Box Sync\BoxSync.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe
C:\Users\Lyndon\AppData\Local\Akamai\netsession_win.exe
C:\Users\Lyndon\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
C:\Users\Lyndon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lyndon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lyndon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lyndon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [Jump Desktop] C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe autorun
uRun: [Akamai NetSession Interface] "C:\Users\Lyndon\AppData\Local\Akamai\netsession_win.exe"
uRun: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
uRunOnce: [Adobe Speed Launcher] 1419031317
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/Cl ... wsdc32.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/ ... 3144268445
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://avalse.no-ip.org/codebase/DVM_IPCam2.ocx
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{8DDD1DFD-CEB1-4641-8686-0818AD7C87F4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C5C6BEFA-BF0D-4818-BC2C-42BE31EE70F5} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E19C8AC9-1D1B-4CDE-BCD6-2B2443EC6356} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-Run: [BoxSync] "C:\Program Files\Box\Box Sync\BoxSync.exe" -m
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2014-7-4 116000]
R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2014-7-4 1120032]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2014-7-4 198432]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2014-7-4 161568]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2014-7-4 117024]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2014-2-11 28600]
R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-7-8 44064]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-7-4 3869688]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 204288]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-2-11 431920]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-2-11 431920]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2014-2-11 119272]
R2 Avira.OE.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-11-20 166192]
R2 Fitbit Connect;Fitbit Connect Service;C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [2014-5-19 1436192]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-9-18 14624]
R2 JumpDesktop;Jump Desktop Service;C:\Program Files (x86)\Jump Desktop\JumpService.exe [2014-12-18 7680]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-12-14 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-12-14 969016]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2014-7-4 367200]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2007-5-11 1361952]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-5-11 50208]
R3 LVUVC64;Logitech QuickCam Fusion(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2007-5-11 3612704]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-11-13 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-12-14 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-12-14 63704]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2010-7-18 32344]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-12-19 314400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BoxSyncUpdateService;Box Sync Update Service;C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [2014-9-24 28696]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-2-28 245760]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-9-19 110336]
S3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;C:\Windows\System32\drivers\hcw72ADFilter.sys [2010-9-20 38656]
S3 hcw72ATV;WinTV HVR-950 NTSC;C:\Windows\System32\drivers\hcw72ATV.sys [2010-9-20 1633152]
S3 hcw72DTV;WinTV HVR-950 ATSC/QAM;C:\Windows\System32\drivers\hcw72DTV.sys [2010-9-20 1629312]
S3 OSFMount;OSFMount;C:\Program Files\OSFMount\OSFMount.sys [2014-2-20 1299384]
S3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2012-9-18 15360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-3-19 20992]
S3 SIUSBXP;SIUSBXP;C:\Windows\System32\drivers\SiUSBXp.sys [2012-8-22 26856]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-9-19 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-19 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-19 1255736]
S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-2-11 993584]
.
=============== Created Last 30 ================
.
2014-12-19 05:23:04 -------- d-----w- C:\Program Files (x86)\Jump Desktop
2014-12-17 23:25:16 -------- d-----w- C:\ProgramData\Phase Five Systems
2014-12-14 06:38:57 -------- d-----w- C:\$RECYCLE.BIN
2014-12-14 05:04:55 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-14 05:03:35 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-12-14 05:03:35 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-12-14 05:03:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-11 04:00:04 -------- d-----w- C:\Windows\System32\appraiser
2014-12-10 18:26:01 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-10 18:26:01 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-10 18:26:01 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-10 18:26:01 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-10 18:26:01 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-10 18:26:01 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-10 18:26:01 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-10 18:26:01 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-10 18:26:01 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-10 18:26:01 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-10 17:59:50 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-12-09 02:59:24 -------- d-----w- C:\test
2014-12-03 06:31:20 227048 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-11-25 20:21:10 3618488 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\1033\MSOINTL.DLL
2014-11-25 20:20:50 81234104 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2014-11-25 20:20:50 550072 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE
2014-11-25 20:20:50 26373816 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-11-25 18:59:38 18638520 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-24 05:01:42 -------- d-----w- C:\Users\Lyndon\.android
.
==================== Find3M ====================
.
2014-12-11 04:15:05 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-11 04:15:05 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-21 11:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-21 08:38:00 2237952 ----a-w- C:\Windows\System32\wininet.dll
2014-11-21 08:37:51 600576 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-21 08:36:24 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-21 08:36:17 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-21 08:36:17 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-11-21 08:35:42 1509376 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-21 07:17:51 1762816 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 07:17:44 523264 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-21 07:16:46 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-21 07:16:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-21 07:16:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-11-21 07:16:16 1441280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-21 07:00:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-21 06:54:49 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-21 06:31:56 441856 ----a-w- C:\Windows\System32\html.iec
2014-11-21 06:24:52 361984 ----a-w- C:\Windows\SysWow64\html.iec
2014-11-21 06:05:06 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-11-21 05:59:00 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-11-19 01:47:48 1247904 ----a-w- C:\Windows\SysWow64\FM20.DLL
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-29 03:03:48 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 17:24:28 43064 ----a-w- C:\Windows\System32\drivers\avnetflt.sys
2014-10-18 17:24:27 119272 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:23 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-09-30 22:55:45 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
.
============= FINISH: 18:32:13.70 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 7/18/2010 5:36:01 PM
System Uptime: 12/19/2014 6:21:33 PM (0 hours ago)
.
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | P55-GD65 (MS-7583)
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz | CPU 1 | 2507/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 238 GiB total, 169.562 GiB free.
D: is FIXED (NTFS) - 596 GiB total, 98.368 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_75831462&REV_03\4&44D5AA5&0&00E1
Manufacturer: Realtek
Name: Realtek PCIe GBE Family Controller #2
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_75831462&REV_03\4&44D5AA5&0&00E1
Service: RTL8167
.
==== System Restore Points ===================
.
RP90: 12/19/2014 12:22:39 AM - Installed Jump Desktop
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709n
7-Zip 9.20 (x64 edition)
Acronis True Image 2014
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.10)
Advanced Archive Password Recovery (remove only)
Akamai NetSession Interface
Altitude
Amazon MP3 Downloader 1.0.15
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaConverter 8
Audacity 1.3.14 (Unicode)
Avira
Avira Free Antivirus
Batman - Arkham City
Batman: Arkham City™
Bejeweled 2 Deluxe
BioShock
Bonjour
Box Sync
bpd_scan
BPDSoftware
BPDSoftware_Ini
Brother MFL-Pro Suite HL-2280DW
BufferChm
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cities XL Platinum
Content Manager
Content Transfer
Corel AfterShot Pro
Corel Paint Shop Pro X
Counter-Strike: Source
Coupon Printer for Windows
Cryostasis (Remove Only)
CutePDF Writer 3.0
CyberLink PhotoNow
D3DX10
Definition Update for Microsoft Office 2010 (KB2910899) 32-Bit Edition
Definition Update for Microsoft Office 2013 (KB2910926) 32-Bit Edition
Destinations
DeviceDiscovery
Dropbox
Dual-Core Optimizer
Duke Nukem 3D: Megaton Edition
EAX Unified
eReg
Evernote v. 5.6.4
Fax
Feedback Tool
Fitbit Base Station (Driver Removal)
Fitbit Connect
GameFly
Google Chrome
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Grand Theft Auto: San Andreas
H&R Block Deluxe + Efile + State 2013
H&R Block New Jersey 2013
HD Tune 2.55
HP Imaging Device Functions 13.0
HP Officejet 6500 E709 Series
Internet TV for Windows Media Center
IrfanView (remove only)
iTunes
Java 7 Update 71
Java Auto Updater
Java(TM) 6 Update 24 (64-bit)
Java(TM) 6 Update 35
Java(TM) SE Development Kit 6 Update 24 (64-bit)
jGRASP
Jump Desktop
Junk Mail filter update
Just Cause 2
King's Bounty: The Legend
L.A. Noire
Logitech Gaming Software
Logitech Gaming Software 8.30
Logitech SetPoint 6.32
Logitech Vid HD
Logitech Webcam Software
Logitech Webcam Software Driver Package
Malwarebytes Anti-Malware version 2.0.4.1028
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 64-bit Components 2013
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office OSM MUI (English) 2013
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2013
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visio MUI (English) 2013
Microsoft Visio Professional 2013
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
MLB 2K10
Moonbase Alpha
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network64
NWZ-W250 WALKMAN Guide
OSFMount v1.5
Outils de vérification linguistique 2013 de Microsoft Office - Français
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Photo Common
Photo Gallery
Picasa 3
PlayReady PC Runtime amd64
ProductContext
PS3 Media Server
PunkBuster Services
Realtek High Definition Audio Driver
Rockstar Games Social Club
Samsung Kies3
SAMSUNG USB Driver for Mobile Phones
Scan
Secure Download Manager
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Excel 2010 (KB2910902) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2726958) 32-Bit Edition
Security Update for Microsoft Office 2013 (KB2880502) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2899519) 32-Bit Edition
Serious Sam HD: The First Encounter
Serious Sam HD: The Second Encounter
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shadow Warrior Classic Redux
Skype™ 6.16
Status
Steam
The Chronicles of Riddick - Assault on Dark Athena
The KMPlayer (remove only)
Tomb Raider
Toolbox
TrayApp
TurboTax 2014
TurboTax 2014 WinPerFedFormset
TurboTax 2014 WinPerReleaseEngine
TurboTax 2014 WinPerTaxSupport
TurboTax 2014 wrapper
Unity Web Player
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Lync 2013 (KB2910927) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition
Update for Microsoft Office 2013 (KB2837654) 32-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition
Update for Microsoft Office 2013 (KB2881001) 32-Bit Edition
Update for Microsoft Office 2013 (KB2881008) 32-Bit Edition
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition
Update for Microsoft Office 2013 (KB2889858) 32-Bit Edition
Update for Microsoft Office 2013 (KB2889938) 32-Bit Edition
Update for Microsoft Office 2013 (KB2899501) 32-Bit Edition
Update for Microsoft Office 2013 (KB2899522) 32-Bit Edition
Update for Microsoft Office 2013 (KB2910922) 32-Bit Edition
Update for Microsoft Office 2013 (KB2910931) 32-Bit Edition
Update for Microsoft Office 2013 (KB2920734) 32-Bit Edition
Update for Microsoft OneDrive for Business (KB2910935) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition
Update for Microsoft OneNote 2013 (KB2899502) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft Outlook 2013 (KB2899504) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio 2013 (KB2910913) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition
Video Converter Factory Pro
Virtual Account Numbers
Visual CertExam Suite 1.9
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Flash
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
12/19/2014 6:22:43 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/17/2014 11:13:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff88001b27c1d, 0xfffff880084b3a70, 0x0000000000000000). A dump was saved in: C:\Windows\Minidump\121714-7831-01.dmp. Report Id: 121714-7831-01.
12/15/2014 11:02:41 PM, Error: Schannel [36887] - The following fatal alert was received: 70.
12/15/2014 11:02:41 PM, Error: Schannel [36887] - The following fatal alert was received: 40.
12/15/2014 1:51:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f020b: SAMSUNG Electronics Co., Ltd. - Other hardware - SAMSUNG Mobile MTP Device.
12/14/2014 1:39:48 AM, Error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s).
12/14/2014 1:33:45 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
12/14/2014 1:33:38 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/14/2014 1:33:16 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
12/14/2014 1:25:55 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
12/14/2014 1:25:55 AM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
12/13/2014 11:58:30 PM, Error: Microsoft-Windows-DistributedCOM [10000] -
12/12/2014 12:26:08 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB3024777).
.
==== End Of File ===========================
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am
Advertisement
Register to Remove

Re: Slow computer - memory low

Unread postby Cypher » December 21st, 2014, 11:51 am

Hi and welcome to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start

Next.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Next.

Click Start > Control Panel > Uninstall a program.
Uninstall the following if present.
Coupon Printer for Windows <<< Remove if you don't use.
Java 7 Update 71
Java(TM) 6 Update 24 (64-bit)
Java(TM) 6 Update 35
Java(TM) SE Development Kit 6 Update 24 (64-bit)


Next.

I need you to run further scans for me.
Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
Important: Save all tools i ask you to download to your Desktop, if you don't know how to do this just ask.




Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished, uncheck any entries you don't want to remove, then click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next.

Please download FRST ... by Farbar, from the link below and save it to your Desktop.

For 32 bit Systems

For 64 bit Systems

  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.

Logs/Information to Post in your Next Reply

  • AdwCleaner log.
  • FRST.txt and Addition.txt contents.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Slow computer - memory low

Unread postby iamdon » December 21st, 2014, 2:00 pm

Cypher, thank you for looking into this. I backed up my registry, anduninstalled the programs listed. I am having difficulty installing the adwcleaner. Everytime I try to run it, avira blocks it stating that it contains the virus or unwanted program 'Heur/APC (Cloud). Also I get the pop up "Insufficient system resources to complete the requested request".
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby Cypher » December 21st, 2014, 2:13 pm

Cypher, thank you for looking into this.

