Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

PUMS.dns help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

system-log

Unread postby ukemike » November 18th, 2015, 3:26 am

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18059

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.392000 GHz
Memory total: 8571772928, free: 6905004032

Downloaded database version: v2015.11.18.01
Downloaded database version: v2015.11.14.01
Downloaded database version: v2015.11.17.01
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
11/17/2015 22:34:09
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\DRIVERS\mv91xx.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\mvxxmm.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ctxusbm.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\EIO64.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\ATKDispLowFilter.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\System32\Drivers\EtronXHCI.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\drivers\asusgsb.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\EtronHub3.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\nx6000.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\LUsbFilt.Sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\??\C:\Windows\system32\drivers\IOMap64.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\sechost.dll
\Windows\System32\kernel32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\nsi.dll
\Windows\System32\shell32.dll
\Windows\System32\difxapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\shlwapi.dll
\Windows\System32\usp10.dll
\Windows\System32\msvcrt.dll
\Windows\System32\imagehlp.dll
\Windows\System32\ole32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\psapi.dll
\Windows\System32\user32.dll
\Windows\System32\normaliz.dll
\Windows\System32\imm32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\advapi32.dll
\Windows\System32\msctf.dll
\Windows\System32\wininet.dll
\Windows\System32\lpk.dll
\Windows\System32\oleaut32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\iertutil.dll
\Windows\System32\gdi32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\devobj.dll
\Windows\System32\userenv.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
main: v2015.11.18.01
rootkit: v2015.11.14.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80082de060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80082deb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80082de060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007b33e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007b3c060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A3BC0379

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition is bootable
Partition file system is NTFS

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 206848 Numsec = 251644157
Partition is bootable
Partition file system is NTFS

Partition 2 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 251851005 Numsec = 2678421060
Partition is not bootable

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable

Disk Size: 1500301910016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8006dcf3c0, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80084ac700, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006dcf3c0, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80071f1230, DeviceName: \Device\0000008f\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18

Partition information:

Partition 0 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 8064 Numsec = 7803008
Partition is not bootable
Partition file system is FAT32

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable

Disk Size: 3999268864 bytes
Sector size: 512 bytes

Done!
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.7C" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-661779AFA5426927B774774C1EA9E99B9EB0514F.bin.83" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-2-251851005-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-8064-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm
Advertisement
Register to Remove

Re: PUMS.dns help

Unread postby ukemike » November 18th, 2015, 3:40 am

internet works, the dns is set correctly, windows update looks like it's working, and windows firewall looks like it is working.
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

Re: PUMS.dns help

Unread postby pgmigg » November 18th, 2015, 11:18 am

Hello ukemike,

step 5 ran malwarebytes antirootkit, updated database then ran the scan, log to follow. It found no problems on the first pass.
Your last sentence here is the most important news for now! :D But I am still waiting for Step 6. - OTL scan.

Please provide it and I will be ready for the new set of steps...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3179
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

OTL

Unread postby ukemike » November 19th, 2015, 2:32 am

I don't know how I missed the OTL part.

I ran it just now and will post the logs, but there is one caveat. I shut down my pc last night and to my suprise windows update applied some windows updates. Usually I have it set to ask before installing, something in this process must have reset it to default settings. In the first post you said not to install anything. Oops.

Here is the OTL.txt

OTL logfile created on: 11/18/2015 10:22:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mike\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18097)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.45 Gb Available Physical Memory | 68.25% Memory free
15.96 Gb Paging File | 13.28 Gb Available in Paging File | 83.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.99 Gb Total Space | 51.26 Gb Free Space | 42.72% Space Free | Partition Type: NTFS
Drive D: | 1277.17 Gb Total Space | 860.44 Gb Free Space | 67.37% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 70.37 Mb Free Space | 70.37% Space Free | Partition Type: NTFS

Computer Name: SERENITY | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/11/17 22:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
PRC - [2015/09/14 21:35:19 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
PRC - [2013/10/01 19:09:06 | 000,928,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2013/10/01 19:08:24 | 000,153,992 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
PRC - [2013/10/01 19:08:04 | 000,395,656 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2013/10/01 15:29:04 | 001,505,608 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
PRC - [2013/09/11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2013/08/09 13:53:42 | 000,054,152 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2013/01/24 10:12:32 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\No-IP\ducservice.exe
PRC - [2013/01/24 10:12:30 | 000,270,336 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC40.exe
PRC - [2012/08/06 21:25:12 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/08/06 21:25:02 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/08/06 21:25:02 | 000,960,440 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/04/24 01:06:46 | 000,229,376 | ---- | M] (Visioneer Inc.) -- C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
PRC - [2011/12/09 09:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011/05/20 09:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/09/30 18:56:56 | 001,290,240 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
PRC - [2010/09/14 15:17:00 | 000,061,440 | ---- | M] () -- C:\Windows\SysWOW64\ASDR.exe
PRC - [2009/08/04 16:21:58 | 000,030,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
PRC - [2009/07/30 17:10:04 | 000,380,928 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
PRC - [2009/06/24 09:57:04 | 000,136,704 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe


========== Modules (No Company Name) ==========

MOD - [2015/11/18 07:12:15 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\672f0c214d9f136d6d471c466149484d\PresentationFramework.ni.dll
MOD - [2015/11/18 07:12:07 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7db5806ac75b14833569b27746d63725\PresentationCore.ni.dll
MOD - [2015/11/18 07:12:05 | 012,935,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1f91e1eb6dd96423dbe49ef2085ddb21\System.Windows.Forms.ni.dll
MOD - [2015/11/18 07:09:32 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\dc5e9aaf3f627418b920205c75b926df\System.Windows.Forms.ni.dll
MOD - [2015/11/18 07:09:15 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\4ba30d4daa50747f9901138a559307ef\System.Runtime.Remoting.ni.dll
MOD - [2015/09/13 19:04:33 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\307c0c82ccf884cc4a989ea13bfb0bc6\IAStorUtil.ni.dll
MOD - [2015/09/13 18:55:58 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c00840ee7b4eb45e78557fc3c8785733\System.ServiceProcess.ni.dll
MOD - [2015/09/13 18:55:54 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\38234ab6b7aa0762a54e27862d8bbdfe\System.Web.ni.dll
MOD - [2015/09/13 18:55:35 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\82ecf48db57ddf66f74fca17b0f99453\System.Drawing.ni.dll
MOD - [2015/09/10 13:38:41 | 001,650,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\0fa731ea0ae5de79fe1c1ab061d82fd1\System.Drawing.ni.dll
MOD - [2015/09/10 13:38:40 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\b6235b443cbc8a5f1fde136f4c0b8c6e\System.ServiceProcess.ni.dll
MOD - [2015/06/19 08:43:44 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8115eb34e0d122591c2a9595cfff225e\WindowsBase.ni.dll
MOD - [2015/06/19 08:43:40 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d2acb5226fa8916ef6417139a742a09d\System.Core.ni.dll
MOD - [2015/06/19 08:43:36 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5023210ae4242a319712718fc6a23848\System.Configuration.ni.dll
MOD - [2015/05/29 06:54:15 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015/04/28 16:49:02 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2014/11/02 13:46:15 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/11/02 13:46:04 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/11/01 23:42:09 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/11/01 23:42:07 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/11/01 23:42:02 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\c90a4b709b46b64c89fce02585d55370\System.Management.ni.dll
MOD - [2014/11/01 23:42:01 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/11/01 23:41:57 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/09/14 07:05:05 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/04/22 06:09:46 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/03/20 14:49:17 | 000,610,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2013/01/24 10:12:30 | 000,270,336 | ---- | M] () -- C:\Program Files (x86)\No-IP\DUC40.exe
MOD - [2013/01/23 22:34:34 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\No-IP\ducapi.dll
MOD - [2012/08/12 21:50:50 | 000,115,137 | ---- | M] () -- C:\Users\Mike\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll
MOD - [2012/08/06 21:25:12 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2010/09/14 15:21:00 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll
MOD - [2010/09/14 15:17:00 | 000,643,142 | ---- | M] () -- C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll
MOD - [2009/08/04 16:23:16 | 000,063,032 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll
MOD - [2009/08/04 16:23:02 | 000,075,320 | ---- | M] () -- C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll
MOD - [2009/04/29 19:46:20 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\GamerOSD\ImageTransform.dll
MOD - [2009/02/17 17:22:16 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\ASUS\GamerOSD\AudioOnVistaDLL.dll


========== Services (SafeList) ==========

SRV:64bit: - [2015/10/30 15:12:09 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/10/07 18:27:58 | 002,780,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/04/30 00:53:40 | 000,366,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2015/04/30 00:53:40 | 000,023,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014/03/24 14:50:50 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/20 01:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/12/13 13:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/12/01 13:22:58 | 000,063,488 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\Windows\SysNative\ATKFUSService.exe -- (ATKFUSService)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015/11/10 19:43:35 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/11/05 08:44:06 | 000,836,176 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/11/03 21:07:22 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/20 14:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/01/24 10:12:32 | 000,011,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\No-IP\ducservice.exe -- (NoIPDUCService4)
SRV - [2012/04/24 01:06:46 | 000,229,376 | ---- | M] (Visioneer Inc.) [Auto | Running] -- C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2011/05/20 09:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/09/14 15:17:00 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR)
SRV - [2009/06/24 09:57:04 | 000,136,704 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015/11/15 19:39:20 | 000,035,064 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2015/03/04 18:34:52 | 000,124,568 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/03/18 16:24:44 | 000,040,728 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2014/03/18 16:24:40 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2014/03/18 16:24:38 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/10/01 18:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/24 07:10:34 | 000,097,768 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2013/04/12 10:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/09/25 21:45:35 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2012/09/19 10:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 10:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/04/15 15:14:52 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/01 21:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/06/01 21:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/06/01 21:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/05/20 08:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/21 10:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/20 01:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 00:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/07 21:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/02/07 21:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010/12/20 21:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010/12/13 13:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 19:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/30 19:35:06 | 000,302,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010/09/14 15:21:00 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:64bit: - [2010/08/15 14:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2009/11/17 15:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/17 17:22:22 | 000,039,424 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV:64bit: - [2009/02/17 17:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-517068509-634416315-2748464958-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-517068509-634416315-2748464958-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-517068509-634416315-2748464958-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-517068509-634416315-2748464958-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-517068509-634416315-2748464958-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 48 D4 64 AF 51 CF 01 [binary data]
IE - HKU\S-1-5-21-517068509-634416315-2748464958-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-517068509-634416315-2748464958-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultenginename.US: "Google"
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing,Twitter"
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.startup.homepage: "http://www.netvibes.com/privatepage/1#Home"
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.18.1-signed
FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.6.3.1-signed
FF - prefs.js..extensions.enabledAddons: imageblock%40hemantvats.com:2.1.1-signed
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.2.1
FF - prefs.js..extensions.enabledAddons: anticontainer%40downthemall.net:1.4
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.9.39
FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.4.2
FF - prefs.js..extensions.enabledAddons: https-everywhere-eff%40eff.org:5.1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Citrix.com/npagee64,version=10.5.54.9: C:\Program Files\Citrix\Secure Access Client\npagee64.dll (Citrix Systems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npagee,version=10.5.54.9: C:\Program Files\Citrix\Secure Access Client\npagee.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015/02/06 23:22:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 14:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/11/03 21:07:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015/11/03 21:07:17 | 000,000,000 | ---D | M]

[2012/04/15 15:33:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
[2015/11/01 15:10:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions
[2015/08/30 19:32:55 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\https-everywhere-eff@eff.org
[2015/10/18 17:00:41 | 000,094,245 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\anticontainer@downthemall.net.xpi
[2015/11/01 15:10:16 | 000,637,196 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
[2015/08/23 22:14:21 | 000,022,699 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\imageblock@hemantvats.com.xpi
[2015/08/30 19:32:39 | 000,010,635 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\tineye@ideeinc.com.xpi
[2015/05/29 05:46:32 | 000,103,648 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2015/10/25 22:04:59 | 000,562,123 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2015/09/24 19:09:45 | 000,962,762 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/05/27 11:24:24 | 000,665,944 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\o2dhv4b0.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2015/11/03 21:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2015/11/03 21:07:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2015/11/03 21:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/11/03 21:07:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/04/13 19:00:48 | 000,170,592 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2011/12/09 09:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl\2015.1102.418.3_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" File not found
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Redirector] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-517068509-634416315-2748464958-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-517068509-634416315-2748464958-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-517068509-634416315-2748464958-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-517068509-634416315-2748464958-1000..\Run: [NoIPDUCv4] C:\Program Files (x86)\No-IP\DUC40.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-517068509-634416315-2748464958-1000\..Trusted Domains: terracon.com ([]* in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.201.224.11 208.201.224.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5039F796-9A3C-4853-A851-000D20138441}: DhcpNameServer = 208.201.224.11 208.201.224.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5039F796-9A3C-4853-A851-000D20138441}: NameServer = 208.67.222.222,208.67.220.220,173.230.156.28,23.226.230.72,69.164.196.21,50.116.23.211
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\msosb.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4243e145-8744-11e1-9ec5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4243e145-8744-11e1-9ec5-806e6f6e6963}\Shell\AutoRun\command - "" = F:\ASRSetup.exe
O33 - MountPoints2\{54484ec6-9472-11e4-8e92-bc5ff41c4043}\Shell - "" = AutoRun
O33 - MountPoints2\{54484ec6-9472-11e4-8e92-bc5ff41c4043}\Shell\AutoRun\command - "" = I:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015/11/17 22:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2015/11/17 22:32:28 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/11/17 22:32:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\mbar
[2015/11/17 22:23:31 | 016,563,352 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Mike\Desktop\mbar-1.09.3.1001.exe
[2015/11/17 22:23:31 | 001,599,080 | ---- | C] (Malwarebytes) -- C:\Users\Mike\Desktop\JRT.exe
[2015/11/17 22:23:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2015/11/17 21:48:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/11/17 18:19:43 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2015/11/17 18:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2015/11/17 18:10:40 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Users\Mike\Desktop\MGADiag.exe
[2015/11/17 18:10:40 | 000,509,440 | ---- | C] (Tech Support Guy System) -- C:\Users\Mike\Desktop\SysInfo.exe
[2015/11/15 19:49:40 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Mike\Desktop\dds.scr
[2015/11/15 13:03:51 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\CrashDumps
[2015/11/15 12:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2015/11/15 09:48:31 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\111515
[2015/11/10 20:20:31 | 003,168,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/11/10 20:20:31 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/11/10 20:20:31 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/11/10 20:20:31 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/11/10 20:20:31 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/11/10 20:20:31 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/11/10 20:20:31 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/11/10 20:20:31 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/11/10 20:20:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/11/10 20:20:31 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/11/10 20:20:31 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/11/10 20:20:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/11/10 20:20:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/11/10 20:20:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/11/10 20:20:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/11/10 20:20:24 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/11/10 20:20:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/11/10 20:20:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/11/10 20:20:24 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/11/10 20:20:23 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/11/10 20:20:23 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015/11/10 20:20:23 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/11/10 20:20:23 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/11/10 20:20:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/11/10 20:20:23 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/11/10 20:20:22 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/11/10 20:20:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015/11/10 20:20:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/11/10 20:20:21 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/11/10 20:20:21 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/11/10 20:20:21 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/11/10 20:20:21 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/11/10 20:20:21 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/11/10 20:20:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/11/10 20:20:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/11/10 20:20:20 | 002,126,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/11/10 20:20:20 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/11/10 20:20:20 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/11/10 20:20:20 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/11/10 20:20:20 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/11/10 20:20:19 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/11/10 20:20:19 | 000,585,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/11/10 20:20:19 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/11/10 20:20:19 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/11/10 20:20:18 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/11/10 20:20:18 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/11/10 20:20:18 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/11/10 20:20:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/11/10 20:20:17 | 005,990,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/11/10 20:20:17 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/11/10 20:20:17 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/11/10 20:20:17 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/11/10 20:20:17 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/11/10 20:20:16 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/11/10 20:20:16 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/11/10 20:20:16 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/11/10 20:17:59 | 005,570,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/11/10 20:17:59 | 003,991,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/11/10 20:17:58 | 003,935,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/11/10 20:17:58 | 001,730,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/11/10 20:17:58 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/11/10 20:17:58 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015/11/10 20:17:58 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/11/10 20:17:58 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/11/10 20:17:58 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/11/10 20:17:58 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/11/10 20:17:58 | 000,299,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2015/11/10 20:17:58 | 000,251,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcryptprimitives.dll
[2015/11/10 20:17:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/11/10 20:17:57 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/11/10 20:17:57 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/11/10 20:17:57 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/11/10 20:17:57 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/11/10 20:17:57 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/11/10 20:17:57 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/11/10 20:17:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/11/10 20:17:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/11/10 20:17:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/11/10 20:17:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/11/10 20:17:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015/11/10 20:17:56 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/11/10 20:17:56 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/11/10 20:17:56 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/11/10 20:17:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/11/10 20:17:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/11/10 20:17:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/11/10 20:17:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/11/10 20:17:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/11/10 20:17:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/11/10 20:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/11/10 20:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/11/10 20:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/11/10 20:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/11/10 20:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/11/10 20:17:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/11/10 20:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/11/10 20:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/11/10 20:17:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/11/10 20:17:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/11/10 20:17:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/11/10 20:17:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/11/10 20:17:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/11/10 20:17:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/11/10 20:17:54 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/11/10 20:17:54 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/11/10 20:17:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/11/10 20:17:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/11/10 20:17:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/11/10 20:17:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/11/10 20:17:46 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2015/11/10 20:17:46 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2015/11/10 20:17:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jnwmon.dll
[2015/11/10 19:43:24 | 005,286,088 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015/11/03 21:07:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/11/01 08:52:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minutor
[2015/11/01 08:52:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minutor
[2015/10/22 18:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[1 C:\Users\Mike\*.tmp files -> C:\Users\Mike\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/11/18 22:21:43 | 000,031,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/11/18 22:21:43 | 000,031,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/11/18 22:19:56 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-517068509-634416315-2748464958-1000UA.job
[2015/11/18 22:18:06 | 000,799,414 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/11/18 22:18:06 | 000,674,782 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/11/18 22:18:06 | 000,126,454 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/11/18 22:14:52 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/18 22:13:49 | 000,491,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/11/18 22:13:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/11/18 22:13:26 | 2133,860,351 | -HS- | M] () -- C:\hiberfil.sys
[2015/11/18 07:08:43 | 000,791,536 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/11/18 06:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/11/18 06:40:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/17 22:34:09 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/11/17 22:32:28 | 000,109,272 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/11/17 22:04:38 | 016,563,352 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Mike\Desktop\mbar-1.09.3.1001.exe
[2015/11/17 22:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2015/11/17 22:00:30 | 001,599,080 | ---- | M] (Malwarebytes) -- C:\Users\Mike\Desktop\JRT.exe
[2015/11/17 21:47:00 | 001,732,096 | ---- | M] () -- C:\Users\Mike\Desktop\adwcleaner_5.021.exe
[2015/11/17 16:19:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-517068509-634416315-2748464958-1000Core.job
[2015/11/17 06:50:28 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Mike\Desktop\MGADiag.exe
[2015/11/17 06:50:10 | 000,025,088 | ---- | M] () -- C:\Users\Mike\Desktop\codecheck.exe
[2015/11/17 06:50:00 | 000,509,440 | ---- | M] (Tech Support Guy System) -- C:\Users\Mike\Desktop\SysInfo.exe
[2015/11/17 06:49:52 | 000,468,480 | ---- | M] () -- C:\Users\Mike\Desktop\CKScanner.exe
[2015/11/17 06:49:32 | 000,007,596 | ---- | M] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2015/11/15 19:39:20 | 000,035,064 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/11/15 19:27:56 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Mike\Desktop\dds.scr
[2015/11/15 07:41:08 | 843,776,579 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015/11/10 19:43:35 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/11/10 19:43:35 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/11/10 19:43:25 | 005,286,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015/11/05 22:24:10 | 000,001,142 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2015/10/30 15:40:38 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/10/30 15:25:55 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/10/30 15:25:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/10/30 15:25:08 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/10/30 15:24:50 | 000,585,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/10/30 15:24:34 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/10/30 15:16:25 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/10/30 15:13:14 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/10/30 15:12:09 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/10/30 15:12:09 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/10/30 15:11:58 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/10/30 15:11:51 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015/10/30 15:11:46 | 005,990,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/10/30 15:04:48 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/10/30 15:01:22 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/10/30 14:53:49 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/10/30 14:49:46 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/10/30 14:49:06 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/10/30 14:46:32 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/10/30 14:46:27 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/10/30 14:45:51 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/10/30 14:45:42 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/10/30 14:44:57 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/10/30 14:44:55 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015/10/30 14:39:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/10/30 14:37:31 | 000,480,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/10/30 14:36:25 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/10/30 14:36:24 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015/10/30 14:36:06 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/10/30 14:32:13 | 000,720,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/10/30 14:31:26 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/10/30 14:29:57 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/10/30 14:29:52 | 002,126,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/10/30 14:23:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/10/30 14:21:10 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/10/30 14:19:51 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/10/30 14:17:41 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015/10/30 14:09:23 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/10/30 14:09:15 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/10/30 13:53:01 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/10/30 13:46:02 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/10/24 07:42:32 | 000,000,211 | ---- | M] () -- C:\Users\Mike\Desktop\Call of Duty Black Ops II.url
[2015/10/23 20:04:48 | 000,000,208 | ---- | M] () -- C:\Users\Mike\Desktop\Team Fortress 2.url
[2015/10/20 10:42:14 | 003,168,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/10/20 10:42:14 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/10/20 10:42:14 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/10/20 10:42:14 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/10/20 10:42:14 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/10/20 10:42:13 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/10/20 10:41:36 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/10/20 10:41:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/10/20 10:41:22 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/10/20 10:41:22 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/10/20 09:46:02 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/10/20 09:46:02 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/10/20 09:46:02 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/10/20 09:46:01 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/10/20 09:45:08 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[1 C:\Users\Mike\*.tmp files -> C:\Users\Mike\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/11/17 21:47:59 | 001,732,096 | ---- | C] () -- C:\Users\Mike\Desktop\adwcleaner_5.021.exe
[2015/11/17 18:10:40 | 000,468,480 | ---- | C] () -- C:\Users\Mike\Desktop\CKScanner.exe
[2015/11/17 18:10:40 | 000,025,088 | ---- | C] () -- C:\Users\Mike\Desktop\codecheck.exe
[2015/11/15 21:17:39 | 000,007,596 | ---- | C] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2015/11/15 12:16:36 | 000,035,064 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/10/24 07:42:32 | 000,000,211 | ---- | C] () -- C:\Users\Mike\Desktop\Call of Duty Black Ops II.url
[2015/10/23 20:04:47 | 000,000,208 | ---- | C] () -- C:\Users\Mike\Desktop\Team Fortress 2.url
[2015/10/04 19:20:11 | 000,005,976 | ---- | C] () -- C:\Users\Mike\AppData\Local\recently-used.xbel
[2013/06/22 21:05:19 | 000,001,298 | ---- | C] () -- C:\Users\Mike\.ufrawrc
[2012/08/28 13:59:48 | 000,060,304 | ---- | C] () -- C:\Users\Mike\g2mdlhlpx.exe
[2012/04/30 19:43:22 | 000,008,192 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 10:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 09:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/03/16 12:43:38 | 000,000,000 | ---D | M] -- C:\Users\Lara\AppData\Roaming\ICAClient
[2015/11/09 17:44:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\.minecraft
[2014/02/23 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\1_5.minecraft
[2012/06/11 09:19:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Amazon
[2013/02/24 14:50:02 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\avidemux
[2014/04/27 20:03:02 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Bertware
[2013/02/03 21:22:12 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Canneverbe Limited
[2013/01/28 06:17:04 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Extentrix
[2013/11/25 18:52:15 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\FLVPlayer4Free
[2013/06/22 21:33:35 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\gtk-2.0
[2014/02/20 23:32:02 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ICAClient
[2013/02/03 21:40:14 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ImgBurn
[2014/09/22 06:10:42 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\iPodder
[2012/04/15 16:14:38 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\IrfanView
[2015/09/26 12:29:58 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\java
[2012/10/08 19:15:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\KompoZer
[2012/04/15 15:59:29 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Leadertech
[2012/04/16 06:51:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\LibreOffice
[2012/07/17 08:38:07 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\LinkManager 4.0
[2015/06/13 17:05:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Notepad++
[2014/02/20 14:39:43 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Oracle
[2012/06/14 21:13:20 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Samsung
[2013/01/08 22:34:31 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\TeamViewer
[2012/08/12 20:21:24 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Temp
[2015/11/17 06:47:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\uTorrent
[2012/07/17 08:38:07 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Visioneer