You're welcome.
I am having difficulty installing the adwcleaner. Everytime I try to run it, avira blocks it stating that it contains the virus or unwanted program

Disable avira while you run the scans, you can re-enable it again afterwards.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Slow computer - memory low

Unread postby iamdon » December 21st, 2014, 3:09 pm

# AdwCleaner v4.106 - Report created 21/12/2014 at 14:09:42
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Lyndon - LYNESLAVA
# Running from : C:\Users\Lyndon\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\VideoConverter

***** [ Scheduled Tasks ] *****

Task Deleted : DigitalSite

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183


-\\ Google Chrome v


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [2986 octets] - [21/12/2014 14:06:23]
AdwCleaner[S0].txt - [2809 octets] - [21/12/2014 14:09:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2869 octets] ##########
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby iamdon » December 21st, 2014, 3:09 pm

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by Lyndon (administrator) on LYNESLAVA on 21-12-2014 14:13:52
Running from C:\Users\Lyndon\Desktop
Loaded Profile: Lyndon (Available profiles: Lyndon)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Phase Five Systems) C:\Program Files (x86)\Jump Desktop\JumpService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PSIService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Phase Five Systems) C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe
(Akamai Technologies, Inc.) C:\Users\Lyndon\AppData\Local\Akamai\netsession_win.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Akamai Technologies, Inc.) C:\Users\Lyndon\AppData\Local\Akamai\netsession_win.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-17] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [6868280 2012-05-21] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5672184 2014-12-09] (Box, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\Run: [Jump Desktop] => C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe [469544 2014-12-18] (Phase Five Systems)
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Lyndon\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\RunOnce: [Adobe Speed Launcher] => 1419189060
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {9a216f5d-3530-3b1a-8006-9a1233402fba} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {4c3d7a5e-7476-3c21-9717-0614ce209c44} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {aa0bacc8-a5df-34b0-acd8-e6739d92010e} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {0f20db5b-365d-3cc6-82eb-41207f77bb71} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/Cl ... wsdc32.cab
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/ ... 3144268445
DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://avalse.no-ip.org/codebase/DVM_IPCam2.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin -> C:\Program Files (x86)\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1053732914-1232626397-1880032922-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1053732914-1232626397-1880032922-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1053732914-1232626397-1880032922-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lyndon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1053732914-1232626397-1880032922-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-05]

Chrome:
=======
CHR Profile: C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (YouTube) - C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Cast) - C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-11-20]
CHR Extension: (Google Search) - C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (Google Wallet) - C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR Extension: (Gmail) - C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR StartMenuInternet: Google Chrome - C:\Users\Lyndon\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44064 2013-07-08] (ArcSoft, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [28696 2014-09-24] (Box, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 JumpDesktop; C:\Program Files (x86)\Jump Desktop\JumpService.exe [7680 2014-12-18] (Phase Five Systems) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2010-09-16] ()
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [174656 2006-11-02] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-08-14] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 hcw72ADFilter; C:\Windows\System32\DRIVERS\hcw72ADFilter.sys [38656 2009-08-18] (Hauppauge Computer Works, Inc.)
S3 hcw72ATV; C:\Windows\System32\DRIVERS\hcw72ATV.sys [1633152 2009-08-18] (Hauppauge Computer Works, Inc.)
S3 hcw72DTV; C:\Windows\System32\DRIVERS\hcw72DTV.sys [1629312 2009-08-18] (Hauppauge Computer Works, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-08-14] ()
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 OSFMount; C:\Program Files\OSFMount\OSFMount.sys [1299384 2014-02-07] (PassMark Software)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-07-04] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-07-04] (Acronis International GmbH)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed]
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-07-04] (Acronis International GmbH)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 14:13 - 2014-12-21 14:14 - 00025329 _____ () C:\Users\Lyndon\Desktop\FRST.txt
2014-12-21 14:13 - 2014-12-21 14:13 - 00000000 ____D () C:\FRST
2014-12-21 14:06 - 2014-12-21 14:09 - 00000000 ____D () C:\AdwCleaner
2014-12-21 13:00 - 2014-12-21 13:00 - 02173952 _____ () C:\Users\Lyndon\Desktop\AdwCleaner.exe
2014-12-21 12:55 - 2014-12-21 12:55 - 02122240 _____ (Farbar) C:\Users\Lyndon\Desktop\FRST64.exe
2014-12-21 12:46 - 2014-12-21 12:46 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LYNESLAVA-Microsoft-Windows-7-Ultimate-(64-bit).dat
2014-12-21 12:46 - 2014-12-21 12:46 - 00000000 ____D () C:\RegBackup
2014-12-21 12:41 - 2014-12-21 12:41 - 00002203 _____ () C:\Users\Lyndon\Desktop\Tweaking.com - Registry Backup.lnk
2014-12-21 12:41 - 2014-12-21 12:41 - 00000000 ____D () C:\Users\Lyndon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-12-21 12:41 - 2014-12-21 12:41 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-12-21 12:39 - 2014-12-21 12:39 - 04215584 _____ () C:\Users\Lyndon\Downloads\tweaking.com_registry_backup_setup.exe
2014-12-19 18:32 - 2014-12-19 18:32 - 00026256 _____ () C:\Users\Lyndon\Desktop\dds.txt
2014-12-19 18:32 - 2014-12-19 18:32 - 00016088 _____ () C:\Users\Lyndon\Desktop\attach.txt
2014-12-19 18:24 - 2014-12-19 18:24 - 00688992 ____R (Swearware) C:\Users\Lyndon\Desktop\dds.scr
2014-12-17 18:25 - 2014-12-17 18:25 - 00000000 ____D () C:\ProgramData\Phase Five Systems
2014-12-14 01:54 - 2014-12-14 01:54 - 00001205 _____ () C:\DelFix.txt
2014-12-14 01:25 - 2014-12-14 01:39 - 00000000 ____D () C:\Windows\erdnt
2014-12-14 00:04 - 2014-12-19 18:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-14 00:03 - 2014-12-14 00:03 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-14 00:03 - 2014-12-14 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-14 00:03 - 2014-12-14 00:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-14 00:03 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-14 00:03 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-11 02:23 - 2014-12-11 02:23 - 00205867 _____ () C:\Users\Lyndon\Downloads\plugin.video.pinoytv-live-1.0.6.zip
2014-12-10 23:00 - 2014-12-10 23:00 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 13:26 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 13:26 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 13:26 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 13:26 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 13:26 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 13:26 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 13:26 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 13:26 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 13:26 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 13:26 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 13:00 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 13:00 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 13:00 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 13:00 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 13:00 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 13:00 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 13:00 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 13:00 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 13:00 - 2014-11-21 03:38 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 13:00 - 2014-11-21 03:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 13:00 - 2014-11-21 03:37 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 13:00 - 2014-11-21 03:37 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 19283456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 15400960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 13:00 - 2014-11-21 03:36 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 13:00 - 2014-11-21 03:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 13:00 - 2014-11-21 02:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 13:00 - 2014-11-21 02:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 13:00 - 2014-11-21 02:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 13:00 - 2014-11-21 02:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 13:00 - 2014-11-21 02:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 13:00 - 2014-11-21 02:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 13:00 - 2014-11-21 02:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 13:00 - 2014-11-21 02:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 13:00 - 2014-11-21 02:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 13:00 - 2014-11-21 01:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 13:00 - 2014-11-21 01:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 13:00 - 2014-11-21 01:24 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 13:00 - 2014-11-21 01:05 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-10 13:00 - 2014-11-21 00:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-10 12:59 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 12:59 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 12:59 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 12:59 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 12:59 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 12:59 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 12:59 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 12:59 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 12:59 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 12:59 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 12:59 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 12:59 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 12:59 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 12:59 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 12:59 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 12:59 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 12:59 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-08 21:59 - 2014-12-08 23:50 - 00000000 ____D () C:\test
2014-12-07 00:35 - 2014-12-07 00:35 - 00002513 _____ () C:\Users\Public\Desktop\TurboTax 2014.lnk
2014-12-07 00:35 - 2014-12-07 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014
2014-12-07 00:28 - 2014-12-07 00:29 - 118757496 _____ () C:\Users\Lyndon\Desktop\w_turbotax_1040_dlx_2014.020.0100.exe
2014-11-24 00:48 - 2014-11-24 00:48 - 02761019 _____ () C:\Users\Lyndon\Downloads\Llama.1.2014.11.20.2330.apk
2014-11-24 00:07 - 2014-11-24 00:08 - 51492185 _____ () C:\Users\Lyndon\Downloads\tvmc-13.2-gotham.apk
2014-11-24 00:01 - 2014-11-24 00:01 - 00000000 ____D () C:\Users\Lyndon\.android
2014-11-23 23:25 - 2014-11-23 23:25 - 00000000 ____D () C:\Users\Lyndon\Downloads\adbfw114
2014-11-23 23:24 - 2014-11-23 23:25 - 44936417 _____ () C:\Users\Lyndon\Downloads\adbfw114.zip
2014-11-23 23:18 - 2014-11-23 23:18 - 00076529 _____ () C:\Users\Lyndon\Downloads\How To Install XBMC or TVMC Kodi To Your FireTV Stick For Everyone.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 14:14 - 2010-06-19 03:07 - 01360614 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 14:11 - 2014-09-11 23:25 - 00000000 ____D () C:\Users\Lyndon\AppData\Local\Box Sync
2014-12-21 14:10 - 2010-08-07 22:30 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-12-21 14:10 - 2010-07-18 18:18 - 00860212 _____ () C:\Windows\PFRO.log
2014-12-21 14:10 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 14:10 - 2009-07-13 23:51 - 00017059 _____ () C:\Windows\setupact.log
2014-12-21 14:09 - 2009-07-13 23:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 14:09 - 2009-07-13 23:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 13:37 - 2011-03-30 22:39 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1053732914-1232626397-1880032922-1000UA.job
2014-12-21 13:15 - 2012-07-26 18:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 12:53 - 2011-03-20 19:41 - 00000000 ____D () C:\Program Files\Java
2014-12-21 12:51 - 2010-12-18 15:43 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-12-21 00:08 - 2011-03-30 22:39 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1053732914-1232626397-1880032922-1000Core.job
2014-12-20 15:45 - 2014-06-30 20:36 - 00028891 _____ () C:\Users\Lyndon\Downloads\Guest List.xlsx
2014-12-19 18:23 - 2014-01-18 20:51 - 00000000 ____D () C:\Users\Lyndon\AppData\Roaming\uTorrent
2014-12-17 23:13 - 2010-08-14 22:14 - 00000000 ____D () C:\Windows\Minidump
2014-12-17 23:13 - 2010-06-19 02:59 - 00287831 ____N () C:\Windows\Minidump\121714-7831-01.dmp
2014-12-15 21:00 - 2009-07-14 00:08 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-14 11:26 - 2014-02-14 18:58 - 00000000 ____D () C:\Windows\rescache
2014-12-14 02:06 - 2014-02-17 12:41 - 00000000 ____D () C:\Users\Lyndon\AppData\Roaming\DigitalSites
2014-12-14 02:06 - 2013-10-28 21:30 - 00000000 ____D () C:\Users\Lyndon\AppData\Roaming\DigitalSite
2014-12-14 02:06 - 2012-06-23 23:02 - 00000000 ____D () C:\ProgramData\YTD YouTube Downloader & Converter
2014-12-14 01:38 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-14 00:03 - 2010-11-13 00:02 - 00000000 ____D () C:\Users\Lyndon\AppData\Roaming\Malwarebytes
2014-12-14 00:03 - 2010-11-13 00:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-13 23:58 - 2010-07-19 20:35 - 00000000 ____D () C:\Users\Lyndon\AppData\Local\CrashDumps
2014-12-13 23:54 - 2014-02-11 22:09 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-13 23:54 - 2014-02-11 22:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-13 23:54 - 2014-02-11 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-13 23:54 - 2014-02-11 22:09 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-11 21:37 - 2014-09-11 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2014-12-11 00:29 - 2014-02-20 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-12-11 00:29 - 2010-12-29 17:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 23:15 - 2012-07-26 18:23 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 23:15 - 2012-06-18 22:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 23:15 - 2011-05-18 17:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 23:00 - 2014-05-22 22:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 23:00 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 13:29 - 2013-08-14 23:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 13:27 - 2010-08-07 22:31 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 12:54 - 2014-11-12 19:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-08 21:47 - 2009-07-13 23:45 - 00477152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-08 00:43 - 2012-05-08 22:03 - 00125784 _____ () C:\Users\Lyndon\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-07 03:30 - 2013-12-28 12:43 - 00000000 ____D () C:\Users\Lyndon\Documents\HRBlock
2014-12-07 03:28 - 2012-01-29 00:38 - 00000000 ____D () C:\Users\Lyndon\Documents\TurboTax
2014-12-07 00:36 - 2012-01-28 20:47 - 00000785 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-12-07 00:35 - 2012-01-28 20:44 - 00000000 ____D () C:\Program Files (x86)\TurboTax
2014-11-24 00:01 - 2010-07-18 16:36 - 00000000 __SHD () C:\Users\Lyndon
2014-11-21 06:14 - 2010-11-13 00:02 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Lyndon\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 21:17

==================== End Of Log ============================
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby iamdon » December 21st, 2014, 3:11 pm

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2014 01
Ran by Lyndon at 2014-12-21 14:14:19
Running from C:\Users\Lyndon\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (remove only) (HKLM-x32\...\Advanced Archive Password Recovery) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Altitude (HKLM-x32\...\Steam App 41300) (Version: - Nimbly Games)
Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft MediaConverter 8 (HKLM-x32\...\{936FA6E0-8A87-4A03-8004-138AB7A97637}) (Version: 8.0.0.21 - ArcSoft, Inc.)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Batman - Arkham City (HKLM-x32\...\Batman - Arkham City) (Version: 1.0.0.0 - WB Games)
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\Bejeweled 2 Deluxe) (Version: - PopCap Games)
BioShock (HKLM-x32\...\GFWL_{5454087B-EF14-490C-819C-D81000000100}) (Version: 1.0.0000.1 - 2K Games)
BioShock (x32 Version: 1.0.0000.1 - 2K Games) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (HKLM\...\{6C70BD8B-FA1C-4BAC-BC4A-BBDA9F1D09D7}) (Version: 4.0.5841.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.5253.0 - Box Inc.) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Brother MFL-Pro Suite HL-2280DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version: - Focus Home Interactive)
Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.3.0.23190 - Sony Corporation)
Corel AfterShot Pro (HKLM-x32\...\AfterShot Pro) (Version: 1.0.0.39 - Corel Corporation)
Corel Paint Shop Pro X (HKLM-x32\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.10 - Corel Inc)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Cryostasis (Remove Only) (HKLM-x32\...\{97A8C4B4-2B50-42D1-AFE6-5E8433185436}_is1) (Version: 1.0.0.0 - 1C Company)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5615 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\Dropbox) (Version: 1.6.11 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version: - 3D Realms)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
Fitbit Base Station (Driver Removal) (HKLM-x32\...\FITBIT&10C4&84C4) (Version: - Fitbit)
Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)
GameFly (HKLM-x32\...\GameFly) (Version: 1.2.338 - GameFly, Inc.)
Google Chrome (HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar)
H&R Block Deluxe + Efile + State 2013 (HKLM-x32\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.6401 - HRB Technology, LLC.)
H&R Block New Jersey 2013 (HKLM-x32\...\{5DCF256D-FC23-4893-B027-0F9166CF3191}) (Version: 1.13.4001 - HRB Technology, LLC.)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{2E1B4B42-069F-4F53-9966-9B9B938D7FE5}) (Version: 13.0 - HP)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
jGRASP (HKLM-x32\...\jGRASP) (Version: 1.8.8_08 - )
Jump Desktop (HKLM-x32\...\{93539750-9451-4632-96EB-9D9E0314009B}) (Version: 3.3.8 - Phase Five Systems)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios)
King's Bounty: The Legend (HKLM-x32\...\Steam App 25900) (Version: - Katauri)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Logitech Gaming Software 8.30 (HKLM\...\Logitech Gaming Software) (Version: 8.30.86 - Logitech Inc.)
Logitech SetPoint 6.32 (HKLM\...\SP6) (Version: 6.32.20 - Logitech)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MLB 2K10 (HKLM-x32\...\{5211BF94-F97C-47E7-BC7C-BE804A79F8A2}) (Version: 1.0.0 - 2K Sports)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version: - Army Game Studio/Virtual Heroes supporting)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NWZ-W250 WALKMAN Guide (HKLM-x32\...\{C67C8432-6056-4851-836F-F90BB9F7ED97}) (Version: 2.1.0.14010 - Sony Corporation)
OSFMount v1.5 (HKLM\...\OSFMount_is1) (Version: 1.5.1015 - Passmark Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pdf995 (installed by H&R Block) (HKLM-x32\...\Pdf995) (Version: - )
PdfEdit995 (installed by H&R Block) (HKLM-x32\...\PdfEdit995) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.53.0 - PS3 Media Server) <==== ATTENTION!
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.6.1 - Rockstar Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secure Download Manager (HKLM-x32\...\{6CEF2BC6-8929-44EE-8360-175513E1A49A}) (Version: 3.0.5 - e-academy Inc.)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version: - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version: - Croteam)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version: - 3D Realms)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Chronicles of Riddick - Assault on Dark Athena (HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\{12C85315-0989-4C28-8956-33458F464DD6}) (Version: 1.00.0000 - Atari)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Video Converter Factory Pro (HKLM-x32\...\VideoConverterFactoryPro) (Version: - WonderFox Soft, Inc. All Rights Reserved.)
Virtual Account Numbers (x32 Version: 1.0.1.0 - Citi) Hidden
Visual CertExam Suite 1.9 (HKLM-x32\...\Visual CertExam Suite_is1) (Version: - Visual CertExam Software)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

21-12-2014 12:51:25 Removed Java 7 Update 71
21-12-2014 12:51:46 Removed Java(TM) 6 Update 24 (64-bit)
21-12-2014 12:52:20 Removed Java(TM) 6 Update 35
21-12-2014 12:52:39 Removed Java(TM) SE Development Kit 6 Update 24 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-12-14 01:33 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {11752C57-1A27-4DDB-9C50-34C445BD32ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {1239C0F8-C2B7-4EA4-B5AC-7FFF4880E9AB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {20F252BC-80F3-478D-A31F-D7AC9CF1A2E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {477C5E70-365E-4B92-93E3-7710CEE28D19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1053732914-1232626397-1880032922-1000UA => C:\Users\Lyndon\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {6FAEE28A-D7C5-49D7-87AB-9DFF87E0E694} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {74DFE01F-6DE1-40F5-B406-655BBD0C9476} - System32\Tasks\{3FF4193D-9213-4026-B9C7-F3F1FBAD5339} => pcalua.exe -a D:\MLB2K10.exe -d D:\
Task: {8419AD63-6D64-4E5F-B217-836C42426148} - System32\Tasks\{2E2B2735-7B9A-438B-8492-2BC010222E0C} => pcalua.exe -a D:\Downloads\VirtualBox-4.1.8-75467-Win.exe -d D:\Downloads
Task: {84332A61-2F19-4256-A28A-A1CED489E082} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1053732914-1232626397-1880032922-1000Core => C:\Users\Lyndon\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {86B4BCD5-A537-474F-B585-57F2C9CB4934} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E10CE76F-BBFA-484D-98B1-08D94518B5A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E2816E14-F45F-4E43-9A13-54D516E8297C} - System32\Tasks\{730F2A47-8166-42B0-A68F-799C281A522A} => pcalua.exe -a "C:\Users\Lyndon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1LOUK9I\VirtualBox-4.1.18-78361-Win.exe" -d C:\Users\Lyndon\Desktop
Task: {F62E3C2E-9BAD-4287-9C45-D3F2D7EA64BB} - System32\Tasks\{7BF91863-CC82-4216-A652-24D9913CA618} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1053732914-1232626397-1880032922-1000Core.job => C:\Users\Lyndon\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1053732914-1232626397-1880032922-1000UA.job => C:\Users\Lyndon\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-29 22:56 - 2012-10-04 18:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2014-03-02 22:35 - 2012-04-26 15:51 - 00040448 _____ () C:\Windows\System32\pdf995mon64.dll
2010-09-16 19:00 - 2010-09-16 19:10 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2006-11-02 19:40 - 2006-11-02 19:40 - 00174656 _____ () C:\Windows\SysWOW64\PSIService.exe
2012-02-28 21:53 - 2005-04-21 23:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-01 09:26 - 2013-10-01 09:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2011-10-07 04:39 - 2011-10-07 04:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2012-04-10 22:30 - 2012-04-10 22:30 - 00471552 _____ () C:\Program Files\Box\Box Sync\_hashlib.pyd
2012-10-27 06:28 - 2012-10-27 06:28 - 00128512 _____ () C:\Program Files\Box\Box Sync\win32api.pyd
2012-10-27 06:27 - 2012-10-27 06:27 - 00137728 _____ () C:\Program Files\Box\Box Sync\pywintypes27.dll
2012-10-27 06:29 - 2012-10-27 06:29 - 00503808 _____ () C:\Program Files\Box\Box Sync\pythoncom27.dll
2012-04-10 22:25 - 2012-04-10 22:25 - 00111616 _____ () C:\Program Files\Box\Box Sync\_ctypes.pyd
2013-10-09 16:05 - 2013-10-09 16:05 - 00003584 _____ () C:\Program Files\Box\Box Sync\clr.pyd
2013-10-09 16:05 - 2013-10-09 16:05 - 00103424 _____ () C:\Program Files\Box\Box Sync\Python.Runtime.dll
2012-04-10 22:24 - 2012-04-10 22:24 - 00046080 _____ () C:\Program Files\Box\Box Sync\_socket.pyd
2012-04-10 22:30 - 2012-04-10 22:30 - 01167360 _____ () C:\Program Files\Box\Box Sync\_ssl.pyd
2012-04-10 22:24 - 2012-04-10 22:24 - 00689664 _____ () C:\Program Files\Box\Box Sync\unicodedata.pyd
2012-04-10 22:24 - 2012-04-10 22:24 - 00058368 _____ () C:\Program Files\Box\Box Sync\_sqlite3.pyd
2012-10-27 06:31 - 2012-10-27 06:31 - 00438784 _____ () C:\Program Files\Box\Box Sync\win32com.shell.shell.pyd
2012-10-27 06:27 - 2012-10-27 06:27 - 00023040 _____ () C:\Program Files\Box\Box Sync\win32event.pyd
2014-11-21 09:51 - 2014-11-21 09:51 - 00027136 _____ () C:\Program Files\Box\Box Sync\ujson.pyd
2014-11-21 09:51 - 2014-11-21 09:51 - 00044544 _____ () C:\Program Files\Box\Box Sync\_psutil_windows.pyd
2012-10-27 06:27 - 2012-10-27 06:27 - 00149504 _____ () C:\Program Files\Box\Box Sync\win32file.pyd
2012-04-10 22:24 - 2012-04-10 22:24 - 00010752 _____ () C:\Program Files\Box\Box Sync\select.pyd
2012-10-27 06:28 - 2012-10-27 06:28 - 00136192 _____ () C:\Program Files\Box\Box Sync\win32security.pyd
2012-10-27 06:27 - 2012-10-27 06:27 - 00044032 _____ () C:\Program Files\Box\Box Sync\win32process.pyd
2012-04-10 22:24 - 2012-04-10 22:24 - 00166912 _____ () C:\Program Files\Box\Box Sync\_elementtree.pyd
2012-04-10 22:24 - 2012-04-10 22:24 - 00164352 _____ () C:\Program Files\Box\Box Sync\pyexpat.pyd
2012-10-27 06:27 - 2012-10-27 06:27 - 00030720 _____ () C:\Program Files\Box\Box Sync\win32cred.pyd
2014-11-21 09:52 - 2014-11-21 09:52 - 00030208 _____ () C:\Program Files\Box\Box Sync\Crypto.Cipher._AES.pyd
2014-11-21 09:52 - 2014-11-21 09:52 - 00008192 _____ () C:\Program Files\Box\Box Sync\Crypto.Util.strxor.pyd
2014-11-21 09:52 - 2014-11-21 09:52 - 00010752 _____ () C:\Program Files\Box\Box Sync\Crypto.Random.OSRNG.winrandom.pyd
2014-11-21 09:52 - 2014-11-21 09:52 - 00011264 _____ () C:\Program Files\Box\Box Sync\Crypto.Util._counter.pyd
2012-04-10 22:24 - 2012-04-10 22:24 - 00031744 _____ () C:\Program Files\Box\Box Sync\_multiprocessing.pyd
2012-10-27 06:28 - 2012-10-27 06:28 - 00053760 _____ () C:\Program Files\Box\Box Sync\win32service.pyd
2014-11-21 09:51 - 2014-11-21 09:51 - 00026112 _____ () C:\Program Files\Box\Box Sync\_yappi.pyd
2012-10-27 06:27 - 2012-10-27 06:27 - 00021504 _____ () C:\Program Files\Box\Box Sync\win32clipboard.pyd
2012-10-27 06:28 - 2012-10-27 06:28 - 00223232 _____ () C:\Program Files\Box\Box Sync\win32gui.pyd
2014-09-09 15:30 - 2014-09-09 15:30 - 00068096 _____ () C:\Program Files\Box\Box Sync\SystemWrapper.dll
2009-10-14 12:36 - 2009-10-14 12:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 12:34 - 2009-10-14 12:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-12-09 15:21 - 2014-12-09 15:21 - 00030232 _____ () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-18 12:25 - 2014-12-18 12:25 - 02113576 _____ () C:\Program Files (x86)\Jump Desktop\JumpNetwork.dll
2012-02-28 21:53 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-11-22 12:03 - 2013-11-22 12:03 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-11-22 12:03 - 2013-11-22 12:03 - 00028024 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-11-22 12:06 - 2013-11-22 12:06 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-10-01 10:00 - 2013-10-01 10:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:A2C6D38F

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Lyndon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup

========================= Accounts: ==========================

Administrator (S-1-5-21-1053732914-1232626397-1880032922-500 - Administrator - Disabled)
Guest (S-1-5-21-1053732914-1232626397-1880032922-501 - Limited - Disabled)
Lyndon (S-1-5-21-1053732914-1232626397-1880032922-1000 - Administrator - Enabled) => C:\Users\Lyndon

==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller #2
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/21/2014 02:12:58 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/21/2014 02:06:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/21/2014 01:01:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/21/2014 00:57:53 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/21/2014 10:15:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/21/2014 10:12:43 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/21/2014 00:44:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/20/2014 10:16:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/20/2014 10:13:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (12/19/2014 06:27:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.