========== Purity Check ==========



< End of report >
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

Extras.txt

Unread postby ukemike » November 19th, 2015, 2:35 am

OTL Extras logfile created on: 11/18/2015 10:22:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mike\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18097)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.45 Gb Available Physical Memory | 68.25% Memory free
15.96 Gb Paging File | 13.28 Gb Available in Paging File | 83.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.99 Gb Total Space | 51.26 Gb Free Space | 42.72% Space Free | Partition Type: NTFS
Drive D: | 1277.17 Gb Total Space | 860.44 Gb Free Space | 67.37% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 70.37 Mb Free Space | 70.37% Space Free | Partition Type: NTFS

Computer Name: SERENITY | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02019BB9-1ABD-4427-BB96-C46D575E538A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0AF1072D-0D6D-4D17-9591-4258002F244B}" = rport=137 | protocol=17 | dir=out | app=system |
"{0FA80899-276B-46E4-A178-F5464C0DAC68}" = lport=445 | protocol=6 | dir=in | app=system |
"{0FB39B10-E68B-48DB-9BC8-FA673E2443BA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{120BDA4F-05D6-46A2-92A6-881C16AD0839}" = rport=138 | protocol=17 | dir=out | app=system |
"{15C919C1-70E8-4C78-8A3C-697389C4071C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{174E2E47-01E3-4DF8-908C-4653E5BFE1BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{190E53DE-3075-460F-A65D-EAC023331592}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{25BFEDCE-9954-4B19-B961-1695FC5F3762}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3298DD0C-87A0-40D3-88D6-81ADD4400061}" = rport=25565 | protocol=17 | dir=out | name=minecraft out udp |
"{35AEE0CF-6F6A-4598-A786-3D02F61BB482}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3F7469AF-A205-49FA-88E5-B8671AEDCEEA}" = lport=137 | protocol=17 | dir=in | app=system |
"{3FA37E41-68E4-4B57-A2C1-D17C3FC34154}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{494AEA25-8BE3-4FCE-9CAF-4D8A66DDB45C}" = rport=139 | protocol=6 | dir=out | app=system |
"{4A1F3E8C-B84F-449F-99BD-9909236E0D64}" = lport=139 | protocol=6 | dir=in | app=system |
"{54C4B61D-407B-4985-9CED-6244EBD2B52C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6F9218D4-AA9C-43E2-A45D-C89D83D66BD4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7274F80B-28DE-42DA-8B8F-35871838FD5A}" = lport=138 | protocol=17 | dir=in | app=system |
"{727BD2C0-4F42-476C-9DEE-CBC5D887F0B8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{839B2C6C-9D83-47DA-9407-E56E0F29A46D}" = rport=25565 | protocol=17 | dir=in | name=minecraft in udp |
"{B28FE3CB-FC1E-425C-AF12-BC94BECAD63C}" = rport=25565 | protocol=6 | dir=out | name=minecraft out tcp |
"{B6BFDB7A-6834-47AD-9787-E3B32946664A}" = rport=25565 | protocol=6 | dir=in | name=minecraft in tcp |
"{BC9759F1-6331-4599-9A01-D64F7F79E36A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BE389E7F-ED03-4AA7-A2D5-FFBF399BE6F9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D31645BD-0221-454D-8FB5-5EEC2A631401}" = rport=445 | protocol=6 | dir=out | app=system |
"{E5D1E3A0-199E-4C86-84FC-31DB03DC162E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E9211403-7554-4D76-940A-72097441E116}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F5219B44-2D8A-4728-98BB-D52095D81716}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FA557B8D-9699-4991-9728-BB6FEC1FECE7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFC596B0-57FF-4B7D-ACDA-E0D8442DFB41}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051F0CAF-CD8A-427B-A08F-C529263EA1AB}" = protocol=6 | dir=in | app=c:\users\mike\appdata\local\temp\7zs7095\hpdiagnosticcoreui.exe |
"{07413CAD-0FE4-452E-9FA7-9A8453385ABA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{07868C80-1F27-4981-B409-F72479F07D6C}" = protocol=17 | dir=in | app=c:\users\mike\appdata\local\temp\7zs7e56\hpdiagnosticcoreui.exe |
"{07BF577D-BEF3-4FEE-AEF6-52F0A144BA5F}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\half-life 2\hl2.exe |
"{0C4E0442-B355-4575-9B23-611F6E2CBC00}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{0CE1A446-F384-409D-9B76-8884F422FFBD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{0DE16B3C-331F-4E8C-AFD5-17D20F39F44C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{100F28DB-3307-499E-A552-DCF366FEB599}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\call of duty black ops\blackops.exe |
"{13E231A7-9F98-4BFF-AF8B-454B36504D2C}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{1445DFD3-5907-465F-A1B4-D36E98DA9952}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{177F0007-9333-4521-B7AA-0B1CE88064DF}" = protocol=17 | dir=in | app=c:\users\mike\appdata\local\temp\7zs7095\hpdiagnosticcoreui.exe |
"{1A4F53EA-D2F2-47B5-A379-10A0A0D7A014}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1FDDBE1D-A648-4CCC-8998-51C2B7AC823B}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{2382C6C3-4BAA-49AB-8E3C-589791EAE615}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{23CA9FA0-9189-41AF-99C5-5EA005B0F34E}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{28FD6A6D-FE3C-4ABB-9F89-DEE6C26AD571}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{2B612930-7DA2-4BDB-BF0C-74E7ED810634}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{2B6FE754-B854-405A-B73A-E7584FF96F97}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{2E898C88-E9CB-471C-97CC-4CD71E6C8F9C}" = dir=in | app=%programfiles%\minecraft server\minecraft_server.exe |
"{2FD06F48-4F1E-44F5-870B-E3A7B862EC9C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31589508-06C1-42DC-A0E3-09094BEDBDDF}" = protocol=6 | dir=in | app=d:\programs\cod4mw\iw3mp.exe |
"{35F383E2-8795-4572-889B-533049D19A81}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{35F79514-20BC-4DCE-8B63-CC4D7819C1F4}" = protocol=17 | dir=in | app=c:\users\mike\appdata\local\temp\7zs705b\hpdiagnosticcoreui.exe |
"{369F9B23-17A1-474F-9752-86A43B976B97}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{3B3302B0-D2EA-4C7C-B6E5-8C4AAE525069}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B350E96-3D9E-47F8-80F6-A802CBDC4F24}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{4091474C-D81B-4582-9251-E080D6FC94E3}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |
"{4330CD0A-2826-4964-8B12-C4069067B5E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43BBAAD8-F4B4-4D0D-AEE2-DFC38A782E83}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\portal 2\portal2.exe |
"{4428D828-FDB3-48DD-98A2-858F0E63738E}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{44B28492-7B63-432C-A08F-7A762CAB2856}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{46A4CEB4-ED32-4B38-9B35-16A10C69287E}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\return to castle wolfenstein\wolfsp.exe |
"{479A5486-55A1-42C0-ABA7-465794B9B149}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{47FCFC25-BF49-4067-AFB8-340A59E7D37A}" = dir=out | app=c:\program files\citrix\secure access client\nsepa.exe |
"{48771B73-B5AA-4CA0-8775-357572E68BB2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{49C85EF0-6206-40FA-A8F3-1B81CAF1949D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{4DB32E34-CC27-4529-99C2-19041BFFBEBC}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{5FC1823D-7FBA-4E59-BBAB-1C5D90B5476C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{60A22590-682E-415E-8944-2D921909EC19}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\portal 2\portal2.exe |
"{60C37325-DF9A-494E-9842-2FB7F0734222}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{68B7F64B-34C1-481D-8057-AA53958A2EE4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{69BCE1CF-6AC2-45D2-9E89-435340BA0A45}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{6AA76DF0-1EAA-46B2-876F-9F8D654CA3C5}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |
"{6D704E50-09E6-42F6-9D35-374C57DCC033}" = protocol=6 | dir=in | app=c:\users\mike\appdata\local\temp\7zs7e56\hpdiagnosticcoreui.exe |
"{7274144E-59E7-4C40-8ECA-6539E58BC116}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{746C907F-3F7B-49B2-88B5-DF726075B541}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{74F3FD8A-10E5-4171-81D7-41804DE607E0}" = protocol=6 | dir=in | app=c:\users\mike\appdata\roaming\utorrent\utorrent.exe |
"{76EC7763-0C58-4117-AACF-DF5658313DD8}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{787BE2BA-1E51-4C6C-97AA-A7460959FCB6}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\kerbal space program\ksp.exe |
"{7927CE1E-E42D-4309-9043-2802DB913410}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{792C5F85-3210-4410-A6E1-830107BF7244}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BB5A017-C983-4A7E-8CD8-E5132C746D23}" = protocol=17 | dir=in | app=d:\programs\cod4mw\iw3mp.exe |
"{7E529DAB-1D4B-499C-8698-A0BCFE373684}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80B3439C-986E-476E-9084-6D167F570C10}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{81E79B38-3CAC-4980-A053-7F1B39EB53B1}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{853338BB-AF2C-4A15-BF5B-687E4898DA4C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{863FBAB0-5B8F-4739-BCBD-AEC99A1E2601}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8BC2A362-65FA-4B1E-BBB6-19C9C3416427}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{8F25B3C0-D262-4CA2-9C97-6881CBC99C08}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{92C64280-36F5-4B1B-BC0B-EA854561F30D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{958C7DDF-6FB6-4A10-B332-2B4C1C3CD047}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{96D89340-8D21-4AB0-AB3F-76BD6085DE77}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{97528187-7EDD-40A9-87DA-D7CBA8BC2068}" = dir=in | app=c:\program files\citrix\secure access client\nsepa.exe |
"{9A095320-6EFC-4B30-A331-982462D56542}" = protocol=17 | dir=in | app=c:\users\mike\appdata\roaming\utorrent\utorrent.exe |
"{9D0248F0-B680-49AD-B034-DF693185051C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{9FAF02E3-E6D4-499E-9D96-3853750A2284}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A410B677-6DC6-4798-8F5A-9DAE857B81D2}" = protocol=17 | dir=in | app=d:\programs\steam\steam.exe |
"{A586CFF4-B26C-4546-B34D-403C19115F4A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A60949E9-FDD2-4422-8857-5809F8B44BB9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe |
"{A6D3CDC6-4114-45A1-AC2F-34387FBE4DC6}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{A9051306-961A-4602-AB87-737E0AD2EC33}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{AAD5598A-D7B2-4E7C-9997-A1FECDE1D12B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{B5039C11-9657-4E32-BB42-6C827F4DD113}" = protocol=17 | dir=in | app=d:\programs\steam\bin\steamwebhelper.exe |
"{B7906DDF-C60B-4414-8F7E-763D534B2686}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BA88034A-F235-4459-B4D8-0DAA5C912974}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{BAD23C05-2A11-4316-BED0-199EECCD1671}" = protocol=6 | dir=in | app=c:\users\mike\appdata\local\temp\7zs705b\hpdiagnosticcoreui.exe |
"{BED111D5-F21C-4449-8076-22895AD006B9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{BF47E7A0-7BF9-430C-8D3D-DEABC0CC2B2E}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{C16978B3-0913-47D1-AB11-C223FC141F3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4B92875-EAC9-46CB-8516-740F975523CB}" = protocol=6 | dir=in | app=d:\programs\steam\bin\steamwebhelper.exe |
"{C8E17DCF-A7FC-415E-85F5-2D2A4B6244EE}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\return to castle wolfenstein\wolfsp.exe |
"{CA39307E-8A04-467F-98D5-F91085ABDDEE}" = dir=out | app=%programfiles%\minecraft server\minecraft_server.exe |
"{CCD163DC-6CF4-4091-9FB5-A34E18A65C0A}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\return to castle wolfenstein\wolfmp.exe |
"{CD780F5C-23F5-4368-A96B-FC5B0CCCF195}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{CEC1E209-6088-4161-87AA-0D3FC399135D}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\half-life 2\hl2.exe |
"{D89F5306-022B-4418-A77A-0A0AC4669738}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{E190E381-C233-46CD-BCC4-D3C6F82877E4}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\return to castle wolfenstein\wolfmp.exe |
"{E3379724-69C3-4495-86EC-DA6E8E73F98E}" = protocol=6 | dir=out | app=system |
"{E356C43D-9BBE-4817-8E52-C19E05743B63}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\portal\hl2.exe |
"{E420CE77-C71B-477C-920F-F8508D7B9A67}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{E70854EB-B887-41B5-B77E-A93C4650024C}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\team fortress 2\hl2.exe |
"{EAED5E1C-DEC6-4DBB-885F-27A89FA3FB0F}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\team fortress 2\hl2.exe |
"{EEDAC3C3-733B-4A43-90DF-D7CD2F41ABDE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EEE49975-59BB-441B-9494-A5F4DB8DA6D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F43E949F-D9E4-4A97-8587-D5D9C87FA89D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe |
"{F509FF23-8240-4EF5-B3C9-156B723661C6}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\kerbal space program\ksp.exe |
"{F5A6B7A0-572C-42E6-9ADD-95BDD691232F}" = protocol=6 | dir=in | app=d:\programs\steam\steamapps\common\call of duty black ops\blackops.exe |
"{F60E0EAE-BD37-435B-BE58-978407993E70}" = protocol=6 | dir=in | app=d:\programs\steam\steam.exe |
"{F767D9ED-E8D2-420A-A807-9E1328A7B040}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{FE19C575-4B8F-4A9A-804F-6376792E0111}" = protocol=17 | dir=in | app=d:\programs\steam\steamapps\common\portal\hl2.exe |
"{FF29B02B-0BC7-4A8A-BBF5-0B78FA220A50}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{0EAC84BE-264F-4A35-9B60-8D6FA0D27E66}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{87A6331B-C816-4B6B-BDD1-B6F8E898C795}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F468232A-782C-4386-AF14-03CFA72EB0FB}C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lego software\lego mindstorms ev3 home edition\mindstormsev3.exe |
"UDP Query User{3DB0421C-6E26-4829-BF79-FC71BE25F6EB}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{68E46633-8DC3-499C-A590-8A85F5FE92AD}C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lego software\lego mindstorms ev3 home edition\mindstormsev3.exe |
"UDP Query User{9161CB69-9003-463C-B0CA-CF625E01E143}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07E00E94-7A78-40FA-9BEF-71C190E98041}" = NI VC2008MSMs x64
"{0C1DE303-E41B-44BA-8ABA-B7F09D857001}" = Oracle VM VirtualBox 4.2.12
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7020FC34-6E04-4858-924D-354B28CB2402}_is1" = Luminance HDR 2.3.0-beta1
"{78D1E6B0-97D3-0A51-FD5B-450E08A71367}" = ccc-utility64
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-007E-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{90150000-008C-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-1000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A0831C28-A6FA-49A3-86AE-B5AE3C9EE19C}" = LEGO MINDSTORMS NXT x64 Driver
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{BCE26847-79A9-56FF-908E-C02FAA7705B3}" = ATI Catalyst Install Manager
"{C4306180-AD74-42A4-A155-F8925665EA4E}" = NetScaler Gateway Endpoint Analysis
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}" = Microsoft Security Client
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC319B88-6FE6-D532-3679-8CDE74D1CB2E}" = ATI AVIVO64 Codecs
"{F28219BA-0FBA-4515-AA4D-DF55EA186C6A}" = AxCrypt 1.7.2976.0
"CutePDF Writer Installation" = CutePDF Writer 2.8
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"ProPlusRetail - en-us" = Microsoft Office Professional Plus 2013 - en-us
"sp6" = Logitech SetPoint 6.65