System errors:
=============
Error: (12/21/2014 02:11:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Acronis Sync Agent Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Service Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (12/21/2014 02:09:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (12/21/2014 02:12:58 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/21/2014 02:06:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/21/2014 01:01:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/21/2014 00:57:53 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/21/2014 10:15:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/21/2014 10:12:43 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/21/2014 00:44:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/20/2014 10:16:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/20/2014 10:13:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000

Error: (12/19/2014 06:27:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: 16000000002B4400002B440000980B0000


CodeIntegrity Errors:
===================================
Date: 2014-12-14 01:33:16.153
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-14 01:33:16.075
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-02 21:41:28.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 32%
Total physical RAM: 8183.11 MB
Available physical RAM: 5515.26 MB
Total Pagefile: 8381.29 MB
Available Pagefile: 5633.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Win7) (Fixed) (Total:238.38 GB) (Free:170.24 GB) NTFS
Drive d: (Data) (Fixed) (Total:596.17 GB) (Free:98.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: F2A932BA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F6C6FCCE)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby Cypher » December 21st, 2014, 4:01 pm

Hi,
Good work.
We need to run a fix with FRST, then i need you to run an additional scan.

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy and Paste the following script into Notepad, Do not include the words Code: select all
    • (Click the select all button next to code to select the entire script).
    Code: Select all
    HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
    Toolbar: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2014-12-21 12:51 - 2010-12-18 15:43 - 00000000 ____D () C:\Program Files (x86)\Coupons
    2014-12-19 18:23 - 2014-01-18 20:51 - 00000000 ____D () C:\Users\Lyndon\AppData\Roaming\uTorrent
    C:\Users\Lyndon\AppData\Local\Temp\avgnt.exe
    CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> No File Path
    CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
    AlternateDataStreams: C:\ProgramData\TEMP:A2C6D38F
    
    EmptyTemp:
    CMD: ipconfig /flushdns
    
  • Save it next to FRST.exe on your Desktop as filename fixlist.txt
  • NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are saved in the same location or the fix will not work.
  • Right-click FRST.exe and select " Run as administrator " to run it.
  • Press the Fix button just once. Then wait.
  • When finished, it will create a Fixlog.txt log on your Desktop.
  • Please post the content of the Fixlog.txt in your next reply.

Next.

Please download TDSSKiller.exe and save it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • The log is like UtilityName.Version_Date_Time_log.txt. for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  • Post the contents of that log in your next reply please.

Logs/Information to Post in your Next Reply

  • FRST Fixlog.txt.
  • TDSSKiller log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Slow computer - memory low

Unread postby iamdon » December 21st, 2014, 11:39 pm

Hi Cypher! I ran the fix in FRST64.exe and received the error:
"Line 9871 (File "C:\Users\Lyndon\Desktop\FRST64.exe"): Error: Error in expression."

I didn't go further for now.
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby iamdon » December 21st, 2014, 11:41 pm

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-12-2014 01
Ran by Lyndon at 2014-12-21 22:41:45 Run:1
Running from C:\Users\Lyndon\Desktop
Loaded Profile: Lyndon (Available profiles: Lyndon)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-12-21 12:51 - 2010-12-18 15:43 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-12-19 18:23 - 2014-01-18 20:51 - 00000000 ____D () C:\Users\Lyndon\AppData\Roaming\uTorrent
C:\Users\Lyndon\AppData\Local\Temp\avgnt.exe
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lyndon\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
AlternateDataStreams: C:\ProgramData\TEMP:A2C6D38F

EmptyTemp:
CMD: ipconfig /flushdns
*****************

"HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key Deleted Successfully.
"HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key could not be deleted. Error: -1073741772
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.) => Error: No automatic fix found for this entry.
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.) => Error: No automatic fix found for this entry.
catchme => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
VBoxNetFlt => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Program Files (x86)\Coupons => Moved successfully.
C:\Users\Lyndon\AppData\Roaming\uTorrent => Moved successfully.
C:\Users\Lyndon\AppData\Local\Temp\avgnt.exe => Moved successfully.
"HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} => Key not found.
"HKU\S-1-5-21-1053732914-1232626397-1880032922-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
C:\ProgramData\TEMP => ":A2C6D38F" ADS removed successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => Removed 126.3 MB temporary data.
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby Cypher » December 22nd, 2014, 6:51 am

Hi,
Did you run TDSSKiller, i don't see the log from that scan ?
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Slow computer - memory low

Unread postby iamdon » December 22nd, 2014, 7:36 pm

18:34:51.0409 0x0474 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
18:35:04.0108 0x0474 ============================================================
18:35:04.0108 0x0474 Current date / time: 2014/12/22 18:35:04.0108
18:35:04.0108 0x0474 SystemInfo:
18:35:04.0108 0x0474
18:35:04.0108 0x0474 OS Version: 6.1.7601 ServicePack: 1.0
18:35:04.0108 0x0474 Product type: Workstation
18:35:04.0108 0x0474 ComputerName: LYNESLAVA
18:35:04.0108 0x0474 UserName: Lyndon
18:35:04.0108 0x0474 Windows directory: C:\Windows
18:35:04.0108 0x0474 System windows directory: C:\Windows
18:35:04.0108 0x0474 Running under WOW64
18:35:04.0108 0x0474 Processor architecture: Intel x64
18:35:04.0108 0x0474 Number of processors: 4
18:35:04.0108 0x0474 Page size: 0x1000
18:35:04.0108 0x0474 Boot type: Normal boot
18:35:04.0108 0x0474 ============================================================
18:35:04.0248 0x0474 KLMD registered as C:\Windows\system32\drivers\90845752.sys
18:35:04.0342 0x0474 System UUID: {AFD3B631-FBFC-7837-2632-1932825830C3}
18:35:04.0654 0x0474 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:35:04.0669 0x0474 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:35:04.0669 0x0474 ============================================================
18:35:04.0669 0x0474 \Device\Harddisk0\DR0:
18:35:04.0669 0x0474 MBR partitions:
18:35:04.0669 0x0474 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:35:04.0669 0x0474 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0800
18:35:04.0669 0x0474 \Device\Harddisk1\DR1:
18:35:04.0669 0x0474 MBR partitions:
18:35:04.0669 0x0474 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
18:35:04.0669 0x0474 ============================================================
18:35:04.0669 0x0474 C: <-> \Device\Harddisk0\DR0\Partition2
18:35:04.0779 0x0474 D: <-> \Device\Harddisk1\DR1\Partition1
18:35:04.0779 0x0474 ============================================================
18:35:04.0779 0x0474 Initialize success
18:35:04.0779 0x0474 ============================================================
18:35:17.0071 0x0604 ============================================================
18:35:17.0071 0x0604 Scan started
18:35:17.0071 0x0604 Mode: Manual;
18:35:17.0071 0x0604 ============================================================
18:35:17.0071 0x0604 KSN ping started
18:35:30.0675 0x0604 KSN ping finished: true
18:35:30.0971 0x0604 ================ Scan system memory ========================
18:35:30.0971 0x0604 System memory - ok
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby iamdon » December 22nd, 2014, 7:38 pm

18:35:30.0971 0x0604 ================ Scan services =============================
18:35:31.0033 0x0604 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:35:31.0049 0x0604 1394ohci - ok
18:35:31.0080 0x0604 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:35:31.0096 0x0604 ACPI - ok
18:35:31.0096 0x0604 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:35:31.0111 0x0604 AcpiPmi - ok
18:35:31.0143 0x0604 [ 8325369F44A16CE4261CE268818A1F53, FE0B51D6976D5A39146469E046C8AEE7504A4AE9C948CE861371379D100D20CC ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
18:35:31.0158 0x0604 AcrSch2Svc - ok
18:35:31.0174 0x0604 [ 5A8104D0DDA7C48D967F6A66AFF35CC5, 07E27BE72DAEABFA98B9A6AF3CCE706695D33A496F2308F7BAFFA86CF62E2B86 ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
18:35:31.0174 0x0604 ADExchange - ok
18:35:31.0174 0x0604 [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:35:31.0189 0x0604 AdobeARMservice - ok
18:35:31.0221 0x0604 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:35:31.0236 0x0604 AdobeFlashPlayerUpdateSvc - ok
18:35:31.0252 0x0604 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:35:31.0267 0x0604 adp94xx - ok
18:35:31.0283 0x0604 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:35:31.0299 0x0604 adpahci - ok
18:35:31.0299 0x0604 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:35:31.0314 0x0604 adpu320 - ok
18:35:31.0314 0x0604 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:35:31.0314 0x0604 AeLookupSvc - ok
18:35:31.0330 0x0604 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
18:35:31.0345 0x0604 afcdp - ok
18:35:31.0423 0x0604 [ 3415F896A8AC52C50328676A7569F579, 1EF55C4A2605A47CFFE2C4A6EF0A96736674C9947D061528EF39079C855B319D ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
18:35:31.0501 0x0604 afcdpsrv - ok
18:35:31.0517 0x0604 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:35:31.0533 0x0604 AFD - ok
18:35:31.0548 0x0604 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:35:31.0548 0x0604 agp440 - ok
18:35:31.0548 0x0604 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:35:31.0564 0x0604 ALG - ok
18:35:31.0564 0x0604 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:35:31.0564 0x0604 aliide - ok
18:35:31.0564 0x0604 [ 87E226C0E11182943D28E8BEC61618CD, 909BFFF6E016321E6A7A722F219E23BB244B3C29EEFAD7F007C53A4EB5CCB6AF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:35:31.0579 0x0604 AMD External Events Utility - ok
18:35:31.0579 0x0604 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:35:31.0579 0x0604 amdide - ok
18:35:31.0595 0x0604 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:35:31.0595 0x0604 AmdK8 - ok
18:35:31.0829 0x0604 [ 446A1AAD34191665A8DF6092BD8EB5A8, B7E03FACF220DBD9891471F0525CFA0F24E9D76F7DFB17EBD752270B80D6498D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:35:32.0063 0x0604 amdkmdag - ok
18:35:32.0079 0x0604 [ F8F8A908FDB005A65DDF7238C814EEA5, 6FAC5532508227DDD5EE424AF5C72C0D3A7F592B57C1C8A6718C7F21D5506F21 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:35:32.0094 0x0604 amdkmdap - ok
18:35:32.0094 0x0604 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:35:32.0094 0x0604 AmdPPM - ok
18:35:32.0094 0x0604 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:35:32.0110 0x0604 amdsata - ok
18:35:32.0110 0x0604 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:35:32.0125 0x0604 amdsbs - ok
18:35:32.0125 0x0604 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:35:32.0125 0x0604 amdxata - ok
18:35:32.0157 0x0604 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:35:32.0157 0x0604 AntiVirSchedulerService - ok
18:35:32.0172 0x0604 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:35:32.0188 0x0604 AntiVirService - ok
18:35:32.0219 0x0604 [ 027820FE847A7B4245234A4E6E825BE1, EB5638C22C52D0B07F9782B7660BBA730A10A80DC138B7DAD20F849221DEF80B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:35:32.0235 0x0604 AntiVirWebService - ok
18:35:32.0250 0x0604 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
18:35:32.0250 0x0604 AppID - ok
18:35:32.0250 0x0604 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:35:32.0250 0x0604 AppIDSvc - ok
18:35:32.0266 0x0604 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:35:32.0266 0x0604 Appinfo - ok
18:35:32.0266 0x0604 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:35:32.0281 0x0604 Apple Mobile Device - ok
18:35:32.0281 0x0604 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
18:35:32.0297 0x0604 AppMgmt - ok
18:35:32.0297 0x0604 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:35:32.0297 0x0604 arc - ok
18:35:32.0313 0x0604 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:35:32.0313 0x0604 arcsas - ok
18:35:32.0328 0x0604 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:35:32.0344 0x0604 aspnet_state - ok
18:35:32.0344 0x0604 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:35:32.0344 0x0604 AsyncMac - ok
18:35:32.0344 0x0604 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:35:32.0344 0x0604 atapi - ok
18:35:32.0359 0x0604 [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:35:32.0359 0x0604 AtiHDAudioService - ok
18:35:32.0359 0x0604 [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
18:35:32.0375 0x0604 AtiHdmiService - ok
18:35:32.0375 0x0604 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
18:35:32.0391 0x0604 atksgt - ok
18:35:32.0406 0x0604 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:35:32.0437 0x0604 AudioEndpointBuilder - ok
18:35:32.0453 0x0604 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:35:32.0453 0x0604 AudioSrv - ok
18:35:32.0469 0x0604 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:35:32.0469 0x0604 avgntflt - ok
18:35:32.0484 0x0604 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:35:32.0484 0x0604 avipbb - ok
18:35:32.0484 0x0604 [ 6F77BBB8FC69D26132309EB4CE7A4E0E, 39E1E20F7CE6B2A784765BB1BE3AC539EDD2889880F78D14C340129E9DB7A43E ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
18:35:32.0500 0x0604 Avira.OE.ServiceHost - ok
18:35:32.0500 0x0604 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:35:32.0500 0x0604 avkmgr - ok
18:35:32.0515 0x0604 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:35:32.0515 0x0604 AxInstSV - ok
18:35:32.0531 0x0604 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:35:32.0547 0x0604 b06bdrv - ok
18:35:32.0562 0x0604 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:35:32.0562 0x0604 b57nd60a - ok
18:35:32.0578 0x0604 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:35:32.0578 0x0604 BDESVC - ok
18:35:32.0578 0x0604 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:35:32.0593 0x0604 Beep - ok
18:35:32.0609 0x0604 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:35:32.0625 0x0604 BFE - ok
18:35:32.0656 0x0604 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
18:35:32.0671 0x0604 BITS - ok
18:35:32.0687 0x0604 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:35:32.0687 0x0604 blbdrive - ok
18:35:32.0703 0x0604 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:35:32.0718 0x0604 Bonjour Service - ok
18:35:32.0718 0x0604 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:35:32.0718 0x0604 bowser - ok
18:35:32.0734 0x0604 [ C52093BEF318FFCC1130E9D66F3ED5DD, 4E69AAC810B7D5D6B5C566A3D7CA44FEFCA326927D1FCEF0F201F916AE8EDBC5 ] BoxSyncUpdateService C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
18:35:32.0734 0x0604 BoxSyncUpdateService - ok
18:35:32.0734 0x0604 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:35:32.0734 0x0604 BrFiltLo - ok
18:35:32.0749 0x0604 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:35:32.0749 0x0604 BrFiltUp - ok
18:35:32.0749 0x0604 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:35:32.0749 0x0604 BridgeMP - ok
18:35:32.0765 0x0604 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:35:32.0765 0x0604 Browser - ok
18:35:32.0781 0x0604 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:35:32.0796 0x0604 Brserid - ok
18:35:32.0796 0x0604 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:35:32.0796 0x0604 BrSerWdm - ok
18:35:32.0796 0x0604 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:35:32.0812 0x0604 BrUsbMdm - ok
18:35:32.0812 0x0604 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:35:32.0812 0x0604 BrUsbSer - ok
18:35:32.0827 0x0604 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
18:35:32.0827 0x0604 BrYNSvc - ok
18:35:32.0843 0x0604 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:35:32.0843 0x0604 BthEnum - ok
18:35:32.0843 0x0604 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:35:32.0859 0x0604 BTHMODEM - ok
18:35:32.0859 0x0604 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:35:32.0859 0x0604 BthPan - ok
18:35:32.0874 0x0604 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:35:32.0890 0x0604 BTHPORT - ok
18:35:32.0905 0x0604 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:35:32.0905 0x0604 bthserv - ok
18:35:32.0921 0x0604 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:35:32.0921 0x0604 BTHUSB - ok
18:35:32.0921 0x0604 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:35:32.0937 0x0604 cdfs - ok
18:35:32.0937 0x0604 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:35:32.0952 0x0604 cdrom - ok
18:35:32.0952 0x0604 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:35:32.0952 0x0604 CertPropSvc - ok
18:35:32.0968 0x0604 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:35:32.0968 0x0604 circlass - ok
18:35:32.0983 0x0604 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:35:32.0983 0x0604 CLFS - ok
18:35:32.0999 0x0604 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:35:32.0999 0x0604 clr_optimization_v2.0.50727_32 - ok
18:35:33.0015 0x0604 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:35:33.0015 0x0604 clr_optimization_v2.0.50727_64 - ok
18:35:33.0030 0x0604 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:35:33.0061 0x0604 clr_optimization_v4.0.30319_32 - ok
18:35:33.0061 0x0604 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:35:33.0077 0x0604 clr_optimization_v4.0.30319_64 - ok
18:35:33.0077 0x0604 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:35:33.0077 0x0604 CmBatt - ok
18:35:33.0077 0x0604 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:35:33.0093 0x0604 cmdide - ok
18:35:33.0108 0x0604 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
18:35:33.0124 0x0604 CNG - ok
18:35:33.0124 0x0604 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:35:33.0124 0x0604 Compbatt - ok
18:35:33.0124 0x0604 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:35:33.0139 0x0604 CompositeBus - ok
18:35:33.0139 0x0604 COMSysApp - ok
18:35:33.0139 0x0604 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:35:33.0139 0x0604 crcdisk - ok
18:35:33.0155 0x0604 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:35:33.0155 0x0604 CryptSvc - ok
18:35:33.0171 0x0604 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
18:35:33.0186 0x0604 CSC - ok
18:35:33.0217 0x0604 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
18:35:33.0233 0x0604 CscService - ok
18:35:33.0249 0x0604 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:35:33.0249 0x0604 DcomLaunch - ok
18:35:33.0264 0x0604 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:35:33.0280 0x0604 defragsvc - ok
18:35:33.0280 0x0604 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:35:33.0280 0x0604 DfsC - ok
18:35:33.0295 0x0604 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:35:33.0295 0x0604 dg_ssudbus - ok
18:35:33.0311 0x0604 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:35:33.0327 0x0604 Dhcp - ok
18:35:33.0327 0x0604 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:35:33.0327 0x0604 discache - ok
18:35:33.0327 0x0604 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:35:33.0342 0x0604 Disk - ok
18:35:33.0342 0x0604 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:35:33.0358 0x0604 Dnscache - ok
18:35:33.0358 0x0604 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:35:33.0373 0x0604 dot3svc - ok
18:35:33.0373 0x0604 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:35:33.0389 0x0604 Dot4 - ok
18:35:33.0389 0x0604 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:35:33.0389 0x0604 Dot4Print - ok
18:35:33.0389 0x0604 [ 488669CD1CD3BDCFDD9A5FDA72209069, CCB6BCB23A30CFD016E4086ED010A0E9DA647D3FAD9724200A29938D2B79A3C0 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
18:35:33.0405 0x0604 Dot4Scan - ok
18:35:33.0405 0x0604 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:35:33.0405 0x0604 dot4usb - ok
18:35:33.0420 0x0604 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:35:33.0420 0x0604 DPS - ok
18:35:33.0420 0x0604 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:35:33.0420 0x0604 drmkaud - ok
18:35:33.0451 0x0604 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:35:33.0467 0x0604 DXGKrnl - ok
18:35:33.0467 0x0604 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:35:33.0483 0x0604 EapHost - ok
18:35:33.0561 0x0604 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:35:33.0623 0x0604 ebdrv - ok
18:35:33.0639 0x0604 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
18:35:33.0639 0x0604 EFS - ok
18:35:33.0654 0x0604 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:35:33.0670 0x0604 ehRecvr - ok
18:35:33.0685 0x0604 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:35:33.0685 0x0604 ehSched - ok
18:35:33.0701 0x0604 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:35:33.0717 0x0604 elxstor - ok
18:35:33.0717 0x0604 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:35:33.0732 0x0604 ErrDev - ok
18:35:33.0732 0x0604 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:35:33.0748 0x0604 EventSystem - ok
18:35:33.0763 0x0604 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:35:33.0763 0x0604 exfat - ok
18:35:33.0779 0x0604 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:35:33.0779 0x0604 fastfat - ok
18:35:33.0795 0x0604 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:35:33.0826 0x0604 Fax - ok
18:35:33.0826 0x0604 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:35:33.0826 0x0604 fdc - ok
18:35:33.0826 0x0604 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:35:33.0826 0x0604 fdPHost - ok
18:35:33.0841 0x0604 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:35:33.0841 0x0604 FDResPub - ok
18:35:33.0841 0x0604 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:35:33.0857 0x0604 FileInfo - ok
18:35:33.0857 0x0604 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:35:33.0857 0x0604 Filetrace - ok
18:35:33.0888 0x0604 [ 31AC02203B716CBF8829343C91C8FD75, 6231A842733887C9A0CD513E9AFEF4A35152F4BCC9706EEAB38DC898B10AF9BD ] Fitbit Connect C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
18:35:33.0919 0x0604 Fitbit Connect - ok
18:35:33.0935 0x0604 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:35:33.0935 0x0604 flpydisk - ok
18:35:33.0935 0x0604 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:35:33.0951 0x0604 FltMgr - ok
18:35:33.0951 0x0604 [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
18:35:33.0966 0x0604 fltsrv - ok
18:35:33.0997 0x0604 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:35:34.0029 0x0604 FontCache - ok
18:35:34.0029 0x0604 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:35:34.0029 0x0604 FontCache3.0.0.0 - ok
18:35:34.0029 0x0604 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:35:34.0044 0x0604 FsDepends - ok
18:35:34.0044 0x0604 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:35:34.0044 0x0604 Fs_Rec - ok
18:35:34.0060 0x0604 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:35:34.0060 0x0604 fvevol - ok
18:35:34.0075 0x0604 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:35:34.0075 0x0604 gagp30kx - ok
18:35:34.0075 0x0604 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:35:34.0075 0x0604 GEARAspiWDM - ok
18:35:34.0107 0x0604 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:35:34.0122 0x0604 gpsvc - ok
18:35:34.0122 0x0604 [ 2ED7FF3E1ADA4092632393781518B3A7, FDB82CF74BE31806A6BFFC9724E54A74F822DFB4E137EEA38209418BDBCDAAB6 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
18:35:34.0138 0x0604 grmnusb - ok
18:35:34.0138 0x0604 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:35:34.0138 0x0604 gusvc - ok
18:35:34.0153 0x0604 [ D0F1ABBCD63746B78876ED66447F89AE, 65B7AE1AEE02367E14EFF4384A5B641C55AD47D84F4ADA1053147D0F3DB1A67A ] hcw72ADFilter C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
18:35:34.0153 0x0604 hcw72ADFilter - ok
18:35:34.0185 0x0604 [ 4CD8561ED3BC2251404F1D1ECF98CF02, 6125F5AB26B1F0E4BD2602B0180D7C2E42270FD80289BB94AFA9ADA48424A5B2 ] hcw72ATV C:\Windows\system32\DRIVERS\hcw72ATV.sys
18:35:34.0231 0x0604 hcw72ATV - ok
18:35:34.0263 0x0604 [ 838FF07CAA74D912D88288FB7CF089F4, DE7C0C7BEB68E916FB77C6B8DC41E31605D56A4AB638A035A6E139A41B16C8D4 ] hcw72DTV C:\Windows\system32\DRIVERS\hcw72DTV.sys
18:35:34.0309 0x0604 hcw72DTV - ok
18:35:34.0309 0x0604 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:35:34.0325 0x0604 hcw85cir - ok
18:35:34.0325 0x0604 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:35:34.0341 0x0604 HdAudAddService - ok
18:35:34.0341 0x0604 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:35:34.0356 0x0604 HDAudBus - ok
18:35:34.0356 0x0604 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:35:34.0356 0x0604 HidBatt - ok
18:35:34.0372 0x0604 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:35:34.0372 0x0604 HidBth - ok
18:35:34.0372 0x0604 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:35:34.0372 0x0604 HidIr - ok
18:35:34.0387 0x0604 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
18:35:34.0387 0x0604 hidserv - ok
18:35:34.0387 0x0604 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:35:34.0387 0x0604 HidUsb - ok
18:35:34.0403 0x0604 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:35:34.0403 0x0604 hkmsvc - ok
18:35:34.0419 0x0604 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:35:34.0434 0x0604 HomeGroupListener - ok
18:35:34.0434 0x0604 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:35:34.0450 0x0604 HomeGroupProvider - ok
18:35:34.0450 0x0604 [ 08457D8F8149757C70CEA59C71EC5D27, DC89AB78F423950E1C1A6B64CE46E6395AA8F43456A70BE1D3A517F568068BA5 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:35:34.0465 0x0604 hpqcxs08 - ok
18:35:34.0465 0x0604 [ 75CC8C5146A3FB76221A7606628778D5, 2FDD943E22E38083639DF61335DEFE9C38685158D8BF0528834C1B657DC1DE6F ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:35:34.0481 0x0604 hpqddsvc - ok
18:35:34.0481 0x0604 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:35:34.0481 0x0604 HpSAMD - ok
18:35:34.0512 0x0604 [ 2ADF33F93991C4E24E86FFA5F906417B, 426FFE6DF9E1B779DA52D7361C8ED03C25F8F8EF30BF3BAAE07D488C3A96C74F ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:35:34.0543 0x0604 HPSLPSVC - ok
18:35:34.0559 0x0604 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:35:34.0575 0x0604 HTTP - ok
18:35:34.0575 0x0604 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:35:34.0575 0x0604 hwpolicy - ok
18:35:34.0590 0x0604 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:35:34.0590 0x0604 i8042prt - ok
18:35:34.0606 0x0604 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:35:34.0621 0x0604 iaStor - ok
18:35:34.0621 0x0604 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:35:34.0637 0x0604 iaStorV - ok
18:35:34.0668 0x0604 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:35:34.0699 0x0604 idsvc - ok
18:35:34.0699 0x0604 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:35:34.0699 0x0604 iirsp - ok
18:35:34.0715 0x0604 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:35:34.0746 0x0604 IKEEXT - ok
18:35:34.0809 0x0604 [ 490947A9AFF7CA31EF2E08F5776105EB, C817D60DBA6B276AD4EF2E0FDF5547F152294AFEF6264C28B8F4DC20B3A85515 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:35:34.0840 0x0604 IntcAzAudAddService - ok
18:35:34.0855 0x0604 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:35:34.0855 0x0604 intelide - ok
18:35:34.0855 0x0604 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:35:34.0855 0x0604 intelppm - ok
18:35:34.0871 0x0604 [ D46E04D83A3E174A98DC90FE23AB08DE, 0285B4A311645D292A26B276511877B46A42526BDBFBC12E3BD876A74F074720 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
18:35:34.0871 0x0604 IntuitUpdateServiceV4 - ok
18:35:34.0871 0x0604 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:35:34.0887 0x0604 IPBusEnum - ok
18:35:34.0887 0x0604 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:35:34.0887 0x0604 IpFilterDriver - ok
18:35:34.0902 0x0604 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:35:34.0918 0x0604 iphlpsvc - ok
18:35:34.0933 0x0604 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:35:34.0933 0x0604 IPMIDRV - ok
18:35:34.0933 0x0604 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:35:34.0949 0x0604 IPNAT - ok
18:35:34.0965 0x0604 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:35:34.0980 0x0604 iPod Service - ok
18:35:34.0980 0x0604 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:35:34.0980 0x0604 IRENUM - ok
18:35:34.0996 0x0604 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:35:34.0996 0x0604 isapnp - ok
18:35:34.0996 0x0604 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:35:35.0011 0x0604 iScsiPrt - ok
18:35:35.0011 0x0604 [ 494A10BBB538AFD8B2C222BFBF0A297D, E1A6FC93ACE60DFA4E8E3C471455D7808596432BE2C3FCA484348A556831BB4D ] JumpDesktop C:\Program Files (x86)\Jump Desktop\JumpService.exe
18:35:35.0027 0x0604 JumpDesktop - ok
18:35:35.0027 0x0604 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:35:35.0027 0x0604 kbdclass - ok
18:35:35.0027 0x0604 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:35:35.0043 0x0604 kbdhid - ok
18:35:35.0043 0x0604 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
18:35:35.0043 0x0604 KeyIso - ok
18:35:35.0043 0x0604 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:35:35.0043 0x0604 KSecDD - ok
18:35:35.0058 0x0604 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:35:35.0058 0x0604 KSecPkg - ok
18:35:35.0074 0x0604 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:35:35.0074 0x0604 ksthunk - ok
18:35:35.0074 0x0604 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:35:35.0089 0x0604 KtmRm - ok
18:35:35.0105 0x0604 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:35:35.0121 0x0604 LanmanServer - ok
18:35:35.0121 0x0604 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:35:35.0121 0x0604 LanmanWorkstation - ok
18:35:35.0136 0x0604 [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:35:35.0152 0x0604 LBTServ - ok
18:35:35.0152 0x0604 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
18:35:35.0167 0x0604 LGBusEnum - ok
18:35:35.0167 0x0604 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
18:35:35.0167 0x0604 LGVirHid - ok
18:35:35.0167 0x0604 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:35:35.0183 0x0604 LHidFilt - ok
18:35:35.0183 0x0604 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
18:35:35.0183 0x0604 lirsgt - ok
18:35:35.0183 0x0604 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:35:35.0199 0x0604 lltdio - ok
18:35:35.0199 0x0604 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:35:35.0214 0x0604 lltdsvc - ok
18:35:35.0214 0x0604 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:35:35.0214 0x0604 lmhosts - ok
18:35:35.0230 0x0604 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:35:35.0230 0x0604 LMouFilt - ok
18:35:35.0230 0x0604 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:35:35.0245 0x0604 LSI_FC - ok
18:35:35.0245 0x0604 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:35:35.0261 0x0604 LSI_SAS - ok
18:35:35.0261 0x0604 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:35:35.0261 0x0604 LSI_SAS2 - ok
18:35:35.0277 0x0604 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:35:35.0277 0x0604 LSI_SCSI - ok
18:35:35.0277 0x0604 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:35:35.0292 0x0604 luafv - ok
18:35:35.0323 0x0604 [ CE6E5146039D248FEB991FBC9E2B6A7B, 4F995D56AF651EB75E3FFC2E5B1551AB9447E81C4376101594D5A763A5ECC4E9 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
18:35:35.0339 0x0604 lvpopf64 - ok
18:35:35.0355 0x0604 [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:35:35.0355 0x0604 LVPr2M64 - ok
18:35:35.0355 0x0604 [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:35:35.0355 0x0604 LVPr2Mon - ok
18:35:35.0370 0x0604 [ A35679E56E78091E1042A2D7ADBF2958, F2282B697DCDD5767F65D99FEA374D3757C6133D42BD5A9C582C217619213290 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
18:35:35.0370 0x0604 LVPrcS64 - ok
18:35:35.0386 0x0604 [ 6D5EA90F86F9B28CD44AF6BA9BE03BF9, 6A92EF21EB7543389649900BAB241A846DFE9CADF785D7352052C003AA717E5F ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
18:35:35.0386 0x0604 LVUSBS64 - ok
18:35:35.0464 0x0604 [ EB12688842EDE30C843A123FA6855858, 24DD1E4F32CA08EF2263100A3C65BF8D904BB0FFC55025519C477E7BAA31E064 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
18:35:35.0526 0x0604 LVUVC64 - ok
18:35:35.0526 0x0604 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:35:35.0542 0x0604 MBAMProtector - ok
18:35:35.0573 0x0604 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
18:35:35.0620 0x0604 MBAMScheduler - ok
18:35:35.0635 0x0604 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
18:35:35.0667 0x0604 MBAMService - ok
18:35:35.0667 0x0604 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:35:35.0682 0x0604 MBAMSwissArmy - ok
18:35:35.0682 0x0604 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:35:35.0682 0x0604 MBAMWebAccessControl - ok
18:35:35.0698 0x0604 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
18:35:35.0698 0x0604 MBfilt - ok
18:35:35.0698 0x0604 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:35:35.0713 0x0604 Mcx2Svc - ok
18:35:35.0713 0x0604 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:35:35.0713 0x0604 megasas - ok
18:35:35.0729 0x0604 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:35:35.0729 0x0604 MegaSR - ok
18:35:35.0745 0x0604 Microsoft SharePoint Workspace Audit Service - ok
18:35:35.0745 0x0604 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:35:35.0745 0x0604 MMCSS - ok