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{012C59CF-074A-43DA-8085-B6E636733B59}" = Citrix Receiver(Aero)
"{01D821CA-B361-45E2-8748-904AFEDC1DBD}" = LEGO MINDSTORMS EV3 Home Edition
"{02A003AD-7DEF-D28F-0E61-18D5F1D53CF5}" = Catalyst Control Center Localization All
"{03DDA3C7-8D88-5D41-9BE4-210988CF65C3}" = Catalyst Control Center Graphics Previews Vista
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{09F82967-D26B-48AC-830E-33191EC177C8}" = Python 2.7 PyGTK 2.24.2
"{0E1C5B43-1837-4F98-A96B-79A8A0A5955F}" = Citrix Receiver(USB)
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppP1100P1560P1600SeriesLaserJetService
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{16E46BCF-3D36-4353-9BCB-344F7812CEDE}" = Photo Gallery
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}" = Minecraft
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{35DAA04C-1720-4BE3-A920-A03731EC6A1D}" = Google Earth Pro
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4260CAAE-D108-4223-A1C5-96B67062FE86}" = Windows Live Installer
"{46CF6A90-7EFB-47E3-9B14-FBCEFA9F9982}" = Catalyst Control Center - Branding
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47117FCA-0D00-4B6D-9D68-00B763629463}" = Self-service Plug-in
"{59307833-CB98-4440-B644-0CD352F61907}" = Windows Live PIMT Platform
"{5E8AC853-65BB-4C99-A09E-19B81851E14C}" = Citrix Receiver Updater
"{5F3092B9-4240-4037-A287-BF6F9A2996BC}" = LEGO MINDSTORMS EV3 Uninstaller
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61121B12-88BD-4261-A6EE-AB32610A56DD}" = Python 2.7.8
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{660787DD-68B3-4E67-9073-4A66DD7AD193}" = ASUS VGA Driver
"{6AAF31BC-3005-429B-90D8-1C4A18DEE73A}" = LEGO MINDSTORMS EV3 Home Content
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{853F464A-B2B8-404E-BA3E-B98FF6862C41}" = hppusgP1100P1560P1600Series
"{87F60C46-07E2-46B4-B872-680DE4184C0A}" = NI EulaDepot
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C22A294-DBBA-445F-B55C-E26817CCFE69}" = Movie Maker
"{8DC72EF6-1EB6-610C-6CAB-709718CD2132}" = CCC Help English
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EB62C87-AAA6-4850-A5BC-64155884B973}" = SketchUp 8
"{8F66BFDE-B213-48E2-93EF-7151277A2916}" = Windows Live SOXE Definitions
"{94532CD5-C66D-49E3-9131-5FB04D7647A1}" = Windows Live UX Platform
"{97D2408A-AC76-4ACA-F047-42180975A250}" = ccc-core-static
"{983FA94A-A7DD-40B1-B7F9-F45D2B4FD1DE}" = Windows Live Photo Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A2F4B74E-D722-4D9E-817B-F58F32A55A51}" = Windows Live UX Platform Language Pack
"{A3A11F6C-E573-4D1C-A9D4-701D7551544B}" = NI .NET Framework 4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9FFEC6C-9C44-4597-8E23-EDD78BF5D0B2}" = Windows Live Communications Platform
"{ABE123A1-41D1-4917-8E1E-C7E37991B673}_is1" = gPodder version 3.8.1
"{ADE8A83D-BB70-4FB5-BA19-26C47EA31894}" = Citrix Receiver(DV)
"{AF8B1525-17EF-4D2E-A018-8D79CE260BA8}" = OneTouch 4.6
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B76E1251-5ACA-AAB7-518D-17DC63282D23}" = Catalyst Control Center InstallProxy
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C201BDF9-1C27-46F8-A248-F4469C9FC27C}" = Photo Common
"{C23318A7-DFCC-4838-9434-6150A53A5ABF}" = Minutor
"{C4CF0D3D-8724-4B20-ABB0-4C73BDEA0F63}" = LEGO MINDSTORMS EV3 Home English Support
"{C4E28723-0663-4012-9BDC-E21A14C1316C}" = Citrix Receiver (HDX Flash Redirection)
"{C7743231-5899-418D-8CA5-22B0F654D894}" = NI Uninstaller
"{C87DF7BB-4F5C-4BBE-B041-A59FFF4A1D07}" = Windows Live SOXE
"{C95AEB53-7FAE-4257-97AF-7136E8D9F9CA}" = Movie Maker
"{CA55005D-94AC-4596-9646-679D6CC0D620}" = Citrix Authentication Manager
"{D2FAB508-D452-4849-8CCE-177E814E2BFE}" = Microsoft Silverlight 5.1
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D7AF16E7-5938-4369-BA54-B1ABD541BC32}" = Utility
"{D9EE360A-7C19-47EC-93C7-97DEFF64804B}" = Citrix Receiver Inside
"{df32bb9e-3ed8-36b5-a649-e8c845c5f3a2}" = Python 3.4.1
"{DF7DC45D-8A3C-490C-A70F-8C6A6189EDF9}" = Photo Gallery
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E0467788-97EB-46C1-AB39-FB52C12A87DC}" = Xerox DocuMate 3115 Driver
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E84997A1-4D6F-4C0B-B60D-F85B360D2666}" = NI VC2008MSMs x86
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F390D923-76F1-458E-8218-8C0C156CDCFD}" = Online Plug-in
"{FA35D849-889D-4454-9532-6BE2008D2CDF}" = NI MDF Support
"{FCEDADE3-1C8A-4858-BE93-360168178BB2}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 19 NPAPI
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3 Plugin
"Avidemux 2.6 (64-bit)" = Avidemux 2.6
"BeerSmith 2" = BeerSmith 2
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"FLVPlayer4Free Free FLV Player_is1" = FLVPlayer4Free Free FLV Player 5.4.0.0
"FormatFactory" = FormatFactory 3.3.3.0
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"Kobo" = Kobo
"LAME_is1" = LAME v3.99.3 (for Windows)
"LEGO_SW.{5B0CB826-E499-4E6B-94F0-75B6327ED934}" = LEGO MINDSTORMS EV3
"MagniDriver" = marvell 91xx driver
"Mozilla Firefox 42.0 (x86 en-US)" = Mozilla Firefox 42.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 200260" = Batman: Arkham City GOTY
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 220" = Half-Life 2
"Steam App 220200" = Kerbal Space Program
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"Steam App 620" = Portal 2
"Steam App 644" = Portal 2 Publishing Tool
"Steam App 9010" = Return to Castle Wolfenstein
"UFRaw_is1" = UFRaw 0.19.2
"Winamp" = Winamp
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 4.0.3
"WinLiveSuite" = Windows Live Essentials
"xvid" = XviD MPEG-4 Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 5.2.0.952
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/13/2014 3:04:47 PM | Computer Name = Serenity | Source = WinMgmt | ID = 10
Description =

Error - 9/14/2014 11:03:30 AM | Computer Name = Serenity | Source = WinMgmt | ID = 10
Description =

Error - 9/15/2014 12:11:35 AM | Computer Name = Serenity | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 32.0.1.5367 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1720 Start
Time: 01cfd02d05d6a2be Termination Time: 5 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: 58abf5f2-3c8e-11e4-910d-bc5ff41c4043

Error - 9/15/2014 8:01:52 PM | Computer Name = Serenity | Source = WinMgmt | ID = 10
Description =

Error - 9/17/2014 9:36:12 PM | Computer Name = Serenity | Source = WinMgmt | ID = 10
Description =

Error - 9/23/2014 8:42:10 PM | Computer Name = Serenity | Source = Application Hang | ID = 1002
Description = The program gpodder.exe version 0.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 2304 Start Time:
01cfd790579894d3 Termination Time: 1 Application Path: C:\Program Files (x86)\gPodder\gpodder.exe

Report
Id: 9c610d62-4383-11e4-a72a-bc5ff41c4043

Error - 9/23/2014 8:45:39 PM | Computer Name = Serenity | Source = WinMgmt | ID = 10
Description =

Error - 9/23/2014 10:15:09 PM | Computer Name = Serenity | Source = WinMgmt | ID = 10
Description =

Error - 9/26/2014 6:56:48 AM | Computer Name = Serenity | Source = WinMgmt | ID = 10
Description =

Error - 10/1/2014 6:11:03 AM | Computer Name = Serenity | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.3.21.103,
time stamp: 0x4f3c6d6c Faulting module name: ntdll.dll, version: 6.1.7601.18247,
time stamp: 0x521ea8e7 Exception code: 0xc0000005 Fault offset: 0x000223e0 Faulting
process id: 0x224c Faulting application start time: 0x01cfdd5e9a465cf8 Faulting application
path: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 3f7aaf7f-4953-11e4-91e7-bc5ff41c4043

[ System Events ]
Error - 11/18/2015 1:53:39 AM | Computer Name = Serenity | Source = Service Control Manager | ID = 7034
Description = The OneTouch 4.0 Monitor service terminated unexpectedly. It has
done this 1 time(s).

Error - 11/18/2015 1:53:39 AM | Computer Name = Serenity | Source = Service Control Manager | ID = 7031
Description = The Windows Live ID Sign-in Assistant service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
10000 milliseconds: Restart the service.

Error - 11/18/2015 1:53:40 AM | Computer Name = Serenity | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 11/18/2015 1:53:40 AM | Computer Name = Serenity | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.

Error - 11/18/2015 1:53:40 AM | Computer Name = Serenity | Source = Service Control Manager | ID = 7031
Description = The Windows Modules Installer service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 120000
milliseconds: Restart the service.

Error - 11/18/2015 1:54:10 AM | Computer Name = Serenity | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Windows Search service, but
this action failed with the following error: %%1056

Error - 11/18/2015 1:54:24 AM | Computer Name = Serenity | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.209.2907.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.12205.0

Error
code: 0x8024001e Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 11/18/2015 1:54:24 AM | Computer Name = Serenity | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.209.2907.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.12205.0

Error
code: 0x8024001e Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 11/19/2015 2:23:41 AM | Computer Name = Serenity | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for Start with the following error:
%%5

Error - 11/19/2015 2:24:10 AM | Computer Name = Serenity | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureCommand with the following
error: %%5


< End of report >
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

Re: PUMS.dns help

Unread postby pgmigg » November 20th, 2015, 5:22 pm

Hello ukemike,

Sorry for delay... :oops:

internet works, the dns is set correctly, windows update looks like it's working, and windows firewall looks like it is working.
It is very nice, but we are no finished yet...

I shut down my pc last night and to my suprise windows update applied some windows updates. Usually I have it set to ask before installing, something in this process must have reset it to default settings. In the first post you said not to install anything. Oops.
It is not your fault ukemike - it is a Microsoft violation. :(
The fact that approximately at September 2015 Microsoft allowed himself without the knowledge of the users to install in ultimatum order a number of updates, including Windows Update Client from Windows 10 to computers with Windows 7 and 8. One of those updates (actually the first in the sequence) changed the Windows Update setting to default value "Install updates automatically (recommended)"!
It is exactly what happened with your computer.

Let continue our treatment...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :OTL
    [2015/11/03 21:07:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\
    CHR - Extension: No name found = C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
    O4 - HKLM..\Run: [] File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
    [2015/09/26 12:29:58 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\java
    [2012/08/12 20:21:24 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Temp
    [2015/11/17 06:47:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\uTorrent
    
    :Files
    C:\Users\Mike\*.tmp
    ipconfig /flushdns /c
    
    :Commands
    [emptyflash]
    [emptyjava]
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
SystemLook
Please download SystemLook_x64.exe by jpshortstuff and save it to your Desktop.
  1. Right click on SystemLook_x64.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries: into SystemLook's main text entry window.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :filefind
    *eReg*
    
    :folderfind
    *eReg*
    
    :Regfind
    eReg
    
  3. Press the Look button to start the scan. Please be patient - it may take a while...
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Step 3.
TDSSKiller - Rootkit Removal Tool Image
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Right-click on TDSSKiller.exe and select "Run As Administrator...".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. Click Change parameters
  4. Under Additional Options CHECK Verify file digital signatures
  5. IMPORTANT: Ensure Detect TDLFS file system remains UNCHECKED.
  6. Click OK if changes were made.
  7. Click Start scan and allow it to scan for Malicious objects.
    • If Malicious objects are detected, the default action will be Cure, ensure SKIP is selected... then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    DO NOT change the default actions, other than CURE to SKIP.
  8. You may be asked to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  9. A log will be created on your root drive (usually C:) drive. The log will have a name like Name.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  10. If no reboot is required, click on Report. A log file should appear.
  11. Please post the contents of the log file in your next reply

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the SystemLook.txt log file
  4. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3179
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

11202015_204315.txt

Unread postby ukemike » November 21st, 2015, 12:52 am

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_metadata folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\zh_TW folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\zh_CN folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\vi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\uk folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\tr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\tl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\th folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\sv folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\sr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\sl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\sk folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\ru folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\ro folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\pt_PT folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\pt_BR folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\pl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\no folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\nl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\mo folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\lv folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\lt folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\ln folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\ko folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\ja folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\iw folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\it folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\in folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\id folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\hu folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\hr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\hi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\he folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\gsw folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\fr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\fil folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\fi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\et folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\es folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\en folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\el folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\de folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\da folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\cs folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\ca folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\bg folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales\ar folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\_locales folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0 folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_metadata folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\zh_TW folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\zh_CN folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\vi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\uk folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\tr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\th folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\te folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ta folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\sw folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\sv folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\sr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\sl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\sk folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ru folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ro folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\pt_PT folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\pt_BR folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\pl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\nl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\nb folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ms folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\mr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ml folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\lv folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\lt folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ko folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\kn folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ja folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\it folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\id folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\hu folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\hr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\hi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\he folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\gu folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\fr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\fil folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\fi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\fake_bidi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\fa folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\et folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\es_419 folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\es folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\en_GB folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\en folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\el folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\de folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\da folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\cs folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ca folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\bn folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\bg folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\ar folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales\am folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\_locales folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0 folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\_metadata folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\videos folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\scripts folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\images\weather_icons folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\images\videos folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\images folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\help\scripts folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\help\images folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\help folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\fonts folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\css\main\images folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\css\main folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\css\alerts\images folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\css\alerts folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\css folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0 folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419 folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_GB folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css folder moved successfully.
C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0 folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Users\Mike\AppData\Roaming\java\webview\localstorage folder moved successfully.
C:\Users\Mike\AppData\Roaming\java\webview folder moved successfully.
C:\Users\Mike\AppData\Roaming\java folder moved successfully.
C:\Users\Mike\AppData\Roaming\Temp folder moved successfully.
C:\Users\Mike\AppData\Roaming\uTorrent folder moved successfully.
========== FILES ==========
C:\Users\Mike\048298C9A4D3490B9FF9AB023A9238F3.TMP folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
File delete failed. C:\Users\Mike\Desktop\cmd.bat scheduled to be deleted on reboot.
C:\Users\Mike\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Lara
->Flash cache emptied: 492 bytes

User: Mike
->Flash cache emptied: 617 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Lara

User: Mike
->Java cache emptied: 328532 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lara
->Temp folder emptied: 83270 bytes
->Temporary Internet Files folder emptied: 1869046 bytes
->FireFox cache emptied: 83197951 bytes
->Flash cache emptied: 0 bytes

User: Mike
->Temp folder emptied: 1502280454 bytes
->Temporary Internet Files folder emptied: 179397653 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 74255362 bytes
->Google Chrome cache emptied: 32532506 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1043179525 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42287446 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,822.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11202015_204315

Files\Folders moved on Reboot...
C:\Users\Mike\Desktop\cmd.bat moved successfully.
C:\Users\Mike\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\Windows\temp\officeclicktorun.exe_c2ruidll(2015111822134772C).log not found!
File\Folder C:\Windows\temp\officeclicktorun.exe_streamserver(2015111822134772C).log not found!
C:\Windows\temp\SERENITY-20151118-2213.log moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

SystemLook.txt

Unread postby ukemike » November 21st, 2015, 12:57 am

SystemLook 30.07.11 by jpshortstuff
Log created at 20:55 on 20/11/2015 by Mike
Administrator - Elevation successful

========== filefind ==========

Searching for "*eReg*"
C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe --a---- 517384 bytes [17:05 16/11/2009] [17:05 16/11/2009] 5512238DB69736055565E6F5DE62574A
C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\ereg.ini --a---- 100 bytes [16:32 14/10/2008] [16:32 14/10/2008] C82909C63FCB64F67749E54D0688486B
C:\Python27\Lib\site-packages\gtk-2.0\runtime\share\doc\fontconfig\fontconfig-devel\fcnameregisterconstants.html --a---- 3014 bytes [07:50 09/02/2012] [07:50 09/02/2012] 3FE68CCD6D44D19F4C70C2E1B784F53D
C:\Python27\Lib\site-packages\gtk-2.0\runtime\share\doc\fontconfig\fontconfig-devel\fcnameregisterobjecttypes.html --a---- 3025 bytes [07:50 09/02/2012] [07:50 09/02/2012] DD1C5B1BED5B5400E746B41A44B3BE4F
C:\Python27\Lib\site-packages\gtk-2.0\runtime\share\man\man3\FcNameRegisterConstants.3 --a---- 541 bytes [07:50 09/02/2012] [07:50 09/02/2012] C4C8C2EE6B06298A0C0CDDBB1B2D7F6E
C:\Python27\Lib\site-packages\gtk-2.0\runtime\share\man\man3\FcNameRegisterObjectTypes.3 --a---- 536 bytes [07:50 09/02/2012] [07:50 09/02/2012] 487BB769C80C5FD4873FCB66AF697EB8
C:\Windows\inf\sceregvl.inf --a---- 14961 bytes [03:24 21/11/2010] [03:24 21/11/2010] 5188616EE645BBC9792CC7F65D7788FC
C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\sceregvl.inf --a---- 14961 bytes [03:24 21/11/2010] [03:24 21/11/2010] 5188616EE645BBC9792CC7F65D7788FC
C:\Windows\winsxs\Backup\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953_sceregvl.inf_9fe633c0 --a---- 14961 bytes [03:32 21/11/2010] [03:26 21/11/2010] 5188616EE645BBC9792CC7F65D7788FC
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8.manifest --a---- 8061 bytes [02:34 14/07/2009] [02:28 14/07/2009] 572442148AAFAF05941FB8C5AD37C13E

========== folderfind ==========

Searching for "*eReg*"
C:\Program Files (x86)\Common Files\LogiShrd\eReg d------ [23:59 15/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\bundled\registry\com.sun.star.comp.deployment.bundle.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\bundled\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\bundled\registry\com.sun.star.comp.deployment.configuration.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\bundled\registry\com.sun.star.comp.deployment.executable.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\bundled\registry\com.sun.star.comp.deployment.help.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\bundled\registry\com.sun.star.comp.deployment.script.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\bundled\registry\com.sun.star.comp.deployment.sfwk.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\shared\registry\com.sun.star.comp.deployment.bundle.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\shared\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\shared\registry\com.sun.star.comp.deployment.configuration.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\shared\registry\com.sun.star.comp.deployment.executable.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\shared\registry\com.sun.star.comp.deployment.help.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\shared\registry\com.sun.star.comp.deployment.script.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\extensions\shared\registry\com.sun.star.comp.deployment.sfwk.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\uno_packages\cache\registry\com.sun.star.comp.deployment.bundle.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\uno_packages\cache\registry\com.sun.star.comp.deployment.configuration.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\uno_packages\cache\registry\com.sun.star.comp.deployment.executable.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\uno_packages\cache\registry\com.sun.star.comp.deployment.help.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\uno_packages\cache\registry\com.sun.star.comp.deployment.script.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Users\Mike\AppData\Roaming\LibreOffice\3\user\uno_packages\cache\registry\com.sun.star.comp.deployment.sfwk.PackageRegistryBackend d------ [14:51 16/04/2012]
C:\Windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8 d------ [03:20 14/07/2009]