18:35:35.0760 0x0604 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:35:35.0760 0x0604 Modem - ok
18:35:35.0760 0x0604 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:35:35.0760 0x0604 monitor - ok
18:35:35.0776 0x0604 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:35:35.0776 0x0604 mouclass - ok
18:35:35.0776 0x0604 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:35:35.0776 0x0604 mouhid - ok
18:35:35.0791 0x0604 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:35:35.0791 0x0604 mountmgr - ok
18:35:35.0791 0x0604 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:35:35.0807 0x0604 mpio - ok
18:35:35.0807 0x0604 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:35:35.0807 0x0604 mpsdrv - ok
18:35:35.0838 0x0604 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:35:35.0854 0x0604 MpsSvc - ok
18:35:35.0869 0x0604 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:35:35.0869 0x0604 MRxDAV - ok
18:35:35.0885 0x0604 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:35:35.0885 0x0604 mrxsmb - ok
18:35:35.0901 0x0604 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:35:35.0901 0x0604 mrxsmb10 - ok
18:35:35.0916 0x0604 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:35:35.0916 0x0604 mrxsmb20 - ok
18:35:35.0916 0x0604 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:35:35.0932 0x0604 msahci - ok
18:35:35.0932 0x0604 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:35:35.0947 0x0604 msdsm - ok
18:35:35.0947 0x0604 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:35:35.0963 0x0604 MSDTC - ok
18:35:35.0963 0x0604 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:35:35.0963 0x0604 Msfs - ok
18:35:35.0963 0x0604 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:35:35.0963 0x0604 mshidkmdf - ok
18:35:35.0979 0x0604 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:35:35.0979 0x0604 msisadrv - ok
18:35:35.0979 0x0604 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:35:35.0994 0x0604 MSiSCSI - ok
18:35:35.0994 0x0604 msiserver - ok
18:35:35.0994 0x0604 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:35:35.0994 0x0604 MSKSSRV - ok
18:35:36.0010 0x0604 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:35:36.0010 0x0604 MSPCLOCK - ok
18:35:36.0010 0x0604 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:35:36.0010 0x0604 MSPQM - ok
18:35:36.0025 0x0604 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:35:36.0041 0x0604 MsRPC - ok
18:35:36.0041 0x0604 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:35:36.0041 0x0604 mssmbios - ok
18:35:36.0041 0x0604 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:35:36.0057 0x0604 MSTEE - ok
18:35:36.0057 0x0604 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:35:36.0057 0x0604 MTConfig - ok
18:35:36.0057 0x0604 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:35:36.0057 0x0604 Mup - ok
18:35:36.0072 0x0604 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:35:36.0088 0x0604 napagent - ok
18:35:36.0103 0x0604 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:35:36.0119 0x0604 NativeWifiP - ok
18:35:36.0135 0x0604 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:35:36.0166 0x0604 NDIS - ok
18:35:36.0166 0x0604 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:35:36.0166 0x0604 NdisCap - ok
18:35:36.0166 0x0604 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:35:36.0181 0x0604 NdisTapi - ok
18:35:36.0181 0x0604 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:35:36.0181 0x0604 Ndisuio - ok
18:35:36.0197 0x0604 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:35:36.0197 0x0604 NdisWan - ok
18:35:36.0197 0x0604 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:35:36.0213 0x0604 NDProxy - ok
18:35:36.0213 0x0604 [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:35:36.0213 0x0604 Net Driver HPZ12 - ok
18:35:36.0228 0x0604 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:35:36.0228 0x0604 NetBIOS - ok
18:35:36.0228 0x0604 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:35:36.0244 0x0604 NetBT - ok
18:35:36.0244 0x0604 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
18:35:36.0244 0x0604 Netlogon - ok
18:35:36.0259 0x0604 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:35:36.0275 0x0604 Netman - ok
18:35:36.0275 0x0604 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:36.0291 0x0604 NetMsmqActivator - ok
18:35:36.0291 0x0604 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:36.0306 0x0604 NetPipeActivator - ok
18:35:36.0306 0x0604 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:35:36.0322 0x0604 netprofm - ok
18:35:36.0353 0x0604 [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
18:35:36.0369 0x0604 netr28ux - ok
18:35:36.0369 0x0604 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:36.0369 0x0604 NetTcpActivator - ok
18:35:36.0384 0x0604 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:35:36.0384 0x0604 NetTcpPortSharing - ok
18:35:36.0384 0x0604 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:35:36.0384 0x0604 nfrd960 - ok
18:35:36.0400 0x0604 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:35:36.0415 0x0604 NlaSvc - ok
18:35:36.0415 0x0604 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:35:36.0415 0x0604 Npfs - ok
18:35:36.0431 0x0604 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:35:36.0431 0x0604 nsi - ok
18:35:36.0431 0x0604 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:35:36.0431 0x0604 nsiproxy - ok
18:35:36.0478 0x0604 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:35:36.0525 0x0604 Ntfs - ok
18:35:36.0525 0x0604 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:35:36.0525 0x0604 Null - ok
18:35:36.0525 0x0604 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:35:36.0540 0x0604 nvraid - ok
18:35:36.0540 0x0604 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:35:36.0556 0x0604 nvstor - ok
18:35:36.0556 0x0604 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:35:36.0571 0x0604 nv_agp - ok
18:35:36.0571 0x0604 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:35:36.0571 0x0604 ohci1394 - ok
18:35:36.0587 0x0604 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:35:36.0587 0x0604 ose - ok
18:35:36.0618 0x0604 [ AEE92DF50D5ADF81FC5709ABF7DFF8A5, 655C2FC05FFF3095D4EBC5A88638D1FF9228FE54154431CBC4F2A34197869A90 ] OSFMount C:\Program Files\OSFMount\OSFMount.sys
18:35:36.0649 0x0604 OSFMount - ok
18:35:36.0790 0x0604 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:35:36.0899 0x0604 osppsvc - ok
18:35:36.0915 0x0604 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:35:36.0930 0x0604 p2pimsvc - ok
18:35:36.0946 0x0604 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:35:36.0961 0x0604 p2psvc - ok
18:35:36.0961 0x0604 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:35:36.0961 0x0604 Parport - ok
18:35:36.0977 0x0604 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:35:36.0977 0x0604 partmgr - ok
18:35:36.0977 0x0604 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:35:36.0993 0x0604 PcaSvc - ok
18:35:37.0008 0x0604 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:35:37.0008 0x0604 pci - ok
18:35:37.0008 0x0604 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:35:37.0008 0x0604 pciide - ok
18:35:37.0024 0x0604 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:35:37.0024 0x0604 pcmcia - ok
18:35:37.0039 0x0604 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:35:37.0039 0x0604 pcw - ok
18:35:37.0055 0x0604 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:35:37.0071 0x0604 PEAUTH - ok
18:35:37.0102 0x0604 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:35:37.0149 0x0604 PeerDistSvc - ok
18:35:37.0180 0x0604 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:35:37.0180 0x0604 PerfHost - ok
18:35:37.0211 0x0604 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:35:37.0258 0x0604 pla - ok
18:35:37.0258 0x0604 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:35:37.0289 0x0604 PlugPlay - ok
18:35:37.0289 0x0604 [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:35:37.0289 0x0604 Pml Driver HPZ12 - ok
18:35:37.0305 0x0604 [ A010F13D27C1033A8BE09D5FA9BF348B, 5536A233554C469F270046ADEE12A158F70E2D8BE776BAD0925235B015567D46 ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
18:35:37.0305 0x0604 pneteth - ok
18:35:37.0305 0x0604 PnkBstrA - ok
18:35:37.0305 0x0604 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:35:37.0320 0x0604 PNRPAutoReg - ok
18:35:37.0320 0x0604 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:35:37.0320 0x0604 PNRPsvc - ok
18:35:37.0336 0x0604 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:35:37.0351 0x0604 PolicyAgent - ok
18:35:37.0367 0x0604 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:35:37.0367 0x0604 Power - ok
18:35:37.0383 0x0604 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:35:37.0383 0x0604 PptpMiniport - ok
18:35:37.0383 0x0604 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:35:37.0398 0x0604 Processor - ok
18:35:37.0398 0x0604 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
18:35:37.0414 0x0604 ProfSvc - ok
18:35:37.0414 0x0604 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:35:37.0414 0x0604 ProtectedStorage - ok
18:35:37.0429 0x0604 [ 64E413BA0C529AA40C3924BBCC4153DB, 9E0EB02078EE250AC618D4A4537D54BACDD7E2B67349162CA61F35EAF91601EE ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
18:35:37.0429 0x0604 ProtexisLicensing - ok
18:35:37.0445 0x0604 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:35:37.0445 0x0604 Psched - ok
18:35:37.0476 0x0604 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:35:37.0523 0x0604 ql2300 - ok
18:35:37.0523 0x0604 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:35:37.0523 0x0604 ql40xx - ok
18:35:37.0539 0x0604 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:35:37.0554 0x0604 QWAVE - ok
18:35:37.0554 0x0604 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:35:37.0554 0x0604 QWAVEdrv - ok
18:35:37.0554 0x0604 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:35:37.0570 0x0604 RasAcd - ok
18:35:37.0570 0x0604 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:35:37.0570 0x0604 RasAgileVpn - ok
18:35:37.0570 0x0604 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:35:37.0585 0x0604 RasAuto - ok
18:35:37.0585 0x0604 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:35:37.0601 0x0604 Rasl2tp - ok
18:35:37.0617 0x0604 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:35:37.0617 0x0604 RasMan - ok
18:35:37.0632 0x0604 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:35:37.0632 0x0604 RasPppoe - ok
18:35:37.0648 0x0604 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:35:37.0648 0x0604 RasSstp - ok
18:35:37.0648 0x0604 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:35:37.0663 0x0604 rdbss - ok
18:35:37.0679 0x0604 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:35:37.0679 0x0604 rdpbus - ok
18:35:37.0679 0x0604 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:35:37.0679 0x0604 RDPCDD - ok
18:35:37.0695 0x0604 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:35:37.0695 0x0604 RDPDR - ok
18:35:37.0695 0x0604 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:35:37.0695 0x0604 RDPENCDD - ok
18:35:37.0710 0x0604 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:35:37.0710 0x0604 RDPREFMP - ok
18:35:37.0710 0x0604 [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:35:37.0710 0x0604 RdpVideoMiniport - ok
18:35:37.0726 0x0604 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:35:37.0726 0x0604 RDPWD - ok
18:35:37.0741 0x0604 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:35:37.0741 0x0604 rdyboost - ok
18:35:37.0757 0x0604 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:35:37.0757 0x0604 RemoteAccess - ok
18:35:37.0773 0x0604 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:35:37.0773 0x0604 RemoteRegistry - ok
18:35:37.0788 0x0604 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:35:37.0788 0x0604 RFCOMM - ok
18:35:37.0788 0x0604 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:35:37.0804 0x0604 RpcEptMapper - ok
18:35:37.0804 0x0604 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:35:37.0804 0x0604 RpcLocator - ok
18:35:37.0819 0x0604 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:35:37.0835 0x0604 RpcSs - ok
18:35:37.0835 0x0604 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:35:37.0835 0x0604 rspndr - ok
18:35:37.0851 0x0604 [ 66F9F7161D147B6486A22FEB9425930D, A628BEEE900A3B75104FD73F0BF4728A121A90580340538C9654FEF3B2CC9929 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:35:37.0851 0x0604 RTL8167 - ok
18:35:37.0866 0x0604 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:35:37.0866 0x0604 s3cap - ok
18:35:37.0866 0x0604 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
18:35:37.0866 0x0604 SamSs - ok
18:35:37.0866 0x0604 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:35:37.0882 0x0604 sbp2port - ok
18:35:37.0882 0x0604 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:35:37.0897 0x0604 SCardSvr - ok
18:35:37.0897 0x0604 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:35:37.0897 0x0604 scfilter - ok
18:35:37.0929 0x0604 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:35:37.0960 0x0604 Schedule - ok
18:35:37.0975 0x0604 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:35:37.0975 0x0604 SCPolicySvc - ok
18:35:37.0975 0x0604 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:35:37.0991 0x0604 SDRSVC - ok
18:35:37.0991 0x0604 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:35:37.0991 0x0604 secdrv - ok
18:35:37.0991 0x0604 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:35:38.0007 0x0604 seclogon - ok
18:35:38.0007 0x0604 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
18:35:38.0007 0x0604 SENS - ok
18:35:38.0022 0x0604 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:35:38.0022 0x0604 SensrSvc - ok
18:35:38.0022 0x0604 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:35:38.0022 0x0604 Serenum - ok
18:35:38.0038 0x0604 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:35:38.0038 0x0604 Serial - ok
18:35:38.0038 0x0604 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:35:38.0038 0x0604 sermouse - ok
18:35:38.0053 0x0604 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:35:38.0053 0x0604 SessionEnv - ok
18:35:38.0069 0x0604 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:35:38.0069 0x0604 sffdisk - ok
18:35:38.0069 0x0604 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:35:38.0069 0x0604 sffp_mmc - ok
18:35:38.0069 0x0604 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:35:38.0085 0x0604 sffp_sd - ok
18:35:38.0085 0x0604 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:35:38.0085 0x0604 sfloppy - ok
18:35:38.0100 0x0604 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:35:38.0116 0x0604 SharedAccess - ok
18:35:38.0116 0x0604 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:35:38.0131 0x0604 ShellHWDetection - ok
18:35:38.0131 0x0604 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:35:38.0147 0x0604 SiSRaid2 - ok
18:35:38.0147 0x0604 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:35:38.0147 0x0604 SiSRaid4 - ok
18:35:38.0163 0x0604 [ 4C9F8E72F87F50A6125AAA31B63B2D18, 6EA3C9E8CC0CF848EAA4D760F4526E1FC17EBB731AF45086966EC240C8099367 ] SIUSBXP C:\Windows\system32\drivers\SiUSBXp.sys
18:35:38.0163 0x0604 SIUSBXP - ok
18:35:38.0163 0x0604 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:35:38.0209 0x0604 SkypeUpdate - ok
18:35:38.0209 0x0604 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:35:38.0209 0x0604 Smb - ok
18:35:38.0225 0x0604 [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman C:\Windows\system32\DRIVERS\snapman.sys
18:35:38.0241 0x0604 snapman - ok
18:35:38.0241 0x0604 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:35:38.0241 0x0604 SNMPTRAP - ok
18:35:38.0241 0x0604 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:35:38.0256 0x0604 spldr - ok
18:35:38.0272 0x0604 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:35:38.0287 0x0604 Spooler - ok
18:35:38.0365 0x0604 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:35:38.0428 0x0604 sppsvc - ok
18:35:38.0428 0x0604 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:35:38.0443 0x0604 sppuinotify - ok
18:35:38.0459 0x0604 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:35:38.0475 0x0604 srv - ok
18:35:38.0475 0x0604 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:35:38.0490 0x0604 srv2 - ok
18:35:38.0506 0x0604 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:35:38.0506 0x0604 srvnet - ok
18:35:38.0521 0x0604 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:35:38.0521 0x0604 SSDPSRV - ok
18:35:38.0537 0x0604 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:35:38.0537 0x0604 SstpSvc - ok
18:35:38.0553 0x0604 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:35:38.0553 0x0604 ssudmdm - ok
18:35:38.0568 0x0604 [ DB0768632C680B7C0D3AA92D80416893, BEC3CF4F1CB150AC7C4647DD7C0D5D62B10824308E44467CD77CA3427A46FB20 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:35:38.0599 0x0604 Steam Client Service - ok
18:35:38.0599 0x0604 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:35:38.0599 0x0604 stexstor - ok
18:35:38.0599 0x0604 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
18:35:38.0615 0x0604 StillCam - ok
18:35:38.0631 0x0604 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:35:38.0646 0x0604 stisvc - ok
18:35:38.0646 0x0604 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:35:38.0646 0x0604 storflt - ok
18:35:38.0662 0x0604 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:35:38.0662 0x0604 storvsc - ok
18:35:38.0662 0x0604 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:35:38.0662 0x0604 swenum - ok
18:35:38.0677 0x0604 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:35:38.0693 0x0604 swprv - ok
18:35:38.0865 0x0604 [ A6F60D621EE073CF785C24489CE0F9CD, 2A65274AAC78EFBF65E51A75A17B90C14D93675A5FE1305AAFBDDB5D1B083CEB ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
18:35:39.0021 0x0604 syncagentsrv - ok
18:35:39.0067 0x0604 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:35:39.0114 0x0604 SysMain - ok
18:35:39.0114 0x0604 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:35:39.0114 0x0604 TabletInputService - ok
18:35:39.0130 0x0604 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:35:39.0145 0x0604 TapiSrv - ok
18:35:39.0145 0x0604 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:35:39.0161 0x0604 TBS - ok
18:35:39.0192 0x0604 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:35:39.0255 0x0604 Tcpip - ok
18:35:39.0301 0x0604 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:35:39.0333 0x0604 TCPIP6 - ok
18:35:39.0333 0x0604 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:35:39.0333 0x0604 tcpipreg - ok
18:35:39.0333 0x0604 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:35:39.0348 0x0604 TDPIPE - ok
18:35:39.0379 0x0604 [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
18:35:39.0411 0x0604 tdrpman - ok
18:35:39.0411 0x0604 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:35:39.0426 0x0604 TDTCP - ok
18:35:39.0426 0x0604 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:35:39.0426 0x0604 tdx - ok
18:35:39.0442 0x0604 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:35:39.0442 0x0604 TermDD - ok
18:35:39.0457 0x0604 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:35:39.0473 0x0604 TermService - ok
18:35:39.0489 0x0604 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:35:39.0489 0x0604 Themes - ok
18:35:39.0489 0x0604 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:35:39.0504 0x0604 THREADORDER - ok
18:35:39.0520 0x0604 [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\Windows\system32\DRIVERS\tib.sys
18:35:39.0551 0x0604 tib - ok
18:35:39.0551 0x0604 [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter C:\Windows\system32\DRIVERS\tib_mounter.sys
18:35:39.0567 0x0604 tib_mounter - ok
18:35:39.0567 0x0604 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:35:39.0582 0x0604 TrkWks - ok
18:35:39.0582 0x0604 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:35:39.0598 0x0604 TrustedInstaller - ok
18:35:39.0598 0x0604 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:35:39.0598 0x0604 tssecsrv - ok
18:35:39.0598 0x0604 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:35:39.0613 0x0604 TsUsbFlt - ok
18:35:39.0613 0x0604 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:35:39.0629 0x0604 tunnel - ok
18:35:39.0629 0x0604 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:35:39.0629 0x0604 uagp35 - ok
18:35:39.0645 0x0604 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:35:39.0660 0x0604 udfs - ok
18:35:39.0660 0x0604 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:35:39.0660 0x0604 UI0Detect - ok
18:35:39.0676 0x0604 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:35:39.0676 0x0604 uliagpkx - ok
18:35:39.0676 0x0604 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:35:39.0676 0x0604 umbus - ok
18:35:39.0691 0x0604 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:35:39.0691 0x0604 UmPass - ok
18:35:39.0691 0x0604 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
18:35:39.0707 0x0604 UmRdpService - ok
18:35:39.0707 0x0604 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:35:39.0723 0x0604 upnphost - ok
18:35:39.0738 0x0604 [ AF1B9474D67897D0C2CFF58E0ACEACCC, 5ED9836EC7BEEB6706C327EF199E9B674863ED8C83890DDE5E5A6554C2DA5288 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:35:39.0738 0x0604 USBAAPL64 - ok
18:35:39.0738 0x0604 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:35:39.0754 0x0604 usbaudio - ok
18:35:39.0754 0x0604 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:35:39.0754 0x0604 usbccgp - ok
18:35:39.0769 0x0604 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:35:39.0769 0x0604 usbcir - ok
18:35:39.0769 0x0604 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:35:39.0785 0x0604 usbehci - ok
18:35:39.0785 0x0604 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:35:39.0801 0x0604 usbhub - ok
18:35:39.0801 0x0604 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:35:39.0816 0x0604 usbohci - ok
18:35:39.0816 0x0604 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:35:39.0816 0x0604 usbprint - ok
18:35:39.0816 0x0604 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:35:39.0832 0x0604 usbscan - ok
18:35:39.0832 0x0604 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:35:39.0832 0x0604 USBSTOR - ok
18:35:39.0847 0x0604 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:35:39.0847 0x0604 usbuhci - ok
18:35:39.0847 0x0604 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:35:39.0863 0x0604 UxSms - ok
18:35:39.0863 0x0604 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
18:35:39.0863 0x0604 VaultSvc - ok
18:35:39.0863 0x0604 [ 58E2365E7FD880624F648C63C5D22009, 9E00C2EF3488B7477AFF75FA62F2B66FD54166C19DCA594216B23EB046335FF0 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
18:35:39.0879 0x0604 VBoxNetAdp - ok
18:35:39.0879 0x0604 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:35:39.0879 0x0604 vdrvroot - ok
18:35:39.0894 0x0604 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:35:39.0910 0x0604 vds - ok
18:35:39.0910 0x0604 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:35:39.0925 0x0604 vga - ok
18:35:39.0925 0x0604 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:35:39.0925 0x0604 VgaSave - ok
18:35:39.0941 0x0604 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:35:39.0941 0x0604 vhdmp - ok
18:35:39.0957 0x0604 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:35:39.0957 0x0604 viaide - ok
18:35:39.0957 0x0604 [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
18:35:39.0972 0x0604 vididr - ok
18:35:39.0972 0x0604 [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt C:\Windows\system32\DRIVERS\vidsflt.sys
18:35:39.0988 0x0604 vidsflt - ok
18:35:39.0988 0x0604 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:35:40.0003 0x0604 vmbus - ok
18:35:40.0003 0x0604 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:35:40.0003 0x0604 VMBusHID - ok
18:35:40.0003 0x0604 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:35:40.0019 0x0604 volmgr - ok
18:35:40.0035 0x0604 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:35:40.0035 0x0604 volmgrx - ok
18:35:40.0050 0x0604 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:35:40.0066 0x0604 volsnap - ok
18:35:40.0066 0x0604 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
18:35:40.0081 0x0604 vpcbus - ok
18:35:40.0081 0x0604 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
18:35:40.0081 0x0604 vpcnfltr - ok
18:35:40.0097 0x0604 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
18:35:40.0097 0x0604 vpcusb - ok
18:35:40.0113 0x0604 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
18:35:40.0113 0x0604 vpcvmm - ok
18:35:40.0128 0x0604 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:35:40.0128 0x0604 vsmraid - ok
18:35:40.0175 0x0604 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:35:40.0206 0x0604 VSS - ok
18:35:40.0222 0x0604 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:35:40.0222 0x0604 vwifibus - ok
18:35:40.0222 0x0604 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:35:40.0222 0x0604 vwififlt - ok
18:35:40.0237 0x0604 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:35:40.0253 0x0604 W32Time - ok
18:35:40.0253 0x0604 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:35:40.0269 0x0604 WacomPen - ok
18:35:40.0269 0x0604 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:35:40.0269 0x0604 WANARP - ok
18:35:40.0284 0x0604 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:35:40.0284 0x0604 Wanarpv6 - ok
18:35:40.0315 0x0604 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:35:40.0347 0x0604 WatAdminSvc - ok
18:35:40.0378 0x0604 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:35:40.0425 0x0604 wbengine - ok
18:35:40.0425 0x0604 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:35:40.0440 0x0604 WbioSrvc - ok
18:35:40.0456 0x0604 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:35:40.0471 0x0604 wcncsvc - ok
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby iamdon » December 22nd, 2014, 7:39 pm

18:35:40.0471 0x0604 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:35:40.0471 0x0604 WcsPlugInService - ok
18:35:40.0471 0x0604 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:35:40.0487 0x0604 Wd - ok
18:35:40.0503 0x0604 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:35:40.0534 0x0604 Wdf01000 - ok
18:35:40.0534 0x0604 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:35:40.0534 0x0604 WdiServiceHost - ok
18:35:40.0534 0x0604 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:35:40.0549 0x0604 WdiSystemHost - ok
18:35:40.0549 0x0604 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:35:40.0565 0x0604 WebClient - ok
18:35:40.0565 0x0604 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:35:40.0581 0x0604 Wecsvc - ok
18:35:40.0596 0x0604 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:35:40.0596 0x0604 wercplsupport - ok
18:35:40.0596 0x0604 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:35:40.0612 0x0604 WerSvc - ok
18:35:40.0612 0x0604 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:35:40.0612 0x0604 WfpLwf - ok
18:35:40.0612 0x0604 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:35:40.0627 0x0604 WIMMount - ok
18:35:40.0627 0x0604 WinDefend - ok
18:35:40.0627 0x0604 WinHttpAutoProxySvc - ok
18:35:40.0643 0x0604 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:35:40.0659 0x0604 Winmgmt - ok
18:35:40.0690 0x0604 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:35:40.0752 0x0604 WinRM - ok
18:35:40.0752 0x0604 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:35:40.0768 0x0604 WinUsb - ok
18:35:40.0783 0x0604 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:35:40.0815 0x0604 Wlansvc - ok
18:35:40.0861 0x0604 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:35:40.0908 0x0604 wlidsvc - ok
18:35:40.0908 0x0604 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:35:40.0924 0x0604 WmiAcpi - ok
18:35:40.0924 0x0604 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:35:40.0939 0x0604 wmiApSrv - ok
18:35:40.0939 0x0604 WMPNetworkSvc - ok
18:35:40.0939 0x0604 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:35:40.0939 0x0604 WPCSvc - ok
18:35:40.0955 0x0604 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:35:40.0955 0x0604 WPDBusEnum - ok
18:35:40.0955 0x0604 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:35:40.0971 0x0604 ws2ifsl - ok
18:35:40.0971 0x0604 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
18:35:40.0971 0x0604 wscsvc - ok
18:35:40.0986 0x0604 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:35:40.0986 0x0604 WSDPrintDevice - ok
18:35:40.0986 0x0604 WSearch - ok
18:35:41.0049 0x0604 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:35:41.0095 0x0604 wuauserv - ok
18:35:41.0111 0x0604 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:35:41.0111 0x0604 WudfPf - ok
18:35:41.0127 0x0604 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:41.0127 0x0604 WUDFRd - ok
18:35:41.0142 0x0604 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:35:41.0142 0x0604 wudfsvc - ok
18:35:41.0158 0x0604 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:35:41.0158 0x0604 WwanSvc - ok
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am