========== Regfind ==========

Searching for "eReg"
[HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5]
"ProductName"="eReg"
[HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\SourceList]
"PackageName"="eReg.msi"
[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\User Settings\Mso_CoreReg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b360c3c-d284-4384-abcc-ef133e1445da}]
@="CIERegistryHKLMBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}]
@="WorkspaceResTypeRegistry Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}\ProgID]
@="Workspace.ResTypeRegistry.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}\VersionIndependentProgID]
@="Workspace.ResTypeRegistry"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Elevator.WFileTypeRegistrar2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Elevator.WFileTypeRegistrar2\CurVer]
@="Elevator.WFileTypeRegistrar2.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Elevator.WFileTypeRegistrar2.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D428C79-6E2E-4351-A361-C0401A03A0BA}]
@="IWorkspaceResTypeRegistry"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{204810B7-73B2-11D4-BF42-00B0D0118B56}]
@="IUPnPReregistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{251753FA-FB3B-11D2-8842-00C04F72F303}]
@="ISetupFileRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{26AE5CC6-CCFD-3906-8B68-16E5EEFABB10}]
@="_CodeRegionDirective"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41DC24D8-6B81-41C4-832C-FE172CB3A582}]
@="IERegHelperBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{420A24E2-5C31-4262-9BD5-058682300ED6}]
@="IConferenceRegionalAccessInformation"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4CB70415-BA71-491E-B12D-155D85CBDFF1}]
@="IConferenceRegionalAccessNumberCollection"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6CBEF08D-65A6-446E-B291-255624568192}]
@="IERegistryHKLMBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{777BA8FA-2498-4875-933A-3067DE883070}]
@="IPXWizardTypeRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9244D573-914F-4C1F-93F6-31609A95CBED}]
@="IConferenceRegionalAccessNumber"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A0984F01-5D2C-4302-87A0-69BE7B015143}]
@="IConferenceRegionalAccessInformationCollection"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B922BBB8-4C55-4FEA-8496-BEB0B44285E6}]
@="IWorkspaceRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BB95808A-6D8F-4BCA-8400-5390B586AEDF}]
@="ITfFnConfigureRegisterWord"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BFD074F8-3A54-4FB3-8771-277D3E2031C5}]
@="AsyncIERegHelperBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C100BE9F-D33A-4a4b-BF23-BBEF4663D017}]
@="IWCNRemoteRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C354A762-3FF2-4F2E-8F09-07382EE25088}]
@="IMachineRegisteredEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CF59F654-39BB-44D8-94D0-4635728957E9}]
@="IWorkspaceRegistration2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDE02280-12B3-4E0B-937B-6747F6ACB286}]
@="IUpdateServiceRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Workspace.ResTypeRegistry]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Workspace.ResTypeRegistry]
@="WorkspaceResTypeRegistry Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Workspace.ResTypeRegistry\CurVer]
@="Workspace.ResTypeRegistry.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Workspace.ResTypeRegistry.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Workspace.ResTypeRegistry.1]
@="WorkspaceResTypeRegistry Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3B29AB5C-52CB-4A36-9314-E3FEE0BA7468}\ProgID]
@="Elevator.WFileTypeRegistrar2.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3B29AB5C-52CB-4A36-9314-E3FEE0BA7468}\VersionIndependentProgID]
@="Elevator.WFileTypeRegistrar2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4b360c3c-d284-4384-abcc-ef133e1445da}]
@="CIERegistryHKLMBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}]
@="WorkspaceResTypeRegistry Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}\ProgID]
@="Workspace.ResTypeRegistry.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}\VersionIndependentProgID]
@="Workspace.ResTypeRegistry"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D428C79-6E2E-4351-A361-C0401A03A0BA}]
@="IWorkspaceResTypeRegistry"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{204810B7-73B2-11D4-BF42-00B0D0118B56}]
@="IUPnPReregistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{251753FA-FB3B-11D2-8842-00C04F72F303}]
@="ISetupFileRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{26AE5CC6-CCFD-3906-8B68-16E5EEFABB10}]
@="_CodeRegionDirective"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E74C695-8E9C-4179-B0A0-BC2EBDEB5C2B}]
@="IFileTypeRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{41DC24D8-6B81-41C4-832C-FE172CB3A582}]
@="IERegHelperBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{53D059E5-402E-4D7C-A7E7-BBE81B6F2EDC}]
@="ISetupFileRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6CBEF08D-65A6-446E-B291-255624568192}]
@="IERegistryHKLMBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{777BA8FA-2498-4875-933A-3067DE883070}]
@="IPXWizardTypeRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B922BBB8-4C55-4FEA-8496-BEB0B44285E6}]
@="IWorkspaceRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BB95808A-6D8F-4BCA-8400-5390B586AEDF}]
@="ITfFnConfigureRegisterWord"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BFD074F8-3A54-4FB3-8771-277D3E2031C5}]
@="AsyncIERegHelperBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C100BE9F-D33A-4a4b-BF23-BBEF4663D017}]
@="IWCNRemoteRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{C354A762-3FF2-4F2E-8F09-07382EE25088}]
@="IMachineRegisteredEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CF59F654-39BB-44D8-94D0-4635728957E9}]
@="IWorkspaceRegistration2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDE02280-12B3-4E0B-937B-6747F6ACB286}]
@="IUpdateServiceRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Capabilities\Roaming\TypedURLs]
"URLsTimeRegPath"="Software\Microsoft\Internet Explorer\TypedURLsTime"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\ClickToRun\appvMachineRegistryStore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\ClickToRun\REGISTRY\MACHINE\Software\Classes\Interface\{420A24E2-5C31-4262-9BD5-058682300ED6}]
@="IConferenceRegionalAccessInformation"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\ClickToRun\REGISTRY\MACHINE\Software\Classes\Interface\{4CB70415-BA71-491E-B12D-155D85CBDFF1}]
@="IConferenceRegionalAccessNumberCollection"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\ClickToRun\REGISTRY\MACHINE\Software\Classes\Interface\{9244D573-914F-4C1F-93F6-31609A95CBED}]
@="IConferenceRegionalAccessNumber"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\ClickToRun\REGISTRY\MACHINE\Software\Classes\Interface\{A0984F01-5D2C-4302-87A0-69BE7B015143}]
@="IConferenceRegionalAccessInformationCollection"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{FDAC4B8A-DC25-49C2-91DE-D85CE3BBCE3B}\InprocServer32]
"Class"="Microsoft.Office.Interop.SharePointDesignerPage.TemplateRegionElementClass"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{FDAC4B8A-DC25-49C2-91DE-D85CE3BBCE3B}\InprocServer32\15.0.0.0]
"Class"="Microsoft.Office.Interop.SharePointDesignerPage.TemplateRegionElementClass"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\15.0\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Office\15.0\User Settings\Mso_CoreReg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\Common Files\LogiShrd\eReg\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\LibreOffice 3.5\share\prereg\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\20A89038B7234954E888DB6205230E64]
"76928F90B62DCA8438E03391E11C778C"="C:\Python27\Lib\site-packages\gtk-2.0\runtime\share\man\man3\FcNameRegisterObjectTypes.3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4613B64D5D277C946945858646345464]
"76928F90B62DCA8438E03391E11C778C"="C:\Python27\Lib\site-packages\gtk-2.0\runtime\share\doc\fontconfig\fontconfig-devel\fcnameregisterobjecttypes.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73254989E9F86824C996C4D759E81CCC]
"76928F90B62DCA8438E03391E11C778C"="C:\Python27\Lib\site-packages\gtk-2.0\runtime\share\doc\fontconfig\fontconfig-devel\fcnameregisterconstants.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1F175A5F7694FF4EB6B87727665F58D]
"76928F90B62DCA8438E03391E11C778C"="C:\Python27\Lib\site-packages\gtk-2.0\runtime\share\man\man3\FcNameRegisterConstants.3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Components\0704CDBD0A274EC45B838D687B4DAD0B]
"EACB9EE39A9E5E54B9C1384A3D750EC5"="C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\InstallProperties]
"InstallLocation"="C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\InstallProperties]
"DisplayName"="eReg"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_none_eb6753e0c09b5b27]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
"LocalService"="nsi WdiServiceHost w32time EventSystem RemoteRegistry WinHttpAutoProxySvc sppuinotify THREADORDER netprofm lltdsvc fdphost SstpSvc WebClient FontCache"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
"regsvc"="RemoteRegistry"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winsat\MediaEx\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c:AC\Clip_1080_5sec_10mbps_h264.mp4]
"CommandLine"="-input C:\Windows\Performance\WinSAT\Clip_1080_5sec_10mbps_h264.mp4 -video offscreen -audio mute -width 100%m -height 100%m -constrain -savereg -autoprofname -expfrmmin 135 -expfrmmax 150 -overrideframetype prog"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winsat\MediaEx\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c:AC\Clip_1080_5sec_MPEG2_HD_15mbps.mpg]
"CommandLine"="-input C:\Windows\Performance\WinSAT\Clip_1080_5sec_MPEG2_HD_15mbps.mpg -dshow -video offscreen -audio mute -width 100%m -height 100%m -constrain -savereg -autoprofname -expfrmmin 270 -expfrmmax 300 -overrideframetype int2fps"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winsat\MediaEx\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c:AC\Clip_1080_5sec_VC1_15mbps.wmv]
"CommandLine"="-input C:\Windows\Performance\WinSAT\Clip_1080_5sec_VC1_15mbps.wmv -video offscreen -audio mute -width 100%m -height 100%m -constrain -savereg -autoprofname -expfrmmin 135 -expfrmmax 150 -overrideframetype prog"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winsat\MediaEx\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c:AC\Clip_480i_5sec_6mbps_new.mpg]
"CommandLine"="-input C:\Windows\Performance\WinSAT\Clip_480i_5sec_6mbps_new.mpg -dshow -video offscreen -audio mute -width 100%m -height 100%m -constrain -savereg -autoprofname -expfrmmin 270 -expfrmmax 300 -overrideframetype int2fps"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winsat\MediaEx\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c:AC\Clip_480p_5sec_6mbps_new.mpg]
"CommandLine"="-input C:\Windows\Performance\WinSAT\Clip_480p_5sec_6mbps_new.mpg -dshow -video offscreen -audio mute -width 100%m -height 100%m -constrain -savereg -autoprofname -expfrmmin 135 -expfrmmax 150 -overrideframetype prog"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winsat\MediaEx\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c:AC\Clip_480_5sec_6mbps_h264.mp4]
"CommandLine"="-input C:\Windows\Performance\WinSAT\Clip_480_5sec_6mbps_h264.mp4 -video offscreen -audio mute -width 100%m -height 100%m -constrain -savereg -autoprofname -expfrmmin 270 -expfrmmax 300 -overrideframetype int2fps"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Configuration\Region Identification\All Regions]
"EnableRegion"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Configuration\Region Identification\Trusted Region]
"EnableRegion"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Configuration\Region Identification\Unknown Region]
"EnableRegion"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\ICA Client\Engine\Configuration\Region Identification\Untrusted Region]
"EnableRegion"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Capabilities\Roaming\TypedURLs]
"URLsTimeRegPath"="Software\Microsoft\Internet Explorer\TypedURLsTime"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}]
"InstallLocation"="C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}]
"DisplayName"="eReg"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost]
"LocalService"="RemoteRegistry WinHttpAutoProxySvc sppuinotify netprofm WebClient"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{3B29AB5C-52CB-4A36-9314-E3FEE0BA7468}\ProgID]
@="Elevator.WFileTypeRegistrar2.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{3B29AB5C-52CB-4A36-9314-E3FEE0BA7468}\VersionIndependentProgID]
@="Elevator.WFileTypeRegistrar2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{4b360c3c-d284-4384-abcc-ef133e1445da}]
@="CIERegistryHKLMBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}]
@="WorkspaceResTypeRegistry Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}\ProgID]
@="Workspace.ResTypeRegistry.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{F2C4CDB0-2714-42AD-A948-2ED958A322E3}\VersionIndependentProgID]
@="Workspace.ResTypeRegistry"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{1D428C79-6E2E-4351-A361-C0401A03A0BA}]
@="IWorkspaceResTypeRegistry"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{204810B7-73B2-11D4-BF42-00B0D0118B56}]
@="IUPnPReregistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{251753FA-FB3B-11D2-8842-00C04F72F303}]
@="ISetupFileRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{26AE5CC6-CCFD-3906-8B68-16E5EEFABB10}]
@="_CodeRegionDirective"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{2E74C695-8E9C-4179-B0A0-BC2EBDEB5C2B}]
@="IFileTypeRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{41DC24D8-6B81-41C4-832C-FE172CB3A582}]
@="IERegHelperBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{53D059E5-402E-4D7C-A7E7-BBE81B6F2EDC}]
@="ISetupFileRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{6CBEF08D-65A6-446E-B291-255624568192}]
@="IERegistryHKLMBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{777BA8FA-2498-4875-933A-3067DE883070}]
@="IPXWizardTypeRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{B922BBB8-4C55-4FEA-8496-BEB0B44285E6}]
@="IWorkspaceRegistration"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{BB95808A-6D8F-4BCA-8400-5390B586AEDF}]
@="ITfFnConfigureRegisterWord"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{BFD074F8-3A54-4FB3-8771-277D3E2031C5}]
@="AsyncIERegHelperBroker"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{C100BE9F-D33A-4a4b-BF23-BBEF4663D017}]
@="IWCNRemoteRegistrar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{C354A762-3FF2-4F2E-8F09-07382EE25088}]
@="IMachineRegisteredEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{CF59F654-39BB-44D8-94D0-4635728957E9}]
@="IWorkspaceRegistration2"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{DDE02280-12B3-4E0B-937B-6747F6ACB286}]
@="IUpdateServiceRegistration"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\RemoteRegistry]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteRegistry]
[HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5]
"ProductName"="eReg"
[HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\SourceList]
"PackageName"="eReg.msi"
[HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Office\15.0\User Settings\Mso_CoreReg]

-= EOF =-
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

tdsskiller log part 1

Unread postby ukemike » November 21st, 2015, 1:05 am

21:00:39.0186 0x0a78 TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
21:00:45.0879 0x0a78 ============================================================
21:00:45.0879 0x0a78 Current date / time: 2015/11/20 21:00:45.0879
21:00:45.0879 0x0a78 SystemInfo:
21:00:45.0879 0x0a78
21:00:45.0879 0x0a78 OS Version: 6.1.7601 ServicePack: 1.0
21:00:45.0879 0x0a78 Product type: Workstation
21:00:45.0879 0x0a78 ComputerName: SERENITY
21:00:45.0879 0x0a78 UserName: Mike
21:00:45.0879 0x0a78 Windows directory: C:\Windows
21:00:45.0879 0x0a78 System windows directory: C:\Windows
21:00:45.0879 0x0a78 Running under WOW64
21:00:45.0879 0x0a78 Processor architecture: Intel x64
21:00:45.0879 0x0a78 Number of processors: 4
21:00:45.0879 0x0a78 Page size: 0x1000
21:00:45.0879 0x0a78 Boot type: Normal boot
21:00:45.0879 0x0a78 ============================================================
21:00:46.0815 0x0a78 KLMD registered as C:\Windows\system32\drivers\44707948.sys
21:00:47.0485 0x0a78 System UUID: {9A315393-6EF7-EA57-A366-873D5488CA3C}
21:00:47.0953 0x0a78 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:00:47.0969 0x0a78 ============================================================
21:00:47.0969 0x0a78 \Device\Harddisk0\DR0:
21:00:47.0969 0x0a78 MBR partitions:
21:00:47.0969 0x0a78 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:00:47.0969 0x0a78 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEFFC8FD
21:00:47.0969 0x0a78 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xF02F13C, BlocksNum 0x9FA57605
21:00:47.0969 0x0a78 ============================================================
21:00:47.0969 0x0a78 C: <-> \Device\Harddisk0\DR0\Partition2
21:00:47.0985 0x0a78 D: <-> \Device\Harddisk0\DR0\Partition3
21:00:48.0031 0x0a78 E: <-> \Device\Harddisk0\DR0\Partition1
21:00:48.0031 0x0a78 ============================================================
21:00:48.0031 0x0a78 Initialize success
21:00:48.0031 0x0a78 ============================================================
21:01:00.0699 0x084c ============================================================
21:01:00.0699 0x084c Scan started
21:01:00.0699 0x084c Mode: Manual;
21:01:00.0699 0x084c ============================================================
21:01:00.0699 0x084c KSN ping started
21:01:03.0975 0x084c KSN ping finished: true
21:01:04.0521 0x084c ================ Scan system memory ========================
21:01:04.0521 0x084c System memory - ok
21:01:04.0536 0x084c ================ Scan services =============================
21:01:04.0583 0x084c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:01:04.0599 0x084c 1394ohci - ok
21:01:04.0614 0x084c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:01:04.0614 0x084c ACPI - ok
21:01:04.0630 0x084c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:01:04.0630 0x084c AcpiPmi - ok
21:01:04.0708 0x084c [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:01:04.0708 0x084c AdobeFlashPlayerUpdateSvc - ok
21:01:04.0739 0x084c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:01:04.0739 0x084c adp94xx - ok
21:01:04.0755 0x084c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:01:04.0770 0x084c adpahci - ok
21:01:04.0786 0x084c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:01:04.0786 0x084c adpu320 - ok
21:01:04.0801 0x084c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:01:04.0801 0x084c AeLookupSvc - ok
21:01:04.0833 0x084c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
21:01:04.0864 0x084c AFD - ok
21:01:04.0879 0x084c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:01:04.0879 0x084c agp440 - ok
21:01:04.0895 0x084c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:01:04.0895 0x084c ALG - ok
21:01:04.0911 0x084c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:01:04.0911 0x084c aliide - ok
21:01:04.0942 0x084c [ A359974EAAC83A435497C52F62A2E590, 7A7AFFE1CCE8732C478AE3EA630AA46C94DE0DBFE19EE63E3FB99B0D3338F038 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:01:04.0942 0x084c AMD External Events Utility - ok
21:01:04.0957 0x084c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:01:04.0957 0x084c amdide - ok
21:01:04.0957 0x084c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:01:04.0973 0x084c AmdK8 - ok
21:01:05.0191 0x084c [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:01:05.0394 0x084c amdkmdag - ok
21:01:05.0410 0x084c [ 6B4E9261B613B047A9A145F328889968, E5C6611E88381A9D40AD1CE80BFDDBDA733F4A8D3602AAE25A155D2C39B3B7FD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:01:05.0410 0x084c amdkmdap - ok
21:01:05.0425 0x084c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:01:05.0425 0x084c AmdPPM - ok
21:01:05.0441 0x084c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:01:05.0441 0x084c amdsata - ok
21:01:05.0457 0x084c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:01:05.0472 0x084c amdsbs - ok
21:01:05.0472 0x084c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:01:05.0472 0x084c amdxata - ok
21:01:05.0488 0x084c [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
21:01:05.0503 0x084c androidusb - ok
21:01:05.0503 0x084c [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
21:01:05.0519 0x084c AppID - ok
21:01:05.0519 0x084c [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:01:05.0519 0x084c AppIDSvc - ok
21:01:05.0550 0x084c [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
21:01:05.0566 0x084c Appinfo - ok
21:01:05.0581 0x084c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:01:05.0581 0x084c AppMgmt - ok
21:01:05.0597 0x084c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:01:05.0597 0x084c arc - ok
21:01:05.0613 0x084c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:01:05.0613 0x084c arcsas - ok
21:01:05.0628 0x084c [ 4B720CC508B4FB999A7BF0E6D84F73E1, 948A7EE58E74244B94F08B122C915FB3CFC3467BEB9ACB360AA8373143B3C485 ] ASDR C:\Windows\SysWOW64\ASDR.exe
21:01:05.0644 0x084c ASDR - ok
21:01:05.0706 0x084c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:01:05.0706 0x084c aspnet_state - ok
21:01:05.0722 0x084c [ A4398A8914C32F18EC2AB562CBA3CAAF, 7FD1E8399C46E9A9663CCB330160933235E28D2EE61ED8C084B59BD54C18A0F4 ] asusgsb C:\Windows\system32\drivers\asusgsb.sys
21:01:05.0722 0x084c asusgsb - ok
21:01:05.0737 0x084c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:01:05.0737 0x084c AsyncMac - ok
21:01:05.0753 0x084c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:01:05.0753 0x084c atapi - ok
21:01:05.0769 0x084c [ FDA1E117A7E880BFF5540D180C06EA87, 061A0AC1DBCF93D568C740BB18A5D76C7FFB1E86AE9339E046E6372EB8B93426 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:01:05.0769 0x084c AtiHDAudioService - ok
21:01:05.0784 0x084c [ FB4187C282CB467E5E606913A1FA79A3, B7C076F86E34D8DA965C78585AB3C1BE74AE2A10B9051938DA9672A4EDD62960 ] atkdisplf C:\Windows\system32\drivers\ATKDispLowFilter.sys
21:01:05.0784 0x084c atkdisplf - ok
21:01:05.0784 0x084c [ 86D873FD396FA6708A99A1BDF104D120, F71D0A67B5029DD721D916BD2E90B0A4CA7A5B56CA0896DD040A291E080E5B3A ] ATKFUSService C:\Windows\system32\ATKFUSService.exe
21:01:05.0800 0x084c ATKFUSService - ok
21:01:05.0831 0x084c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:01:05.0847 0x084c AudioEndpointBuilder - ok
21:01:05.0878 0x084c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:01:05.0878 0x084c AudioSrv - ok
21:01:05.0893 0x084c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:01:05.0893 0x084c AxInstSV - ok
21:01:05.0909 0x084c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:01:05.0925 0x084c b06bdrv - ok
21:01:05.0940 0x084c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:01:05.0940 0x084c b57nd60a - ok
21:01:05.0956 0x084c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:01:05.0956 0x084c BDESVC - ok
21:01:05.0971 0x084c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:01:05.0971 0x084c Beep - ok
21:01:06.0003 0x084c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:01:06.0018 0x084c BFE - ok
21:01:06.0049 0x084c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:01:06.0065 0x084c BITS - ok
21:01:06.0081 0x084c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:01:06.0081 0x084c blbdrive - ok
21:01:06.0112 0x084c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:01:06.0112 0x084c bowser - ok
21:01:06.0112 0x084c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:01:06.0112 0x084c BrFiltLo - ok
21:01:06.0112 0x084c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:01:06.0112 0x084c BrFiltUp - ok
21:01:06.0143 0x084c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:01:06.0143 0x084c Browser - ok
21:01:06.0143 0x084c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:01:06.0159 0x084c Brserid - ok
21:01:06.0159 0x084c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:01:06.0159 0x084c BrSerWdm - ok
21:01:06.0174 0x084c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:01:06.0174 0x084c BrUsbMdm - ok
21:01:06.0174 0x084c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:01:06.0174 0x084c BrUsbSer - ok
21:01:06.0174 0x084c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:01:06.0174 0x084c BTHMODEM - ok
21:01:06.0190 0x084c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:01:06.0205 0x084c bthserv - ok
21:01:06.0205 0x084c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:01:06.0205 0x084c cdfs - ok
21:01:06.0221 0x084c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:01:06.0221 0x084c cdrom - ok
21:01:06.0237 0x084c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:01:06.0237 0x084c CertPropSvc - ok
21:01:06.0237 0x084c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:01:06.0237 0x084c circlass - ok
21:01:06.0268 0x084c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
21:01:06.0268 0x084c CLFS - ok
21:01:06.0393 0x084c [ 9A5944952B122BBF68D0032EF440CFB5, D4046BA3F985A7F95F1A4A55B6F2976E292C861771CAC80CEC6DE4C82E8FDBB0 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:01:06.0455 0x084c ClickToRunSvc - ok
21:01:06.0502 0x084c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:01:06.0502 0x084c clr_optimization_v2.0.50727_32 - ok
21:01:06.0517 0x084c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:01:06.0517 0x084c clr_optimization_v2.0.50727_64 - ok
21:01:06.0549 0x084c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:01:06.0549 0x084c clr_optimization_v4.0.30319_32 - ok
21:01:06.0564 0x084c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:01:06.0564 0x084c clr_optimization_v4.0.30319_64 - ok
21:01:06.0580 0x084c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:01:06.0580 0x084c CmBatt - ok
21:01:06.0595 0x084c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:01:06.0595 0x084c cmdide - ok
21:01:06.0627 0x084c [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
21:01:06.0627 0x084c CNG - ok
21:01:06.0642 0x084c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:01:06.0642 0x084c Compbatt - ok
21:01:06.0642 0x084c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:01:06.0658 0x084c CompositeBus - ok
21:01:06.0658 0x084c COMSysApp - ok
21:01:06.0658 0x084c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:01:06.0658 0x084c crcdisk - ok
21:01:06.0689 0x084c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:01:06.0689 0x084c CryptSvc - ok
21:01:06.0705 0x084c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:01:06.0720 0x084c CSC - ok
21:01:06.0736 0x084c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:01:06.0751 0x084c CscService - ok
21:01:06.0767 0x084c [ A193FAE9BF40D981C3094252B17DE601, 585E9F48676DA26DBD30398E4D0E33378D25CB726EFA973E48B69F31C96A6E4E ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
21:01:06.0767 0x084c ctxusbm - ok
21:01:06.0798 0x084c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:01:06.0814 0x084c DcomLaunch - ok
21:01:06.0829 0x084c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:01:06.0829 0x084c defragsvc - ok
21:01:06.0845 0x084c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:01:06.0845 0x084c DfsC - ok
21:01:06.0876 0x084c [ B9430166FEB246F6070A62B3554932C9, 677DE435AA5C1FBFC0171384D4B7CED2EA6B0F8567540DB9DE454AC6D4A7C1D7 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:01:06.0876 0x084c dg_ssudbus - ok
21:01:06.0907 0x084c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:01:06.0907 0x084c Dhcp - ok
21:01:06.0907 0x084c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:01:06.0907 0x084c discache - ok
21:01:06.0923 0x084c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:01:06.0923 0x084c Disk - ok
21:01:06.0939 0x084c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:01:06.0939 0x084c dmvsc - ok
21:01:06.0970 0x084c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:01:06.0970 0x084c Dnscache - ok
21:01:06.0985 0x084c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:01:06.0985 0x084c dot3svc - ok
21:01:07.0001 0x084c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:01:07.0001 0x084c DPS - ok
21:01:07.0032 0x084c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:01:07.0032 0x084c drmkaud - ok
21:01:07.0048 0x084c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:01:07.0063 0x084c DXGKrnl - ok
21:01:07.0079 0x084c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:01:07.0079 0x084c EapHost - ok
21:01:07.0157 0x084c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:01:07.0219 0x084c ebdrv - ok
21:01:07.0251 0x084c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
21:01:07.0251 0x084c EFS - ok
21:01:07.0297 0x084c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:01:07.0313 0x084c ehRecvr - ok
21:01:07.0313 0x084c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:01:07.0313 0x084c ehSched - ok
21:01:07.0329 0x084c [ 343ADA10D948DB29251F2D9C809AF204, CF69704755EC2643DFD245AE1D4E15D77F306AEB1A576FFA159453DE1A7345CB ] EIO64 C:\Windows\system32\DRIVERS\EIO64.sys
21:01:07.0329 0x084c EIO64 - ok
21:01:07.0344 0x084c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:01:07.0360 0x084c elxstor - ok
21:01:07.0360 0x084c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:01:07.0360 0x084c ErrDev - ok
21:01:07.0391 0x084c [ DF2F6C1E55F6E81CFC7F688380D85816, D9085466AA9D98AA01CD8ADEBD798CB326D4FD53A07BD199C3E6E500B4619355 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
21:01:07.0391 0x084c EtronHub3 - ok
21:01:07.0391 0x084c [ E093ABFB67A4B9D94F80611A7D0A8BB9, A23D58767F58CBDFAA4AD25779BBBC4FAD51CBD8FEB9C89284635631E4F084A6 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
21:01:07.0407 0x084c EtronXHCI - ok
21:01:07.0422 0x084c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:01:07.0422 0x084c EventSystem - ok
21:01:07.0438 0x084c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:01:07.0438 0x084c exfat - ok
21:01:07.0438 0x084c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:01:07.0453 0x084c fastfat - ok
21:01:07.0469 0x084c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:01:07.0485 0x084c Fax - ok
21:01:07.0485 0x084c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:01:07.0485 0x084c fdc - ok
21:01:07.0500 0x084c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:01:07.0500 0x084c fdPHost - ok
21:01:07.0500 0x084c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:01:07.0516 0x084c FDResPub - ok
21:01:07.0516 0x084c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:01:07.0516 0x084c FileInfo - ok
21:01:07.0531 0x084c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:01:07.0531 0x084c Filetrace - ok
21:01:07.0531 0x084c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:01:07.0531 0x084c flpydisk - ok
21:01:07.0547 0x084c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:01:07.0547 0x084c FltMgr - ok
21:01:07.0594 0x084c [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
21:01:07.0625 0x084c FontCache - ok
21:01:07.0656 0x084c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:01:07.0672 0x084c FontCache3.0.0.0 - ok
21:01:07.0672 0x084c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:01:07.0672 0x084c FsDepends - ok
21:01:07.0687 0x084c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:01:07.0687 0x084c Fs_Rec - ok
21:01:07.0719 0x084c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:01:07.0719 0x084c fvevol - ok
21:01:07.0734 0x084c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:01:07.0734 0x084c gagp30kx - ok
21:01:07.0750 0x084c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:01:07.0765 0x084c gpsvc - ok
21:01:07.0828 0x084c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:07.0828 0x084c gupdate - ok
21:01:07.0828 0x084c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:07.0843 0x084c gupdatem - ok
21:01:07.0843 0x084c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:01:07.0843 0x084c hcw85cir - ok
21:01:07.0875 0x084c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:01:07.0890 0x084c HdAudAddService - ok
21:01:07.0906 0x084c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:01:07.0906 0x084c HDAudBus - ok
21:01:07.0921 0x084c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:01:07.0921 0x084c HidBatt - ok
21:01:07.0921 0x084c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:01:07.0921 0x084c HidBth - ok
21:01:07.0937 0x084c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:01:07.0937 0x084c HidIr - ok
21:01:07.0937 0x084c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:01:07.0937 0x084c hidserv - ok
21:01:07.0953 0x084c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:01:07.0953 0x084c HidUsb - ok
21:01:07.0984 0x084c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:01:07.0984 0x084c hkmsvc - ok
21:01:07.0999 0x084c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:01:08.0015 0x084c HomeGroupListener - ok
21:01:08.0031 0x084c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:01:08.0031 0x084c HomeGroupProvider - ok
21:01:08.0077 0x084c [ 53DCA61931847E35C950504BFB7559C6, 3F57CE29B52D32F7061407B63C4A9786F5B623E9F9F1121B02182DE044110D08 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
21:01:08.0077 0x084c HP LaserJet Service - ok
21:01:08.0093 0x084c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:01:08.0093 0x084c HpSAMD - ok
21:01:08.0124 0x084c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:01:08.0140 0x084c HTTP - ok
21:01:08.0140 0x084c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:01:08.0140 0x084c hwpolicy - ok
21:01:08.0155 0x084c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:01:08.0155 0x084c i8042prt - ok
21:01:08.0187 0x084c [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:01:08.0202 0x084c iaStor - ok
21:01:08.0233 0x084c [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:01:08.0233 0x084c IAStorDataMgrSvc - ok
21:01:08.0249 0x084c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:01:08.0265 0x084c iaStorV - ok
21:01:08.0311 0x084c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:01:08.0311 0x084c IDriverT - ok
21:01:08.0343 0x084c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:01:08.0374 0x084c idsvc - ok
21:01:08.0389 0x084c IEEtwCollectorService - ok
21:01:08.0405 0x084c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:01:08.0405 0x084c iirsp - ok
21:01:08.0436 0x084c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:01:08.0467 0x084c IKEEXT - ok
21:01:08.0545 0x084c [ C7124DA48E557D8F88D0D7F1254557F4, 300BC8ACB5CCB15F80ECAEAD27F12925EE94C84FE8110143A3E0F30E19DDA87B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:01:08.0577 0x084c IntcAzAudAddService - ok
21:01:08.0592 0x084c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:01:08.0592 0x084c intelide - ok
21:01:08.0608 0x084c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:01:08.0608 0x084c intelppm - ok
21:01:08.0639 0x084c [ A01C412699B6F21645B2885C2BAE4454, EA85BBE63D6F66F7EFEE7007E770AF820D57F914C7F179C5FEE3EF2845F19C41 ] IOMap C:\Windows\system32\drivers\IOMap64.sys
21:01:08.0639 0x084c IOMap - ok
21:01:08.0655 0x084c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:01:08.0655 0x084c IPBusEnum - ok
21:01:08.0655 0x084c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:01:08.0670 0x084c IpFilterDriver - ok
21:01:08.0686 0x084c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:01:08.0701 0x084c iphlpsvc - ok
21:01:08.0701 0x084c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:01:08.0701 0x084c IPMIDRV - ok
21:01:08.0717 0x084c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:01:08.0717 0x084c IPNAT - ok
21:01:08.0733 0x084c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:01:08.0733 0x084c IRENUM - ok
21:01:08.0748 0x084c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:01:08.0748 0x084c isapnp - ok
21:01:08.0764 0x084c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:01:08.0764 0x084c iScsiPrt - ok
21:01:08.0779 0x084c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:01:08.0779 0x084c kbdclass - ok
21:01:08.0795 0x084c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:01:08.0795 0x084c kbdhid - ok
21:01:08.0811 0x084c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
21:01:08.0811 0x084c KeyIso - ok
21:01:08.0826 0x084c [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:01:08.0826 0x084c KSecDD - ok
21:01:08.0842 0x084c [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:01:08.0842 0x084c KSecPkg - ok
21:01:08.0857 0x084c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:01:08.0857 0x084c ksthunk - ok
21:01:08.0889 0x084c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:01:08.0889 0x084c KtmRm - ok
21:01:08.0920 0x084c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:01:08.0920 0x084c LanmanServer - ok
21:01:08.0935 0x084c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:01:08.0935 0x084c LanmanWorkstation - ok
21:01:08.0967 0x084c [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:01:08.0982 0x084c LBTServ - ok
21:01:08.0998 0x084c [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:01:08.0998 0x084c LHidFilt - ok
21:01:09.0013 0x084c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:01:09.0029 0x084c lltdio - ok
21:01:09.0045 0x084c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:01:09.0045 0x084c lltdsvc - ok
21:01:09.0060 0x084c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:01:09.0060 0x084c lmhosts - ok
21:01:09.0076 0x084c [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:01:09.0076 0x084c LMouFilt - ok
21:01:09.0091 0x084c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:01:09.0107 0x084c LSI_FC - ok
21:01:09.0123 0x084c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:01:09.0123 0x084c LSI_SAS - ok
21:01:09.0138 0x084c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:01:09.0138 0x084c LSI_SAS2 - ok
21:01:09.0138 0x084c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:01:09.0138 0x084c LSI_SCSI - ok
21:01:09.0154 0x084c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:01:09.0154 0x084c luafv - ok
21:01:09.0169 0x084c [ 9659AA75AC920EF6393B8CF77E21D1B9, 76706516DF281B48ABB2A43CA81B6EA0551937BE1C21AEA0A522AA717C27FD0A ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
21:01:09.0169 0x084c LUsbFilt - ok
21:01:09.0185 0x084c [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
21:01:09.0185 0x084c MBfilt - ok
21:01:09.0201 0x084c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:01:09.0201 0x084c Mcx2Svc - ok
21:01:09.0201 0x084c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:01:09.0201 0x084c megasas - ok
21:01:09.0216 0x084c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:01:09.0232 0x084c MegaSR - ok
21:01:09.0247 0x084c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:01:09.0247 0x084c MEIx64 - ok
21:01:09.0263 0x084c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:01:09.0263 0x084c MMCSS - ok
21:01:09.0279 0x084c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:01:09.0279 0x084c Modem - ok
21:01:09.0279 0x084c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:01:09.0279 0x084c monitor - ok
21:01:09.0310 0x084c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:01:09.0310 0x084c mouclass - ok
21:01:09.0310 0x084c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:01:09.0310 0x084c mouhid - ok
21:01:09.0325 0x084c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:01:09.0325 0x084c mountmgr - ok
21:01:09.0372 0x084c [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:01:09.0372 0x084c MozillaMaintenance - ok
21:01:09.0403 0x084c [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:01:09.0403 0x084c MpFilter - ok
21:01:09.0403 0x084c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:01:09.0419 0x084c mpio - ok
21:01:09.0419 0x084c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:01:09.0419 0x084c mpsdrv - ok
21:01:09.0450 0x084c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:01:09.0466 0x084c MpsSvc - ok
21:01:09.0497 0x084c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:01:09.0497 0x084c MRxDAV - ok
21:01:09.0513 0x084c [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:01:09.0528 0x084c mrxsmb - ok
21:01:09.0544 0x084c [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:01:09.0575 0x084c mrxsmb10 - ok
21:01:09.0606 0x084c [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:01:09.0606 0x084c mrxsmb20 - ok
21:01:09.0622 0x084c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:01:09.0622 0x084c msahci - ok
21:01:09.0653 0x084c [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
21:01:09.0669 0x084c MSCamSvc - ok
21:01:09.0669 0x084c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:01:09.0669 0x084c msdsm - ok
21:01:09.0684 0x084c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:01:09.0684 0x084c MSDTC - ok
21:01:09.0700 0x084c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:01:09.0700 0x084c Msfs - ok
21:01:09.0715 0x084c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:01:09.0715 0x084c mshidkmdf - ok
21:01:09.0731 0x084c [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
21:01:09.0731 0x084c MSHUSBVideo - ok
21:01:09.0747 0x084c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:01:09.0747 0x084c msisadrv - ok
21:01:09.0762 0x084c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:01:09.0762 0x084c MSiSCSI - ok
21:01:09.0762 0x084c msiserver - ok
21:01:09.0778 0x084c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:01:09.0778 0x084c MSKSSRV - ok
21:01:09.0809 0x084c [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:01:09.0809 0x084c MsMpSvc - ok
21:01:09.0825 0x084c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:01:09.0825 0x084c MSPCLOCK - ok
21:01:09.0825 0x084c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:01:09.0825 0x084c MSPQM - ok
21:01:09.0840 0x084c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:01:09.0840 0x084c MsRPC - ok
21:01:09.0856 0x084c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:01:09.0856 0x084c mssmbios - ok
21:01:09.0856 0x084c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:01:09.0871 0x084c MSTEE - ok
21:01:09.0871 0x084c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:01:09.0871 0x084c MTConfig - ok
21:01:09.0887 0x084c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:01:09.0887 0x084c Mup - ok
21:01:09.0903 0x084c [ 4FAD606C7AEB336E5AA4A005DE09CA80, 5BF117B7B369ED13ADEE262B19169FF63356B60C482BF24DC4A0B0741C77B996 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
21:01:09.0903 0x084c mv91xx - ok
21:01:09.0934 0x084c [ E590F14F36617533091BC1DDCF80E8AE, 3EBA1EFBA37A429893C253DE21DF5FD46723C6C79679868E512D65CFF6963048 ] mvusbews C:\Windows\system32\Drivers\mvusbews.sys
21:01:09.0934 0x084c mvusbews - ok
21:01:09.0949 0x084c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:01:09.0965 0x084c napagent - ok
21:01:09.0981 0x084c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:01:09.0996 0x084c NativeWifiP - ok
21:01:10.0043 0x084c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:01:10.0059 0x084c NDIS - ok
21:01:10.0074 0x084c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:01:10.0074 0x084c NdisCap - ok
21:01:10.0090 0x084c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:01:10.0090 0x084c NdisTapi - ok
21:01:10.0090 0x084c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:01:10.0090 0x084c Ndisuio - ok
21:01:10.0105 0x084c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:10.0105 0x084c NdisWan - ok
21:01:10.0121 0x084c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:01:10.0121 0x084c NDProxy - ok
21:01:10.0137 0x084c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:01:10.0137 0x084c NetBIOS - ok
21:01:10.0152 0x084c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:01:10.0152 0x084c NetBT - ok
21:01:10.0152 0x084c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
21:01:10.0152 0x084c Netlogon - ok
21:01:10.0183 0x084c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:01:10.0183 0x084c Netman - ok
21:01:10.0215 0x084c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:10.0215 0x084c NetMsmqActivator - ok
21:01:10.0215 0x084c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:10.0215 0x084c NetPipeActivator - ok
21:01:10.0230 0x084c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:01:10.0230 0x084c netprofm - ok
21:01:10.0246 0x084c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:10.0246 0x084c NetTcpActivator - ok
21:01:10.0246 0x084c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:10.0246 0x084c NetTcpPortSharing - ok
21:01:10.0261 0x084c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:01:10.0277 0x084c nfrd960 - ok
21:01:10.0293 0x084c [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:01:10.0293 0x084c NisDrv - ok
21:01:10.0324 0x084c [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:01:10.0324 0x084c NisSrv - ok
21:01:10.0355 0x084c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:01:10.0355 0x084c NlaSvc - ok
21:01:10.0386 0x084c [ 6E25BE911475B925A257D947A6DA07A9, 99E06AFE56C4F2D0850A570825A8D98BE0BFDBB44C6FD18D60AF34BB7A3BB38E ] NoIPDUCService4 C:\Program Files (x86)\No-IP\ducservice.exe
21:01:10.0402 0x084c NoIPDUCService4 - ok
21:01:10.0402 0x084c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:01:10.0402 0x084c Npfs - ok
21:01:10.0417 0x084c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:01:10.0417 0x084c nsi - ok
21:01:10.0433 0x084c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:01:10.0433 0x084c nsiproxy - ok
21:01:10.0480 0x084c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:01:10.0511 0x084c Ntfs - ok
21:01:10.0527 0x084c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:01:10.0527 0x084c Null - ok
21:01:10.0558 0x084c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:01:10.0558 0x084c nvraid - ok
21:01:10.0573 0x084c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:01:10.0573 0x084c nvstor - ok
21:01:10.0573 0x084c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:01:10.0589 0x084c nv_agp - ok
21:01:10.0589 0x084c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:01:10.0589 0x084c ohci1394 - ok
21:01:10.0636 0x084c [ 86D9EAFF4EF368E3C39C4C8FACAB6BDF, 2B43876A1B5B1B941D13EB015E90EBE3AE4F633FC2344AF6CE384E8FCB6A99E1 ] OneTouch 4.0 Monitor C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
21:01:10.0636 0x084c OneTouch 4.0 Monitor - ok
21:01:10.0667 0x084c [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:01:10.0667 0x084c ose64 - ok
21:01:10.0792 0x084c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:01:10.0885 0x084c osppsvc - ok
21:01:10.0917 0x084c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:01:10.0917 0x084c p2pimsvc - ok
21:01:10.0932 0x084c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:01:10.0948 0x084c p2psvc - ok
21:01:10.0948 0x084c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:01:10.0948 0x084c Parport - ok
21:01:10.0979 0x084c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:01:10.0979 0x084c partmgr - ok
21:01:10.0995 0x084c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:01:11.0010 0x084c PcaSvc - ok
21:01:11.0010 0x084c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:01:11.0026 0x084c pci - ok
21:01:11.0041 0x084c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:01:11.0041 0x084c pciide - ok
21:01:11.0057 0x084c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:01:11.0057 0x084c pcmcia - ok
21:01:11.0057 0x084c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:01:11.0073 0x084c pcw - ok
21:01:11.0088 0x084c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:01:11.0104 0x084c PEAUTH - ok
21:01:11.0151 0x084c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:01:11.0182 0x084c PeerDistSvc - ok
21:01:11.0260 0x084c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:01:11.0260 0x084c PerfHost - ok
21:01:11.0291 0x084c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:01:11.0322 0x084c pla - ok
21:01:11.0353 0x084c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:01:11.0369 0x084c PlugPlay - ok
21:01:11.0369 0x084c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:01:11.0385 0x084c PNRPAutoReg - ok
21:01:11.0400 0x084c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:01:11.0400 0x084c PNRPsvc - ok
21:01:11.0416 0x084c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:01:11.0431 0x084c PolicyAgent - ok
21:01:11.0447 0x084c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:01:11.0447 0x084c Power - ok
21:01:11.0463 0x084c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:01:11.0463 0x084c PptpMiniport - ok
21:01:11.0478 0x084c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:01:11.0478 0x084c Processor - ok
21:01:11.0494 0x084c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:01:11.0509 0x084c ProfSvc - ok
21:01:11.0509 0x084c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:01:11.0509 0x084c ProtectedStorage - ok
21:01:11.0541 0x084c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:01:11.0541 0x084c Psched - ok
21:01:11.0572 0x084c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:01:11.0603 0x084c ql2300 - ok
21:01:11.0619 0x084c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:01:11.0619 0x084c ql40xx - ok
21:01:11.0650 0x084c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:01:11.0650 0x084c QWAVE - ok
21:01:11.0650 0x084c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:01:11.0650 0x084c QWAVEdrv - ok
21:01:11.0665 0x084c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:01:11.0665 0x084c RasAcd - ok
21:01:11.0681 0x084c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:01:11.0681 0x084c RasAgileVpn - ok
21:01:11.0697 0x084c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:01:11.0697 0x084c RasAuto - ok
21:01:11.0697 0x084c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:01:11.0712 0x084c Rasl2tp - ok
21:01:11.0728 0x084c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:01:11.0728 0x084c RasMan - ok
21:01:11.0743 0x084c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:01:11.0743 0x084c RasPppoe - ok
21:01:11.0759 0x084c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:01:11.0759 0x084c RasSstp - ok
21:01:11.0775 0x084c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:01:11.0775 0x084c rdbss - ok
21:01:11.0790 0x084c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:01:11.0790 0x084c rdpbus - ok
21:01:11.0806 0x084c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:01:11.0806 0x084c RDPCDD - ok
21:01:11.0821 0x084c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:01:11.0821 0x084c RDPDR - ok
21:01:11.0837 0x084c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:01:11.0837 0x084c RDPENCDD - ok
21:01:11.0837 0x084c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:01:11.0837 0x084c RDPREFMP - ok
21:01:11.0884 0x084c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:01:11.0884 0x084c RdpVideoMiniport - ok
21:01:11.0899 0x084c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:01:11.0915 0x084c RDPWD - ok
21:01:11.0915 0x084c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:01:11.0931 0x084c rdyboost - ok
21:01:11.0946 0x084c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:01:11.0946 0x084c RemoteAccess - ok
21:01:11.0962 0x084c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:01:11.0962 0x084c RemoteRegistry - ok
21:01:11.0962 0x084c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:01:11.0962 0x084c RpcEptMapper - ok
21:01:11.0977 0x084c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:01:11.0977 0x084c RpcLocator - ok
21:01:11.0993 0x084c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:01:12.0009 0x084c RpcSs - ok
21:01:12.0009 0x084c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:01:12.0009 0x084c rspndr - ok
21:01:12.0040 0x084c [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:01:12.0040 0x084c RTL8167 - ok
21:01:12.0055 0x084c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:01:12.0055 0x084c s3cap - ok
21:01:12.0055 0x084c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
21:01:12.0055 0x084c SamSs - ok
21:01:12.0071 0x084c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:01:12.0071 0x084c sbp2port - ok
21:01:12.0087 0x084c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:01:12.0087 0x084c SCardSvr - ok
21:01:12.0102 0x084c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:01:12.0102 0x084c scfilter - ok
21:01:12.0133 0x084c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:01:12.0165 0x084c Schedule - ok
21:01:12.0196 0x084c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:01:12.0196 0x084c SCPolicySvc - ok
21:01:12.0211 0x084c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:01:12.0211 0x084c SDRSVC - ok
21:01:12.0211 0x084c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:01:12.0211 0x084c secdrv - ok
21:01:12.0227 0x084c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:01:12.0227 0x084c seclogon - ok
21:01:12.0243 0x084c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:01:12.0243 0x084c SENS - ok
21:01:12.0243 0x084c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:01:12.0243 0x084c SensrSvc - ok
21:01:12.0258 0x084c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:01:12.0258 0x084c Serenum - ok
21:01:12.0274 0x084c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:01:12.0274 0x084c Serial - ok
21:01:12.0289 0x084c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:01:12.0289 0x084c sermouse - ok
21:01:12.0289 0x084c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:01:12.0289 0x084c SessionEnv - ok
21:01:12.0305 0x084c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:01:12.0305 0x084c sffdisk - ok
21:01:12.0305 0x084c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:01:12.0305 0x084c sffp_mmc - ok
21:01:12.0321 0x084c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:01:12.0321 0x084c sffp_sd - ok
21:01:12.0321 0x084c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:01:12.0321 0x084c sfloppy - ok
21:01:12.0336 0x084c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:01:12.0352 0x084c SharedAccess - ok
21:01:12.0367 0x084c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:01:12.0367 0x084c ShellHWDetection - ok
21:01:12.0383 0x084c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:01:12.0383 0x084c SiSRaid2 - ok
21:01:12.0399 0x084c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:01:12.0399 0x084c SiSRaid4 - ok
21:01:12.0414 0x084c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:01:12.0414 0x084c Smb - ok
21:01:12.0430 0x084c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:01:12.0430 0x084c SNMPTRAP - ok
21:01:12.0445 0x084c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:01:12.0445 0x084c spldr - ok
21:01:12.0461 0x084c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:01:12.0477 0x084c Spooler - ok
21:01:12.0555 0x084c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:01:12.0633 0x084c sppsvc - ok
21:01:12.0648 0x084c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:01:12.0648 0x084c sppuinotify - ok
21:01:12.0664 0x084c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:01:12.0679 0x084c srv - ok
21:01:12.0695 0x084c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:01:12.0695 0x084c srv2 - ok
21:01:12.0711 0x084c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:01:12.0711 0x084c srvnet - ok
21:01:12.0742 0x084c [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
21:01:12.0757 0x084c ssadbus - ok
21:01:12.0773 0x084c [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:01:12.0789 0x084c ssadmdfl - ok
21:01:12.0820 0x084c [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
21:01:12.0835 0x084c ssadmdm - ok
21:01:12.0851 0x084c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:01:12.0851 0x084c SSDPSRV - ok
21:01:12.0851 0x084c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:01:12.0851 0x084c SstpSvc - ok
21:01:12.0882 0x084c [ C692C94FE55CAD0633440236022C27B3, 9A21E9B2EB96DC8C58DE060EEAFC2FD71AB9C539039DAAD5F7380556E2D1D69B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:01:12.0898 0x084c ssudmdm - ok
21:01:12.0960 0x084c [ 9A5444C8F06477EFD8B6A4B64748DF76, 19D90A266118A842B8E26B783466C4551A35A9F2F2F9B4B3CF14735D03D861BA ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:01:13.0257 0x084c Steam Client Service - ok
21:01:13.0257 0x084c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:01:13.0257 0x084c stexstor - ok
21:01:13.0288 0x084c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:01:13.0303 0x084c stisvc - ok
21:01:13.0319 0x084c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:01:13.0319 0x084c storflt - ok
21:01:13.0335 0x084c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:01:13.0335 0x084c StorSvc - ok
21:01:13.0350 0x084c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:01:13.0350 0x084c storvsc - ok
21:01:13.0366 0x084c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:01:13.0366 0x084c swenum - ok
21:01:13.0381 0x084c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:01:13.0381 0x084c swprv - ok
21:01:13.0444 0x084c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:01:13.0475 0x084c SysMain - ok
21:01:13.0491 0x084c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:01:13.0491 0x084c TabletInputService - ok
21:01:13.0506 0x084c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:01:13.0522 0x084c TapiSrv - ok
21:01:13.0537 0x084c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:01:13.0537 0x084c TBS - ok
21:01:13.0584 0x084c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:01:13.0631 0x084c Tcpip - ok
21:01:13.0678 0x084c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:01:13.0709 0x084c TCPIP6 - ok
21:01:13.0725 0x084c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:01:13.0725 0x084c tcpipreg - ok
21:01:13.0740 0x084c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:01:13.0740 0x084c TDPIPE - ok
21:01:13.0756 0x084c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:01:13.0756 0x084c TDTCP - ok
21:01:13.0787 0x084c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:01:13.0787 0x084c tdx - ok
21:01:13.0803 0x084c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:01:13.0803 0x084c TermDD - ok
21:01:13.0834 0x084c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:01:13.0849 0x084c TermService - ok
21:01:13.0865 0x084c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:01:13.0865 0x084c Themes - ok
21:01:13.0881 0x084c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:01:13.0881 0x084c THREADORDER - ok
21:01:13.0896 0x084c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:01:13.0896 0x084c TrkWks - ok
21:01:13.0927 0x084c [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
21:01:13.0959 0x084c TrueSight - ok
21:01:13.0974 0x084c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:01:13.0974 0x084c TrustedInstaller - ok
21:01:13.0990 0x084c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:01:13.0990 0x084c tssecsrv - ok
21:01:14.0021 0x084c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:01:14.0021 0x084c TsUsbFlt - ok
21:01:14.0037 0x084c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:01:14.0037 0x084c TsUsbGD - ok
21:01:14.0052 0x084c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:01:14.0068 0x084c tunnel - ok
21:01:14.0068 0x084c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:01:14.0068 0x084c uagp35 - ok
21:01:14.0083 0x084c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:01:14.0099 0x084c udfs - ok
21:01:14.0099 0x084c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:01:14.0115 0x084c UI0Detect - ok
21:01:14.0115 0x084c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:01:14.0115 0x084c uliagpkx - ok
21:01:14.0130 0x084c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:01:14.0130 0x084c umbus - ok
21:01:14.0146 0x084c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:01:14.0146 0x084c UmPass - ok
21:01:14.0177 0x084c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:01:14.0177 0x084c UmRdpService - ok
21:01:14.0193 0x084c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:01:14.0208 0x084c upnphost - ok
21:01:14.0224 0x084c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

tdsskiller log part 2

Unread postby ukemike » November 21st, 2015, 1:06 am

\usbaudio.sys
21:01:14.0239 0x084c usbaudio - ok
21:01:14.0255 0x084c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:01:14.0255 0x084c usbccgp - ok
21:01:14.0286 0x084c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:01:14.0286 0x084c usbcir - ok
21:01:14.0302 0x084c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:01:14.0302 0x084c usbehci - ok
21:01:14.0317 0x084c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:01:14.0333 0x084c usbhub - ok
21:01:14.0333 0x084c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:01:14.0333 0x084c usbohci - ok
21:01:14.0349 0x084c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:01:14.0349 0x084c usbprint - ok
21:01:14.0349 0x084c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
21:01:14.0364 0x084c usbscan - ok
21:01:14.0380 0x084c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:01:14.0380 0x084c USBSTOR - ok
21:01:14.0395 0x084c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:01:14.0395 0x084c usbuhci - ok
21:01:14.0411 0x084c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:01:14.0411 0x084c usbvideo - ok
21:01:14.0427 0x084c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:01:14.0427 0x084c UxSms - ok
21:01:14.0427 0x084c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
21:01:14.0427 0x084c VaultSvc - ok
21:01:14.0458 0x084c [ AD6D273E646B94BB6668C8CB439CFBD3, 0B9218E121280FA39932BF30B0B92D887EADFF6C42B56786A2BF133248B92A09 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
21:01:14.0458 0x084c VBoxDrv - ok
21:01:14.0489 0x084c [ B0A8C5BC95689A130F9E05492341833D, 8DDC6D77B0541813919B685D2DFCDFA4F752F8DD99400DA87523F8D2E9D72D27 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:01:14.0489 0x084c VBoxNetAdp - ok
21:01:14.0505 0x084c [ 2966838EDAFBEB2819D127BF7D23F27B, F7ED1A0FDFA1B655315A3BC5630F59DDD7DD5BED8ABB7679ED5390F9A8B3B303 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
21:01:14.0505 0x084c VBoxNetFlt - ok
21:01:14.0520 0x084c [ E5C140160617B2B0545B4051AA9507FF, 3BC0A0CA1BD510FCFDD8222B05A370903B15DC06C4277A5F0BA95A6382970978 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
21:01:14.0536 0x084c VBoxUSBMon - ok
21:01:14.0536 0x084c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:01:14.0536 0x084c vdrvroot - ok
21:01:14.0551 0x084c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:01:14.0567 0x084c vds - ok
21:01:14.0583 0x084c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:01:14.0583 0x084c vga - ok
21:01:14.0583 0x084c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:01:14.0583 0x084c VgaSave - ok
21:01:14.0598 0x084c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:01:14.0598 0x084c vhdmp - ok
21:01:14.0629 0x084c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:01:14.0629 0x084c viaide - ok
21:01:14.0629 0x084c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:01:14.0645 0x084c vmbus - ok
21:01:14.0645 0x084c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:01:14.0645 0x084c VMBusHID - ok
21:01:14.0661 0x084c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:01:14.0661 0x084c volmgr - ok
21:01:14.0676 0x084c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:01:14.0676 0x084c volmgrx - ok
21:01:14.0676 0x084c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:01:14.0692 0x084c volsnap - ok
21:01:14.0707 0x084c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:01:14.0707 0x084c vsmraid - ok
21:01:14.0754 0x084c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:01:14.0785 0x084c VSS - ok
21:01:14.0801 0x084c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:01:14.0801 0x084c vwifibus - ok
21:01:14.0817 0x084c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:01:14.0832 0x084c W32Time - ok
21:01:14.0832 0x084c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:01:14.0848 0x084c WacomPen - ok
21:01:14.0863 0x084c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:01:14.0863 0x084c WANARP - ok
21:01:14.0863 0x084c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:01:14.0863 0x084c Wanarpv6 - ok
21:01:14.0926 0x084c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:01:14.0957 0x084c WatAdminSvc - ok
21:01:14.0988 0x084c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:01:15.0019 0x084c wbengine - ok
21:01:15.0035 0x084c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:01:15.0035 0x084c WbioSrvc - ok
21:01:15.0066 0x084c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:01:15.0066 0x084c wcncsvc - ok
21:01:15.0066 0x084c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:01:15.0066 0x084c WcsPlugInService - ok
21:01:15.0082 0x084c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:01:15.0082 0x084c Wd - ok
21:01:15.0129 0x084c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:01:15.0144 0x084c Wdf01000 - ok
21:01:15.0144 0x084c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:01:15.0144 0x084c WdiServiceHost - ok
21:01:15.0144 0x084c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:01:15.0160 0x084c WdiSystemHost - ok
21:01:15.0175 0x084c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
21:01:15.0175 0x084c WebClient - ok
21:01:15.0191 0x084c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:01:15.0191 0x084c Wecsvc - ok
21:01:15.0207 0x084c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:01:15.0207 0x084c wercplsupport - ok
21:01:15.0207 0x084c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:01:15.0222 0x084c WerSvc - ok
21:01:15.0222 0x084c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:01:15.0222 0x084c WfpLwf - ok
21:01:15.0222 0x084c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:01:15.0222 0x084c WIMMount - ok
21:01:15.0253 0x084c WinDefend - ok
21:01:15.0253 0x084c WinHttpAutoProxySvc - ok
21:01:15.0285 0x084c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:01:15.0300 0x084c Winmgmt - ok
21:01:15.0347 0x084c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
21:01:15.0409 0x084c WinRM - ok
21:01:15.0441 0x084c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:01:15.0441 0x084c WinUsb - ok
21:01:15.0472 0x084c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:01:15.0503 0x084c Wlansvc - ok
21:01:15.0597 0x084c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:01:15.0659 0x084c wlidsvc - ok
21:01:15.0675 0x084c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:01:15.0675 0x084c WmiAcpi - ok
21:01:15.0675 0x084c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:01:15.0690 0x084c wmiApSrv - ok
21:01:15.0706 0x084c WMPNetworkSvc - ok
21:01:15.0706 0x084c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:01:15.0706 0x084c WPCSvc - ok
21:01:15.0721 0x084c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:01:15.0721 0x084c WPDBusEnum - ok
21:01:15.0737 0x084c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:01:15.0737 0x084c ws2ifsl - ok
21:01:15.0737 0x084c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:01:15.0737 0x084c wscsvc - ok
21:01:15.0737 0x084c WSearch - ok
21:01:15.0815 0x084c [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
21:01:15.0877 0x084c wuauserv - ok
21:01:15.0893 0x084c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:01:15.0893 0x084c WudfPf - ok
21:01:15.0924 0x084c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:15.0924 0x084c WUDFRd - ok
21:01:15.0955 0x084c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:01:15.0955 0x084c wudfsvc - ok
21:01:15.0971 0x084c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:01:15.0987 0x084c WwanSvc - ok
21:01:16.0002 0x084c ================ Scan global ===============================
21:01:16.0018 0x084c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:01:16.0033 0x084c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
21:01:16.0065 0x084c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
21:01:16.0080 0x084c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:01:16.0111 0x084c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:01:16.0111 0x084c [ Global ] - ok
21:01:16.0111 0x084c ================ Scan MBR ==================================
21:01:16.0111 0x084c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:01:16.0283 0x084c \Device\Harddisk0\DR0 - ok
21:01:16.0283 0x084c ================ Scan VBR ==================================
21:01:16.0283 0x084c [ 9260155BDC7C369121FD4779BA12DE97 ] \Device\Harddisk0\DR0\Partition1
21:01:16.0330 0x084c \Device\Harddisk0\DR0\Partition1 - ok
21:01:16.0330 0x084c [ 64117C5665B9EE886222D852FE39E213 ] \Device\Harddisk0\DR0\Partition2
21:01:16.0377 0x084c \Device\Harddisk0\DR0\Partition2 - ok
21:01:16.0377 0x084c [ 810A3967FA8F75D1FE962B4E0A535D07 ] \Device\Harddisk0\DR0\Partition3
21:01:16.0423 0x084c \Device\Harddisk0\DR0\Partition3 - ok
21:01:16.0423 0x084c ================ Scan generic autorun ======================
21:01:16.0673 0x084c [ 7180CC6A80918BB5F9A50F6FFF51AC33, 5D1FF27BB2AE0F3A722F396D4E0E4E7EBCEF806B49533D2292AFB8C7529CBBC6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:01:16.0907 0x084c RTHDVCPL - ok
21:01:16.0954 0x084c [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
21:01:17.0001 0x084c MSC - ok
21:01:17.0079 0x084c [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
21:01:17.0141 0x084c EvtMgr6 - ok
21:01:17.0188 0x084c [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
21:01:17.0188 0x084c IAStorIcon - ok
21:01:17.0203 0x084c [ 7F271833DF826333F8EFB1EB4DEB2F39, F790791269BC6941DC61686C623DD9477F3C6A56EFBAEC025ECF31431010B614 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:01:17.0219 0x084c StartCCC - ok
21:01:17.0235 0x084c [ FE248A991DC14D2E5FACF7729BF88B23, 727C7260AC106BC32226B55205D3552368990DFEAFC860149110C09E1F76CBE2 ] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
21:01:17.0250 0x084c ASUSGamerOSD - ok
21:01:17.0266 0x084c [ 5944DC25A337F489679388E3308DD6AC, 0CC6F129B67DAE67DE0278AA68AFA6597EACA1521E19099109DEFCB0D386FCA1 ] C:\Program Files (x86)\Winamp\winampa.exe
21:01:17.0266 0x084c WinampAgent - ok
21:01:17.0297 0x084c [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
21:01:17.0313 0x084c LifeCam - ok
21:01:17.0406 0x084c [ BBA5F685CC03C5B4D43DC1EFB7ACC653, 325108E4751C82D370C3B450669C702DC4663AB631EBA3597D37E77CDE30652E ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
21:01:17.0484 0x084c KiesTrayAgent - ok
21:01:17.0531 0x084c CitrixReceiver - ok
21:01:17.0593 0x084c [ 2EBE05FD8ECBA5F230FC26E534E91A11, B8E85D51BD4E6C0D4D447DFA327EAA0AE4A33F04F42063A58122153933C1770E ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
21:01:17.0609 0x084c ConnectionCenter - ok
21:01:17.0625 0x084c [ 17D9622BFE68386E8C647C4C7F8FEA3E, 50F943F2E47512DCE61A9EBB188361CB71CACC74D9397FA1367AB7112F2C7A09 ] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
21:01:17.0625 0x084c Redirector - ok
21:01:17.0656 0x084c [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:01:17.0656 0x084c APSDaemon - ok
21:01:17.0687 0x084c [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
21:01:17.0703 0x084c QuickTime Task - ok
21:01:17.0734 0x084c [ B88D8AA53CC8E67C13B9D6BF5B49A8E3, F90E00731872CD8071A968F2121084A7AC85E781AFDBCD1A7D47CB1CA57758F5 ] C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe
21:01:17.0734 0x084c InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707 - ok
21:01:17.0765 0x084c [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
21:01:17.0765 0x084c amd_dc_opt - ok
21:01:17.0796 0x084c [ BDFE0D7AC114A3C0986B09468D841100, 9FC2342D24F92EB731D905795A7B38EEF2B8084D29B1407796F6BAC9E3772BC3 ] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
21:01:17.0796 0x084c HPUsageTrackingLEDM - ok
21:01:17.0843 0x084c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:01:17.0859 0x084c Sidebar - ok
21:01:17.0874 0x084c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:01:17.0874 0x084c mctadmin - ok
21:01:17.0905 0x084c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:01:17.0921 0x084c Sidebar - ok
21:01:17.0921 0x084c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:01:17.0921 0x084c mctadmin - ok
21:01:17.0921 0x084c KiesAirMessage - ok
21:01:17.0937 0x084c [ BAD288309D60BCC105A844F4A03E8A74, 326EEABDB0C5D985AD0E49A037C4F888E00A2FD7AC4FC89E60DD88D105874AC6 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
21:01:17.0937 0x084c KiesPDLR - ok
21:01:17.0999 0x084c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
21:01:17.0999 0x084c Google Update - ok
21:01:18.0030 0x084c [ 331F2281EF2094D8A23AF219FD9E759A, F8106B2B70A9055B618F5496AE701D8DB577B315311C2BE583870E031F727823 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
21:01:18.0061 0x084c KiesPreload - ok
21:01:18.0093 0x084c [ 9A6BED0E491E76B1DCB5016CB9E5A747, 325B5A7F1CD6CFD8B738E7887DB4CC17860565465A92840017F7DE311ACEA6DF ] C:\Program Files (x86)\No-IP\DUC40.exe
21:01:18.0108 0x084c NoIPDUCv4 - ok
21:01:18.0155 0x084c [ 7A2870C2A8283B3630BF7670D0362B94, A36AA6F2A78DF3E66ACA484E9E33D0CB01207FF52A0A8C006424493A5C489C48 ] C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
21:01:18.0171 0x084c GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A - ok
21:01:18.0171 0x084c Waiting for KSN requests completion. In queue: 294
21:01:19.0185 0x084c Waiting for KSN requests completion. In queue: 294
21:01:20.0199 0x084c Waiting for KSN requests completion. In queue: 294
21:01:21.0213 0x084c Waiting for KSN requests completion. In queue: 294
21:01:22.0227 0x084c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
21:01:22.0227 0x084c Win FW state via NFP2: disabled ( trusted )
21:01:35.0689 0x084c ============================================================
21:01:35.0689 0x084c Scan finished
21:01:35.0689 0x084c ============================================================
21:01:35.0689 0x1790 Detected object count: 0
21:01:35.0689 0x1790 Actual detected object count: 0
21:02:14.0019 0x0af0 ============================================================
21:02:14.0019 0x0af0 Scan started
21:02:14.0019 0x0af0 Mode: Manual; SigCheck;
21:02:14.0019 0x0af0 ============================================================
21:02:14.0019 0x0af0 KSN ping started
21:02:16.0920 0x0af0 KSN ping finished: true
21:02:17.0310 0x0af0 ================ Scan system memory ========================
21:02:17.0310 0x0af0 System memory - ok
21:02:17.0310 0x0af0 ================ Scan services =============================
21:02:17.0373 0x0af0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:02:17.0420 0x0af0 1394ohci - ok
21:02:17.0435 0x0af0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:02:17.0451 0x0af0 ACPI - ok
21:02:17.0451 0x0af0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:02:17.0498 0x0af0 AcpiPmi - ok
21:02:17.0576 0x0af0 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:02:17.0591 0x0af0 AdobeFlashPlayerUpdateSvc - ok
21:02:17.0607 0x0af0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:02:17.0622 0x0af0 adp94xx - ok
21:02:17.0638 0x0af0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:02:17.0638 0x0af0 adpahci - ok
21:02:17.0669 0x0af0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:02:17.0669 0x0af0 adpu320 - ok
21:02:17.0685 0x0af0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:02:17.0778 0x0af0 AeLookupSvc - ok
21:02:17.0794 0x0af0 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
21:02:17.0825 0x0af0 AFD - ok
21:02:17.0841 0x0af0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:02:17.0841 0x0af0 agp440 - ok
21:02:17.0856 0x0af0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:02:17.0888 0x0af0 ALG - ok
21:02:17.0903 0x0af0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:02:17.0903 0x0af0 aliide - ok
21:02:17.0919 0x0af0 [ A359974EAAC83A435497C52F62A2E590, 7A7AFFE1CCE8732C478AE3EA630AA46C94DE0DBFE19EE63E3FB99B0D3338F038 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:02:17.0950 0x0af0 AMD External Events Utility - ok
21:02:17.0966 0x0af0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:02:17.0981 0x0af0 amdide - ok
21:02:17.0981 0x0af0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:02:17.0997 0x0af0 AmdK8 - ok
21:02:18.0200 0x0af0 [ 60216B0E704584DE6D5A9F59E9C34C47, CC3E9F09FB28E50FDFCC5E6A996E28CB4E721DDDD50E23710DC74C5B0F7CE3E3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:02:18.0356 0x0af0 amdkmdag - ok
21:02:18.0387 0x0af0 [ 6B4E9261B613B047A9A145F328889968, E5C6611E88381A9D40AD1CE80BFDDBDA733F4A8D3602AAE25A155D2C39B3B7FD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:02:18.0402 0x0af0 amdkmdap - ok
21:02:18.0418 0x0af0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:02:18.0418 0x0af0 AmdPPM - ok
21:02:18.0434 0x0af0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:02:18.0449 0x0af0 amdsata - ok
21:02:18.0465 0x0af0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:02:18.0465 0x0af0 amdsbs - ok
21:02:18.0480 0x0af0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:02:18.0480 0x0af0 amdxata - ok
21:02:18.0512 0x0af0 [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
21:02:18.0527 0x0af0 androidusb - ok
21:02:18.0543 0x0af0 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
21:02:18.0574 0x0af0 AppID - ok
21:02:18.0590 0x0af0 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:02:18.0590 0x0af0 AppIDSvc - ok
21:02:18.0605 0x0af0 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
21:02:18.0636 0x0af0 Appinfo - ok
21:02:18.0652 0x0af0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:02:18.0668 0x0af0 AppMgmt - ok
21:02:18.0683 0x0af0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:02:18.0699 0x0af0 arc - ok
21:02:18.0699 0x0af0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:02:18.0714 0x0af0 arcsas - ok
21:02:18.0730 0x0af0 [ 4B720CC508B4FB999A7BF0E6D84F73E1, 948A7EE58E74244B94F08B122C915FB3CFC3467BEB9ACB360AA8373143B3C485 ] ASDR C:\Windows\SysWOW64\ASDR.exe
21:02:18.0746 0x0af0 ASDR - detected UnsignedFile.Multi.Generic ( 1 )
21:02:18.0746 0x0af0 Detect skipped due to KSN trusted
21:02:18.0746 0x0af0 ASDR - ok
21:02:18.0808 0x0af0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:02:18.0808 0x0af0 aspnet_state - ok
21:02:18.0824 0x0af0 [ A4398A8914C32F18EC2AB562CBA3CAAF, 7FD1E8399C46E9A9663CCB330160933235E28D2EE61ED8C084B59BD54C18A0F4 ] asusgsb C:\Windows\system32\drivers\asusgsb.sys
21:02:18.0855 0x0af0 asusgsb - ok
21:02:18.0855 0x0af0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:02:18.0886 0x0af0 AsyncMac - ok
21:02:18.0902 0x0af0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:02:18.0917 0x0af0 atapi - ok
21:02:18.0933 0x0af0 [ FDA1E117A7E880BFF5540D180C06EA87, 061A0AC1DBCF93D568C740BB18A5D76C7FFB1E86AE9339E046E6372EB8B93426 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:02:18.0933 0x0af0 AtiHDAudioService - ok
21:02:18.0933 0x0af0 [ FB4187C282CB467E5E606913A1FA79A3, B7C076F86E34D8DA965C78585AB3C1BE74AE2A10B9051938DA9672A4EDD62960 ] atkdisplf C:\Windows\system32\drivers\ATKDispLowFilter.sys
21:02:18.0964 0x0af0 atkdisplf - ok
21:02:18.0964 0x0af0 [ 86D873FD396FA6708A99A1BDF104D120, F71D0A67B5029DD721D916BD2E90B0A4CA7A5B56CA0896DD040A291E080E5B3A ] ATKFUSService C:\Windows\system32\ATKFUSService.exe
21:02:18.0980 0x0af0 ATKFUSService - detected UnsignedFile.Multi.Generic ( 1 )
21:02:18.0980 0x0af0 Detect skipped due to KSN trusted
21:02:18.0980 0x0af0 ATKFUSService - ok
21:02:19.0011 0x0af0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:02:19.0073 0x0af0 AudioEndpointBuilder - ok
21:02:19.0089 0x0af0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:02:19.0120 0x0af0 AudioSrv - ok
21:02:19.0136 0x0af0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:02:19.0167 0x0af0 AxInstSV - ok
21:02:19.0182 0x0af0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:02:19.0198 0x0af0 b06bdrv - ok
21:02:19.0229 0x0af0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:02:19.0245 0x0af0 b57nd60a - ok
21:02:19.0245 0x0af0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:02:19.0276 0x0af0 BDESVC - ok
21:02:19.0276 0x0af0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:02:19.0307 0x0af0 Beep - ok
21:02:19.0323 0x0af0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:02:19.0354 0x0af0 BFE - ok
21:02:19.0385 0x0af0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:02:19.0494 0x0af0 BITS - ok
21:02:19.0510 0x0af0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:02:19.0526 0x0af0 blbdrive - ok
21:02:19.0541 0x0af0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:02:19.0572 0x0af0 bowser - ok
21:02:19.0588 0x0af0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:02:19.0588 0x0af0 BrFiltLo - ok
21:02:19.0588 0x0af0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:02:19.0604 0x0af0 BrFiltUp - ok
21:02:19.0619 0x0af0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:02:19.0650 0x0af0 Browser - ok
21:02:19.0666 0x0af0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:02:19.0682 0x0af0 Brserid - ok
21:02:19.0682 0x0af0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:02:19.0697 0x0af0 BrSerWdm - ok
21:02:19.0697 0x0af0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:02:19.0713 0x0af0 BrUsbMdm - ok
21:02:19.0728 0x0af0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:02:19.0728 0x0af0 BrUsbSer - ok
21:02:19.0744 0x0af0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:02:19.0744 0x0af0 BTHMODEM - ok
21:02:19.0744 0x0af0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:02:19.0775 0x0af0 bthserv - ok
21:02:19.0791 0x0af0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:02:19.0806 0x0af0 cdfs - ok
21:02:19.0822 0x0af0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:02:19.0838 0x0af0 cdrom - ok
21:02:19.0838 0x0af0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:02:19.0869 0x0af0 CertPropSvc - ok
21:02:19.0869 0x0af0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:02:19.0884 0x0af0 circlass - ok
21:02:19.0900 0x0af0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
21:02:19.0916 0x0af0 CLFS - ok
21:02:20.0009 0x0af0 [ 9A5944952B122BBF68D0032EF440CFB5, D4046BA3F985A7F95F1A4A55B6F2976E292C861771CAC80CEC6DE4C82E8FDBB0 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:02:20.0056 0x0af0 ClickToRunSvc - ok
21:02:20.0103 0x0af0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:20.0103 0x0af0 clr_optimization_v2.0.50727_32 - ok
21:02:20.0134 0x0af0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:02:20.0134 0x0af0 clr_optimization_v2.0.50727_64 - ok
21:02:20.0181 0x0af0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:20.0181 0x0af0 clr_optimization_v4.0.30319_32 - ok
21:02:20.0196 0x0af0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:02:20.0212 0x0af0 clr_optimization_v4.0.30319_64 - ok
21:02:20.0212 0x0af0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:02:20.0228 0x0af0 CmBatt - ok
21:02:20.0243 0x0af0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:02:20.0243 0x0af0 cmdide - ok
21:02:20.0274 0x0af0 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
21:02:20.0290 0x0af0 CNG - ok
21:02:20.0306 0x0af0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:02:20.0321 0x0af0 Compbatt - ok
21:02:20.0321 0x0af0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:02:20.0337 0x0af0 CompositeBus - ok
21:02:20.0337 0x0af0 COMSysApp - ok
21:02:20.0337 0x0af0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:02:20.0352 0x0af0 crcdisk - ok
21:02:20.0368 0x0af0 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:02:20.0399 0x0af0 CryptSvc - ok
21:02:20.0430 0x0af0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:02:20.0446 0x0af0 CSC - ok
21:02:20.0462 0x0af0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:02:20.0477 0x0af0 CscService - ok
21:02:20.0508 0x0af0 [ A193FAE9BF40D981C3094252B17DE601, 585E9F48676DA26DBD30398E4D0E33378D25CB726EFA973E48B69F31C96A6E4E ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
21:02:20.0508 0x0af0 ctxusbm - ok
21:02:20.0524 0x0af0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:02:20.0555 0x0af0 DcomLaunch - ok
21:02:20.0571 0x0af0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:02:20.0602 0x0af0 defragsvc - ok
21:02:20.0602 0x0af0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:02:20.0633 0x0af0 DfsC - ok
21:02:20.0649 0x0af0 [ B9430166FEB246F6070A62B3554932C9, 677DE435AA5C1FBFC0171384D4B7CED2EA6B0F8567540DB9DE454AC6D4A7C1D7 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:02:20.0649 0x0af0 dg_ssudbus - ok
21:02:20.0664 0x0af0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:02:20.0696 0x0af0 Dhcp - ok
21:02:20.0696 0x0af0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:02:20.0727 0x0af0 discache - ok
21:02:20.0742 0x0af0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:02:20.0742 0x0af0 Disk - ok
21:02:20.0758 0x0af0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:02:20.0774 0x0af0 dmvsc - ok
21:02:20.0789 0x0af0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:02:20.0820 0x0af0 Dnscache - ok
21:02:20.0836 0x0af0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:02:20.0852 0x0af0 dot3svc - ok
21:02:20.0867 0x0af0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:02:20.0898 0x0af0 DPS - ok
21:02:20.0914 0x0af0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:02:20.0930 0x0af0 drmkaud - ok
21:02:20.0961 0x0af0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:02:20.0976 0x0af0 DXGKrnl - ok
21:02:20.0976 0x0af0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:02:21.0008 0x0af0 EapHost - ok
21:02:21.0070 0x0af0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:02:21.0148 0x0af0 ebdrv - ok
21:02:21.0164 0x0af0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
21:02:21.0179 0x0af0 EFS - ok
21:02:21.0210 0x0af0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:02:21.0242 0x0af0 ehRecvr - ok
21:02:21.0242 0x0af0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:02:21.0257 0x0af0 ehSched - ok
21:02:21.0257 0x0af0 [ 343ADA10D948DB29251F2D9C809AF204, CF69704755EC2643DFD245AE1D4E15D77F306AEB1A576FFA159453DE1A7345CB ] EIO64 C:\Windows\system32\DRIVERS\EIO64.sys
21:02:21.0273 0x0af0 EIO64 - ok
21:02:21.0288 0x0af0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:02:21.0304 0x0af0 elxstor - ok
21:02:21.0320 0x0af0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:02:21.0320 0x0af0 ErrDev - ok
21:02:21.0335 0x0af0 [ DF2F6C1E55F6E81CFC7F688380D85816, D9085466AA9D98AA01CD8ADEBD798CB326D4FD53A07BD199C3E6E500B4619355 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
21:02:21.0351 0x0af0 EtronHub3 - ok
21:02:21.0351 0x0af0 [ E093ABFB67A4B9D94F80611A7D0A8BB9, A23D58767F58CBDFAA4AD25779BBBC4FAD51CBD8FEB9C89284635631E4F084A6 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
21:02:21.0366 0x0af0 EtronXHCI - ok
21:02:21.0382 0x0af0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:02:21.0413 0x0af0 EventSystem - ok
21:02:21.0413 0x0af0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:02:21.0444 0x0af0 exfat - ok
21:02:21.0460 0x0af0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:02:21.0476 0x0af0 fastfat - ok
21:02:21.0491 0x0af0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:02:21.0522 0x0af0 Fax - ok
21:02:21.0522 0x0af0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:02:21.0538 0x0af0 fdc - ok
21:02:21.0554 0x0af0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:02:21.0569 0x0af0 fdPHost - ok
21:02:21.0585 0x0af0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:02:21.0600 0x0af0 FDResPub - ok
21:02:21.0616 0x0af0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:02:21.0616 0x0af0 FileInfo - ok
21:02:21.0632 0x0af0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:02:21.0647 0x0af0 Filetrace - ok
21:02:21.0647 0x0af0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:02:21.0663 0x0af0 flpydisk - ok
21:02:21.0678 0x0af0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:02:21.0694 0x0af0 FltMgr - ok
21:02:21.0725 0x0af0 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
21:02:21.0772 0x0af0 FontCache - ok
21:02:21.0803 0x0af0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:02:21.0803 0x0af0 FontCache3.0.0.0 - ok
21:02:21.0803 0x0af0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:02:21.0819 0x0af0 FsDepends - ok
21:02:21.0834 0x0af0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:02:21.0834 0x0af0 Fs_Rec - ok
21:02:21.0866 0x0af0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:02:21.0866 0x0af0 fvevol - ok
21:02:21.0881 0x0af0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:02:21.0897 0x0af0 gagp30kx - ok
21:02:21.0912 0x0af0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:02:21.0944 0x0af0 gpsvc - ok
21:02:22.0006 0x0af0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:02:22.0006 0x0af0 gupdate - ok
21:02:22.0022 0x0af0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:02:22.0022 0x0af0 gupdatem - ok
21:02:22.0037 0x0af0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:02:22.0068 0x0af0 hcw85cir - ok
21:02:22.0084 0x0af0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:02:22.0100 0x0af0 HdAudAddService - ok
21:02:22.0115 0x0af0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:02:22.0131 0x0af0 HDAudBus - ok
21:02:22.0131 0x0af0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:02:22.0146 0x0af0 HidBatt - ok
21:02:22.0162 0x0af0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:02:22.0178 0x0af0 HidBth - ok
21:02:22.0178 0x0af0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:02:22.0193 0x0af0 HidIr - ok
21:02:22.0193 0x0af0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:02:22.0224 0x0af0 hidserv - ok
21:02:22.0240 0x0af0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

tdsskiller log part 3 (last part)

Unread postby ukemike » November 21st, 2015, 1:06 am

\hidusb.sys
21:02:22.0240 0x0af0 HidUsb - ok
21:02:22.0256 0x0af0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:02:22.0287 0x0af0 hkmsvc - ok
21:02:22.0302 0x0af0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:02:22.0334 0x0af0 HomeGroupListener - ok
21:02:22.0349 0x0af0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:02:22.0365 0x0af0 HomeGroupProvider - ok
21:02:22.0396 0x0af0 [ 53DCA61931847E35C950504BFB7559C6, 3F57CE29B52D32F7061407B63C4A9786F5B623E9F9F1121B02182DE044110D08 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
21:02:22.0412 0x0af0 HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
21:02:22.0412 0x0af0 Detect skipped due to KSN trusted
21:02:22.0412 0x0af0 HP LaserJet Service - ok
21:02:22.0412 0x0af0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:02:22.0427 0x0af0 HpSAMD - ok
21:02:22.0458 0x0af0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:02:22.0490 0x0af0 HTTP - ok
21:02:22.0490 0x0af0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:02:22.0505 0x0af0 hwpolicy - ok
21:02:22.0505 0x0af0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:02:22.0521 0x0af0 i8042prt - ok
21:02:22.0552 0x0af0 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:02:22.0568 0x0af0 iaStor - ok
21:02:22.0599 0x0af0 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:02:22.0599 0x0af0 IAStorDataMgrSvc - ok
21:02:22.0614 0x0af0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:02:22.0630 0x0af0 iaStorV - ok
21:02:22.0677 0x0af0 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:02:22.0677 0x0af0 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:02:22.0677 0x0af0 Detect skipped due to KSN trusted
21:02:22.0677 0x0af0 IDriverT - ok
21:02:22.0708 0x0af0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:02:22.0724 0x0af0 idsvc - ok
21:02:22.0724 0x0af0 IEEtwCollectorService - ok
21:02:22.0739 0x0af0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:02:22.0739 0x0af0 iirsp - ok
21:02:22.0770 0x0af0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:02:22.0802 0x0af0 IKEEXT - ok
21:02:22.0864 0x0af0 [ C7124DA48E557D8F88D0D7F1254557F4, 300BC8ACB5CCB15F80ECAEAD27F12925EE94C84FE8110143A3E0F30E19DDA87B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:02:22.0926 0x0af0 IntcAzAudAddService - ok
21:02:22.0942 0x0af0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:02:22.0942 0x0af0 intelide - ok
21:02:22.0958 0x0af0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:02:22.0973 0x0af0 intelppm - ok
21:02:22.0989 0x0af0 [ A01C412699B6F21645B2885C2BAE4454, EA85BBE63D6F66F7EFEE7007E770AF820D57F914C7F179C5FEE3EF2845F19C41 ] IOMap C:\Windows\system32\drivers\IOMap64.sys
21:02:23.0004 0x0af0 IOMap - ok
21:02:23.0020 0x0af0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:02:23.0051 0x0af0 IPBusEnum - ok
21:02:23.0051 0x0af0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:02:23.0082 0x0af0 IpFilterDriver - ok
21:02:23.0114 0x0af0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:02:23.0145 0x0af0 iphlpsvc - ok
21:02:23.0145 0x0af0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:02:23.0160 0x0af0 IPMIDRV - ok
21:02:23.0160 0x0af0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:02:23.0192 0x0af0 IPNAT - ok
21:02:23.0192 0x0af0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:02:23.0207 0x0af0 IRENUM - ok
21:02:23.0223 0x0af0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:02:23.0223 0x0af0 isapnp - ok
21:02:23.0254 0x0af0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:02:23.0254 0x0af0 iScsiPrt - ok
21:02:23.0270 0x0af0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:02:23.0270 0x0af0 kbdclass - ok
21:02:23.0285 0x0af0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:02:23.0285 0x0af0 kbdhid - ok
21:02:23.0301 0x0af0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
21:02:23.0301 0x0af0 KeyIso - ok
21:02:23.0316 0x0af0 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:02:23.0332 0x0af0 KSecDD - ok
21:02:23.0348 0x0af0 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:02:23.0348 0x0af0 KSecPkg - ok
21:02:23.0348 0x0af0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:02:23.0379 0x0af0 ksthunk - ok
21:02:23.0394 0x0af0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:02:23.0410 0x0af0 KtmRm - ok
21:02:23.0441 0x0af0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:02:23.0457 0x0af0 LanmanServer - ok
21:02:23.0488 0x0af0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:02:23.0504 0x0af0 LanmanWorkstation - ok
21:02:23.0550 0x0af0 [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:02:23.0566 0x0af0 LBTServ - ok
21:02:23.0582 0x0af0 [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:02:23.0582 0x0af0 LHidFilt - ok
21:02:23.0582 0x0af0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:02:23.0613 0x0af0 lltdio - ok
21:02:23.0628 0x0af0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:02:23.0660 0x0af0 lltdsvc - ok
21:02:23.0691 0x0af0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:02:23.0706 0x0af0 lmhosts - ok
21:02:23.0706 0x0af0 [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:02:23.0706 0x0af0 LMouFilt - ok
21:02:23.0722 0x0af0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:02:23.0738 0x0af0 LSI_FC - ok
21:02:23.0738 0x0af0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:02:23.0753 0x0af0 LSI_SAS - ok
21:02:23.0753 0x0af0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:02:23.0769 0x0af0 LSI_SAS2 - ok
21:02:23.0769 0x0af0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:02:23.0769 0x0af0 LSI_SCSI - ok
21:02:23.0784 0x0af0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:02:23.0800 0x0af0 luafv - ok
21:02:23.0816 0x0af0 [ 9659AA75AC920EF6393B8CF77E21D1B9, 76706516DF281B48ABB2A43CA81B6EA0551937BE1C21AEA0A522AA717C27FD0A ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
21:02:23.0816 0x0af0 LUsbFilt - ok
21:02:23.0831 0x0af0 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
21:02:23.0831 0x0af0 MBfilt - ok
21:02:23.0862 0x0af0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:02:23.0862 0x0af0 Mcx2Svc - ok
21:02:23.0878 0x0af0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:02:23.0878 0x0af0 megasas - ok
21:02:23.0894 0x0af0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:02:23.0909 0x0af0 MegaSR - ok
21:02:23.0925 0x0af0 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:02:23.0925 0x0af0 MEIx64 - ok
21:02:23.0940 0x0af0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:02:23.0956 0x0af0 MMCSS - ok
21:02:23.0987 0x0af0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:02:24.0003 0x0af0 Modem - ok
21:02:24.0018 0x0af0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:02:24.0034 0x0af0 monitor - ok
21:02:24.0050 0x0af0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:02:24.0050 0x0af0 mouclass - ok
21:02:24.0065 0x0af0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:02:24.0065 0x0af0 mouhid - ok
21:02:24.0081 0x0af0 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:02:24.0096 0x0af0 mountmgr - ok
21:02:24.0128 0x0af0 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:02:24.0128 0x0af0 MozillaMaintenance - ok
21:02:24.0159 0x0af0 [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:02:24.0159 0x0af0 MpFilter - ok
21:02:24.0174 0x0af0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:02:24.0190 0x0af0 mpio - ok
21:02:24.0206 0x0af0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:02:24.0237 0x0af0 mpsdrv - ok
21:02:24.0268 0x0af0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:02:24.0299 0x0af0 MpsSvc - ok
21:02:24.0315 0x0af0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:02:24.0330 0x0af0 MRxDAV - ok
21:02:24.0362 0x0af0 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:02:24.0377 0x0af0 mrxsmb - ok
21:02:24.0393 0x0af0 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:02:24.0408 0x0af0 mrxsmb10 - ok
21:02:24.0440 0x0af0 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:02:24.0455 0x0af0 mrxsmb20 - ok
21:02:24.0471 0x0af0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:02:24.0471 0x0af0 msahci - ok
21:02:24.0486 0x0af0 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
21:02:24.0502 0x0af0 MSCamSvc - ok
21:02:24.0502 0x0af0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:02:24.0518 0x0af0 msdsm - ok
21:02:24.0533 0x0af0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:02:24.0533 0x0af0 MSDTC - ok
21:02:24.0549 0x0af0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:02:24.0564 0x0af0 Msfs - ok
21:02:24.0580 0x0af0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:02:24.0611 0x0af0 mshidkmdf - ok
21:02:24.0611 0x0af0 [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
21:02:24.0627 0x0af0 MSHUSBVideo - ok
21:02:24.0627 0x0af0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:02:24.0642 0x0af0 msisadrv - ok
21:02:24.0658 0x0af0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:02:24.0674 0x0af0 MSiSCSI - ok
21:02:24.0674 0x0af0 msiserver - ok
21:02:24.0689 0x0af0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:02:24.0705 0x0af0 MSKSSRV - ok
21:02:24.0736 0x0af0 [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:02:24.0736 0x0af0 MsMpSvc - ok
21:02:24.0752 0x0af0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:02:24.0767 0x0af0 MSPCLOCK - ok
21:02:24.0767 0x0af0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:02:24.0798 0x0af0 MSPQM - ok
21:02:24.0814 0x0af0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:02:24.0830 0x0af0 MsRPC - ok
21:02:24.0830 0x0af0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:02:24.0845 0x0af0 mssmbios - ok
21:02:24.0845 0x0af0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:02:24.0861 0x0af0 MSTEE - ok
21:02:24.0876 0x0af0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:02:24.0892 0x0af0 MTConfig - ok
21:02:24.0908 0x0af0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:02:24.0908 0x0af0 Mup - ok
21:02:24.0939 0x0af0 [ 4FAD606C7AEB336E5AA4A005DE09CA80, 5BF117B7B369ED13ADEE262B19169FF63356B60C482BF24DC4A0B0741C77B996 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
21:02:24.0939 0x0af0 mv91xx - ok
21:02:24.0970 0x0af0 [ E590F14F36617533091BC1DDCF80E8AE, 3EBA1EFBA37A429893C253DE21DF5FD46723C6C79679868E512D65CFF6963048 ] mvusbews C:\Windows\system32\Drivers\mvusbews.sys
21:02:24.0986 0x0af0 mvusbews - ok
21:02:25.0001 0x0af0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:02:25.0032 0x0af0 napagent - ok
21:02:25.0048 0x0af0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:02:25.0064 0x0af0 NativeWifiP - ok
21:02:25.0095 0x0af0 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:02:25.0110 0x0af0 NDIS - ok
21:02:25.0126 0x0af0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:02:25.0142 0x0af0 NdisCap - ok
21:02:25.0173 0x0af0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:02:25.0204 0x0af0 NdisTapi - ok
21:02:25.0220 0x0af0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:02:25.0251 0x0af0 Ndisuio - ok
21:02:25.0266 0x0af0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:02:25.0282 0x0af0 NdisWan - ok
21:02:25.0282 0x0af0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:02:25.0313 0x0af0 NDProxy - ok
21:02:25.0313 0x0af0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:02:25.0329 0x0af0 NetBIOS - ok
21:02:25.0344 0x0af0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:02:25.0376 0x0af0 NetBT - ok
21:02:25.0391 0x0af0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
21:02:25.0391 0x0af0 Netlogon - ok
21:02:25.0422 0x0af0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:02:25.0454 0x0af0 Netman - ok
21:02:25.0485 0x0af0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:02:25.0500 0x0af0 NetMsmqActivator - ok
21:02:25.0500 0x0af0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:02:25.0500 0x0af0 NetPipeActivator - ok
21:02:25.0516 0x0af0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:02:25.0547 0x0af0 netprofm - ok
21:02:25.0563 0x0af0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:02:25.0563 0x0af0 NetTcpActivator - ok
21:02:25.0578 0x0af0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:02:25.0578 0x0af0 NetTcpPortSharing - ok
21:02:25.0594 0x0af0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:02:25.0594 0x0af0 nfrd960 - ok
21:02:25.0610 0x0af0 [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:02:25.0625 0x0af0 NisDrv - ok
21:02:25.0641 0x0af0 [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:02:25.0656 0x0af0 NisSrv - ok
21:02:25.0688 0x0af0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:02:25.0719 0x0af0 NlaSvc - ok
21:02:25.0750 0x0af0 [ 6E25BE911475B925A257D947A6DA07A9, 99E06AFE56C4F2D0850A570825A8D98BE0BFDBB44C6FD18D60AF34BB7A3BB38E ] NoIPDUCService4 C:\Program Files (x86)\No-IP\ducservice.exe
21:02:25.0750 0x0af0 NoIPDUCService4 - detected UnsignedFile.Multi.Generic ( 1 )
21:02:25.0750 0x0af0 Detect skipped due to KSN trusted
21:02:25.0750 0x0af0 NoIPDUCService4 - ok
21:02:25.0750 0x0af0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:02:25.0781 0x0af0 Npfs - ok
21:02:25.0781 0x0af0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:02:25.0812 0x0af0 nsi - ok
21:02:25.0828 0x0af0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:02:25.0844 0x0af0 nsiproxy - ok
21:02:25.0906 0x0af0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:02:25.0937 0x0af0 Ntfs - ok
21:02:25.0937 0x0af0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:02:25.0968 0x0af0 Null - ok
21:02:26.0000 0x0af0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:02:26.0000 0x0af0 nvraid - ok
21:02:26.0015 0x0af0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:02:26.0031 0x0af0 nvstor - ok
21:02:26.0046 0x0af0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:02:26.0046 0x0af0 nv_agp - ok
21:02:26.0046 0x0af0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:02:26.0062 0x0af0 ohci1394 - ok
21:02:26.0109 0x0af0 [ 86D9EAFF4EF368E3C39C4C8FACAB6BDF, 2B43876A1B5B1B941D13EB015E90EBE3AE4F633FC2344AF6CE384E8FCB6A99E1 ] OneTouch 4.0 Monitor C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
21:02:26.0124 0x0af0 OneTouch 4.0 Monitor - detected UnsignedFile.Multi.Generic ( 1 )
21:02:26.0124 0x0af0 Detect skipped due to KSN trusted
21:02:26.0124 0x0af0 OneTouch 4.0 Monitor - ok
21:02:26.0140 0x0af0 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:02:26.0156 0x0af0 ose64 - ok
21:02:26.0280 0x0af0 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:02:26.0358 0x0af0 osppsvc - ok
21:02:26.0390 0x0af0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:02:26.0421 0x0af0 p2pimsvc - ok
21:02:26.0436 0x0af0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:02:26.0452 0x0af0 p2psvc - ok
21:02:26.0452 0x0af0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:02:26.0468 0x0af0 Parport - ok
21:02:26.0483 0x0af0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:02:26.0499 0x0af0 partmgr - ok
21:02:26.0514 0x0af0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:02:26.0530 0x0af0 PcaSvc - ok
21:02:26.0546 0x0af0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:02:26.0561 0x0af0 pci - ok
21:02:26.0577 0x0af0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:02:26.0577 0x0af0 pciide - ok
21:02:26.0592 0x0af0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:02:26.0608 0x0af0 pcmcia - ok
21:02:26.0608 0x0af0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:02:26.0624 0x0af0 pcw - ok
21:02:26.0655 0x0af0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:02:26.0670 0x0af0 PEAUTH - ok
21:02:26.0717 0x0af0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:02:26.0764 0x0af0 PeerDistSvc - ok
21:02:26.0826 0x0af0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:02:26.0826 0x0af0 PerfHost - ok
21:02:26.0858 0x0af0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:02:26.0904 0x0af0 pla - ok
21:02:26.0936 0x0af0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:02:26.0951 0x0af0 PlugPlay - ok
21:02:26.0967 0x0af0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:02:26.0982 0x0af0 PNRPAutoReg - ok
21:02:26.0998 0x0af0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:02:27.0014 0x0af0 PNRPsvc - ok
21:02:27.0029 0x0af0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:02:27.0060 0x0af0 PolicyAgent - ok
21:02:27.0076 0x0af0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:02:27.0107 0x0af0 Power - ok
21:02:27.0123 0x0af0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:02:27.0138 0x0af0 PptpMiniport - ok
21:02:27.0154 0x0af0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:02:27.0170 0x0af0 Processor - ok
21:02:27.0185 0x0af0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:02:27.0232 0x0af0 ProfSvc - ok
21:02:27.0232 0x0af0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:02:27.0232 0x0af0 ProtectedStorage - ok
21:02:27.0248 0x0af0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:02:27.0279 0x0af0 Psched - ok
21:02:27.0310 0x0af0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:02:27.0341 0x0af0 ql2300 - ok
21:02:27.0357 0x0af0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:02:27.0357 0x0af0 ql40xx - ok
21:02:27.0388 0x0af0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:02:27.0404 0x0af0 QWAVE - ok
21:02:27.0419 0x0af0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:02:27.0435 0x0af0 QWAVEdrv - ok
21:02:27.0450 0x0af0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:02:27.0466 0x0af0 RasAcd - ok
21:02:27.0482 0x0af0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:02:27.0497 0x0af0 RasAgileVpn - ok
21:02:27.0513 0x0af0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:02:27.0544 0x0af0 RasAuto - ok
21:02:27.0560 0x0af0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:02:27.0575 0x0af0 Rasl2tp - ok
21:02:27.0591 0x0af0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:02:27.0622 0x0af0 RasMan - ok
21:02:27.0638 0x0af0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:02:27.0653 0x0af0 RasPppoe - ok
21:02:27.0669 0x0af0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:02:27.0684 0x0af0 RasSstp - ok
21:02:27.0700 0x0af0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:02:27.0731 0x0af0 rdbss - ok
21:02:27.0731 0x0af0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:02:27.0747 0x0af0 rdpbus - ok
21:02:27.0762 0x0af0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:02:27.0794 0x0af0 RDPCDD - ok
21:02:27.0809 0x0af0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:02:27.0825 0x0af0 RDPDR - ok
21:02:27.0825 0x0af0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:02:27.0840 0x0af0 RDPENCDD - ok
21:02:27.0856 0x0af0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:02:27.0887 0x0af0 RDPREFMP - ok
21:02:27.0918 0x0af0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:02:27.0950 0x0af0 RdpVideoMiniport - ok
21:02:27.0981 0x0af0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:02:28.0012 0x0af0 RDPWD - ok
21:02:28.0028 0x0af0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:02:28.0028 0x0af0 rdyboost - ok
21:02:28.0043 0x0af0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:02:28.0059 0x0af0 RemoteAccess - ok
21:02:28.0074 0x0af0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:02:28.0090 0x0af0 RemoteRegistry - ok
21:02:28.0106 0x0af0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:02:28.0121 0x0af0 RpcEptMapper - ok
21:02:28.0137 0x0af0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:02:28.0152 0x0af0 RpcLocator - ok
21:02:28.0168 0x0af0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:02:28.0184 0x0af0 RpcSs - ok
21:02:28.0199 0x0af0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:02:28.0230 0x0af0 rspndr - ok
21:02:28.0246 0x0af0 [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:02:28.0262 0x0af0 RTL8167 - ok
21:02:28.0277 0x0af0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:02:28.0277 0x0af0 s3cap - ok
21:02:28.0293 0x0af0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
21:02:28.0293 0x0af0 SamSs - ok
21:02:28.0308 0x0af0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:02:28.0324 0x0af0 sbp2port - ok
21:02:28.0324 0x0af0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:02:28.0355 0x0af0 SCardSvr - ok
21:02:28.0371 0x0af0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:02:28.0386 0x0af0 scfilter - ok
21:02:28.0433 0x0af0 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:02:28.0480 0x0af0 Schedule - ok
21:02:28.0496 0x0af0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:02:28.0511 0x0af0 SCPolicySvc - ok
21:02:28.0527 0x0af0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:02:28.0558 0x0af0 SDRSVC - ok
21:02:28.0558 0x0af0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:02:28.0574 0x0af0 secdrv - ok
21:02:28.0589 0x0af0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:02:28.0605 0x0af0 seclogon - ok
21:02:28.0605 0x0af0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:02:28.0636 0x0af0 SENS - ok
21:02:28.0652 0x0af0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:02:28.0667 0x0af0 SensrSvc - ok
21:02:28.0683 0x0af0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:02:28.0683 0x0af0 Serenum - ok
21:02:28.0698 0x0af0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:02:28.0698 0x0af0 Serial - ok
21:02:28.0714 0x0af0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:02:28.0730 0x0af0 sermouse - ok
21:02:28.0745 0x0af0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:02:28.0776 0x0af0 SessionEnv - ok
21:02:28.0792 0x0af0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:02:28.0808 0x0af0 sffdisk - ok
21:02:28.0808 0x0af0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:02:28.0823 0x0af0 sffp_mmc - ok
21:02:28.0823 0x0af0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:02:28.0823 0x0af0 sffp_sd - ok
21:02:28.0839 0x0af0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:02:28.0854 0x0af0 sfloppy - ok
21:02:28.0870 0x0af0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:02:28.0901 0x0af0 SharedAccess - ok
21:02:28.0917 0x0af0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:02:28.0948 0x0af0 ShellHWDetection - ok
21:02:28.0948 0x0af0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:02:28.0964 0x0af0 SiSRaid2 - ok
21:02:28.0979 0x0af0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:02:28.0979 0x0af0 SiSRaid4 - ok
21:02:28.0995 0x0af0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:02:29.0010 0x0af0 Smb - ok
21:02:29.0026 0x0af0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:02:29.0026 0x0af0 SNMPTRAP - ok
21:02:29.0042 0x0af0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:02:29.0042 0x0af0 spldr - ok
21:02:29.0073 0x0af0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:02:29.0088 0x0af0 Spooler - ok
21:02:29.0166 0x0af0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:02:29.0244 0x0af0 sppsvc - ok
21:02:29.0260 0x0af0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:02:29.0291 0x0af0 sppuinotify - ok
21:02:29.0307 0x0af0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:02:29.0338 0x0af0 srv - ok
21:02:29.0354 0x0af0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:02:29.0369 0x0af0 srv2 - ok
21:02:29.0385 0x0af0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:02:29.0416 0x0af0 srvnet - ok
21:02:29.0432 0x0af0 [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
21:02:29.0447 0x0af0 ssadbus - ok
21:02:29.0463 0x0af0 [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:02:29.0478 0x0af0 ssadmdfl - ok
21:02:29.0510 0x0af0 [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
21:02:29.0510 0x0af0 ssadmdm - ok
21:02:29.0525 0x0af0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:02:29.0556 0x0af0 SSDPSRV - ok
21:02:29.0572 0x0af0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:02:29.0588 0x0af0 SstpSvc - ok
21:02:29.0619 0x0af0 [ C692C94FE55CAD0633440236022C27B3, 9A21E9B2EB96DC8C58DE060EEAFC2FD71AB9C539039DAAD5F7380556E2D1D69B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:02:29.0634 0x0af0 ssudmdm - ok
21:02:29.0681 0x0af0 [ 9A5444C8F06477EFD8B6A4B64748DF76, 19D90A266118A842B8E26B783466C4551A35A9F2F2F9B4B3CF14735D03D861BA ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:02:34.0424 0x0af0 Steam Client Service - ok
21:02:34.0439 0x0af0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:02:34.0439 0x0af0 stexstor - ok
21:02:34.0470 0x0af0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:02:34.0486 0x0af0 stisvc - ok
21:02:34.0502 0x0af0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:02:34.0502 0x0af0 storflt - ok
21:02:34.0517 0x0af0 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:02:34.0533 0x0af0 StorSvc - ok
21:02:34.0548 0x0af0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:02:34.0548 0x0af0 storvsc - ok
21:02:34.0564 0x0af0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:02:34.0564 0x0af0 swenum - ok
21:02:34.0580 0x0af0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:02:34.0611 0x0af0 swprv - ok
21:02:34.0673 0x0af0 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:02:34.0720 0x0af0 SysMain - ok
21:02:34.0720 0x0af0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:02:34.0751 0x0af0 TabletInputService - ok
21:02:34.0767 0x0af0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:02:34.0782 0x0af0 TapiSrv - ok
21:02:34.0798 0x0af0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:02:34.0829 0x0af0 TBS - ok
21:02:34.0876 0x0af0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:02:34.0923 0x0af0 Tcpip - ok
21:02:34.0970 0x0af0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:02:35.0001 0x0af0 TCPIP6 - ok
21:02:35.0016 0x0af0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:02:35.0032 0x0af0 tcpipreg - ok
21:02:35.0048 0x0af0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:02:35.0063 0x0af0 TDPIPE - ok
21:02:35.0094 0x0af0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:02:35.0110 0x0af0 TDTCP - ok
21:02:35.0126 0x0af0 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:02:35.0141 0x0af0 tdx - ok
21:02:35.0157 0x0af0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:02:35.0157 0x0af0 TermDD - ok
21:02:35.0204 0x0af0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:02:35.0235 0x0af0 TermService - ok
21:02:35.0250 0x0af0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:02:35.0250 0x0af0 Themes - ok
21:02:35.0266 0x0af0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:02:35.0282 0x0af0 THREADORDER - ok
21:02:35.0297 0x0af0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:02:35.0328 0x0af0 TrkWks - ok
21:02:35.0328 0x0af0 [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
21:02:35.0344 0x0af0 TrueSight - ok
21:02:35.0360 0x0af0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:02:35.0391 0x0af0 TrustedInstaller - ok
21:02:35.0406 0x0af0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:02:35.0422 0x0af0 tssecsrv - ok
21:02:35.0438 0x0af0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:02:35.0469 0x0af0 TsUsbFlt - ok
21:02:35.0484 0x0af0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:02:35.0500 0x0af0 TsUsbGD - ok
21:02:35.0516 0x0af0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:02:35.0531 0x0af0 tunnel - ok
21:02:35.0531 0x0af0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:02:35.0547 0x0af0 uagp35 - ok
21:02:35.0547 0x0af0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:02:35.0578 0x0af0 udfs - ok
21:02:35.0594 0x0af0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:02:35.0594 0x0af0 UI0Detect - ok
21:02:35.0609 0x0af0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:02:35.0609 0x0af0 uliagpkx - ok
21:02:35.0625 0x0af0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:02:35.0640 0x0af0 umbus - ok
21:02:35.0656 0x0af0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:02:35.0656 0x0af0 UmPass - ok
21:02:35.0672 0x0af0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:02:35.0687 0x0af0 UmRdpService - ok
21:02:35.0703 0x0af0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:02:35.0734 0x0af0 upnphost - ok
21:02:35.0750 0x0af0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:02:35.0765 0x0af0 usbaudio - ok
21:02:35.0796 0x0af0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:02:35.0812 0x0af0 usbccgp - ok
21:02:35.0828 0x0af0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:02:35.0843 0x0af0 usbcir - ok
21:02:35.0859 0x0af0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:02:35.0874 0x0af0 usbehci - ok
21:02:35.0874 0x0af0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:02:35.0890 0x0af0 usbhub - ok
21:02:35.0906 0x0af0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:02:35.0921 0x0af0 usbohci - ok
21:02:35.0937 0x0af0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:02:35.0937 0x0af0 usbprint - ok
21:02:35.0952 0x0af0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
21:02:35.0952 0x0af0 usbscan - ok
21:02:35.0984 0x0af0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:02:35.0999 0x0af0 USBSTOR - ok
21:02:36.0015 0x0af0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:02:36.0030 0x0af0 usbuhci - ok
21:02:36.0046 0x0af0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:02:36.0062 0x0af0 usbvideo - ok
21:02:36.0077 0x0af0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:02:36.0093 0x0af0 UxSms - ok
21:02:36.0093 0x0af0 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
21:02:36.0108 0x0af0 VaultSvc - ok
21:02:36.0140 0x0af0 [ AD6D273E646B94BB6668C8CB439CFBD3, 0B9218E121280FA39932BF30B0B92D887EADFF6C42B56786A2BF133248B92A09 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
21:02:36.0140 0x0af0 VBoxDrv - ok
21:02:36.0155 0x0af0 [ B0A8C5BC95689A130F9E05492341833D, 8DDC6D77B0541813919B685D2DFCDFA4F752F8DD99400DA87523F8D2E9D72D27 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:02:36.0171 0x0af0 VBoxNetAdp - ok
21:02:36.0186 0x0af0 [ 2966838EDAFBEB2819D127BF7D23F27B, F7ED1A0FDFA1B655315A3BC5630F59DDD7DD5BED8ABB7679ED5390F9A8B3B303 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
21:02:36.0186 0x0af0 VBoxNetFlt - ok
21:02:36.0218 0x0af0 [ E5C140160617B2B0545B4051AA9507FF, 3BC0A0CA1BD510FCFDD8222B05A370903B15DC06C4277A5F0BA95A6382970978 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
21:02:36.0218 0x0af0 VBoxUSBMon - ok
21:02:36.0233 0x0af0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:02:36.0233 0x0af0 vdrvroot - ok
21:02:36.0264 0x0af0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:02:36.0296 0x0af0 vds - ok
21:02:36.0296 0x0af0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:02:36.0311 0x0af0 vga - ok
21:02:36.0311 0x0af0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:02:36.0327 0x0af0 VgaSave - ok
21:02:36.0342 0x0af0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:02:36.0358 0x0af0 vhdmp - ok
21:02:36.0358 0x0af0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:02:36.0374 0x0af0 viaide - ok
21:02:36.0389 0x0af0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:02:36.0389 0x0af0 vmbus - ok
21:02:36.0405 0x0af0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:02:36.0420 0x0af0 VMBusHID - ok
21:02:36.0436 0x0af0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:02:36.0436 0x0af0 volmgr - ok
21:02:36.0452 0x0af0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:02:36.0467 0x0af0 volmgrx - ok
21:02:36.0467 0x0af0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:02:36.0483 0x0af0 volsnap - ok
21:02:36.0498 0x0af0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:02:36.0498 0x0af0 vsmraid - ok
21:02:36.0545 0x0af0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:02:36.0592