Re: Slow computer - memory low

Unread postby iamdon » December 22nd, 2014, 7:39 pm

5:41.0173 0x0604 ================ Scan global ===============================
18:35:41.0173 0x0604 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:35:41.0189 0x0604 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:35:41.0205 0x0604 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:35:41.0205 0x0604 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:35:41.0220 0x0604 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:35:41.0236 0x0604 [ Global ] - ok
18:35:41.0236 0x0604 ================ Scan MBR ==================================
18:35:41.0236 0x0604 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:35:41.0329 0x0604 \Device\Harddisk0\DR0 - ok
18:35:41.0345 0x0604 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:35:41.0361 0x0604 \Device\Harddisk1\DR1 - ok
18:35:41.0361 0x0604 ================ Scan VBR ==================================
18:35:41.0361 0x0604 [ F43B562702FF37D7381850DFA5984ED9 ] \Device\Harddisk0\DR0\Partition1
18:35:41.0361 0x0604 \Device\Harddisk0\DR0\Partition1 - ok
18:35:41.0376 0x0604 [ 6AAF28D6F5571021937CC491A5976D10 ] \Device\Harddisk0\DR0\Partition2
18:35:41.0376 0x0604 \Device\Harddisk0\DR0\Partition2 - ok
18:35:41.0376 0x0604 [ AA98E7D8C6737058687F0092C0FBADBF ] \Device\Harddisk1\DR1\Partition1
18:35:41.0376 0x0604 \Device\Harddisk1\DR1\Partition1 - ok
18:35:41.0376 0x0604 ================ Scan generic autorun ======================
18:35:41.0626 0x0604 [ 12A5B2D07E28D9BF17CFE60255AE7448, 15CEBC602FC6241C23162DF9ECC847B056A997CBB5DE2C95A3E448288C60DA48 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:35:41.0844 0x0604 RtHDVCpl - ok
18:35:42.0016 0x0604 [ DF28522D35647687A6CABF7E325116B8, 7EE2EA20117974334316F5EFA0E9D91209D6103404B174594273254B030BC9C2 ] C:\Program Files\Logitech Gaming Software\LCore.exe
18:35:42.0156 0x0604 Launch LCore - ok
18:35:42.0203 0x0604 [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
18:35:42.0250 0x0604 EvtMgr6 - ok
18:35:42.0265 0x0604 [ 62C16443C5997CD83DC382720F07C255, 89EFBCFADA01B431F4CC19AB2EFC5E56288A17BC9FB15A1209A0CBFE44B8D022 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
18:35:42.0281 0x0604 Acronis Scheduler2 Service - ok
18:35:42.0421 0x0604 [ 888853056D36AED6954A98E7A88869B2, 59139CD0AB1DB5855C27DC6CFA3B8467550E8A00772F74A4E3371BD0D7F61DB3 ] C:\Program Files\Box\Box Sync\BoxSync.exe
18:35:42.0531 0x0604 BoxSync - ok
18:35:42.0546 0x0604 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:35:42.0546 0x0604 BCSSync - ok
18:35:42.0562 0x0604 [ 12FD7C1EADDDA10A67B1D6F905B3CC1E, 54FA875C5C3D7AD2D5AE966C72C63558D152455AB78816F31345443F0B13D89F ] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
18:35:42.0577 0x0604 ContentTransferWMDetector.exe - ok
18:35:42.0577 0x0604 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:35:42.0577 0x0604 APSDaemon - ok
18:35:42.0593 0x0604 [ 016B31B67ACDF4AEB325FAC166684E5D, 3C22DF4E55554EB16EA2CA5927285C35E2A6C3DE22ACDDCD68492EAFAD4B0A9F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
18:35:42.0593 0x0604 ControlCenter4 - ok
18:35:42.0655 0x0604 [ 7F42FFCD6FF7CA558C2D95DADCD5EFA9, CD9E71A718AD3FF465950A7D3937884154F021A296C301BE2FECD0AE69F04713 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
18:35:42.0702 0x0604 BrStsMon00 - ok
18:35:42.0780 0x0604 [ 2589FFE360BED8F824CBC6171CB5B874, 4C532EE4707F9B4314AF7FC88C86B48AFCDE03A2097919F9801BE47EB5CC61EB ] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
18:35:42.0843 0x0604 LogitechQuickCamRibbon - ok
18:35:42.0858 0x0604 [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
18:35:42.0858 0x0604 amd_dc_opt - ok
18:35:42.0874 0x0604 [ 7C73B5C50CAEDB1771A049142026906B, A4992339D71A9297963C70616C4124BD701E46AEE439E09C392C2B2EBAE624E6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:35:42.0905 0x0604 StartCCC - ok
18:35:42.0921 0x0604 [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:35:42.0936 0x0604 avgnt - ok
18:35:43.0014 0x0604 [ 15F3F063FAABB583C0A383DC0D4AAACC, FC0044F32E7805E382AED9670C59D1FC3238B43F9797839981B010E794BC7D24 ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
18:35:43.0077 0x0604 Fitbit Connect - ok
18:35:43.0264 0x0604 [ 858D373AA85E0A314E8AA453B8D33025, B56169883EBE97D5B4BC837E7EC10D6F591DD678B9CCC560E7E9D724E0F4B787 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
18:35:43.0404 0x0604 TrueImageMonitor.exe - ok
18:35:43.0435 0x0604 [ 8E82108A801F3629413C368657F73178, 6837D97E242D0E4FD546FC07FF0C382F261D9D3DF0D1CCC48C4B152F4BCC71DE ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
18:35:43.0467 0x0604 AcronisTibMounterMonitor - ok
18:35:43.0467 0x0604 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:35:43.0482 0x0604 iTunesHelper - ok
18:35:43.0513 0x0604 [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:35:43.0529 0x0604 Adobe ARM - ok
18:35:43.0545 0x0604 [ BA18CFAB98426BFA6D6EC7E5B1961ED0, 540BF2CFDB099296F2AA24D192EFC5B013C88C0152763454521355ACBB50337D ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
18:35:43.0545 0x0604 Avira Systray - ok
18:35:43.0560 0x0604 [ 168531BB1255C1B45DF47694409F9DE1, DB8AD75FA5A4D455FE220E2D8940572D08490D5E6535F7EF2C94C1DFAC2D7CA2 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
18:35:43.0576 0x0604 OfficeSyncProcess - ok
18:35:43.0591 0x0604 [ 50FB3AFAF11D6454CCA794487EC36141, 9B49D0F6BB8746246D7A7C7BC5A57CFA2A86FDBE7539A550642C4A1591587A04 ] C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe
18:35:43.0607 0x0604 Jump Desktop - ok
18:35:43.0716 0x0604 [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Lyndon\AppData\Local\Akamai\netsession_win.exe
18:35:43.0810 0x0604 Akamai NetSession Interface - ok
18:35:43.0888 0x0604 [ 15F3F063FAABB583C0A383DC0D4AAACC, FC0044F32E7805E382AED9670C59D1FC3238B43F9797839981B010E794BC7D24 ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
18:35:43.0935 0x0604 Fitbit Connect - ok
18:35:43.0935 0x0604 Adobe Speed Launcher - ok
18:35:43.0935 0x0604 Waiting for KSN requests completion. In queue: 26
18:35:44.0949 0x0604 Waiting for KSN requests completion. In queue: 26
18:35:45.0963 0x0604 Waiting for KSN requests completion. In queue: 26
18:35:47.0039 0x0604 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
18:35:47.0055 0x0604 Win FW state via NFP2: enabled
18:35:49.0597 0x0604 ============================================================
18:35:49.0597 0x0604 Scan finished
18:35:49.0597 0x0604 ============================================================
18:35:49.0597 0x05e4 Detected object count: 0
18:35:49.0597 0x05e4 Actual detected object count: 0
18:38:24.0474 0x0fa0 Deinitialize success
iamdon
Active Member
 
Posts: 13
Joined: October 6th, 2010, 9:34 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 49 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware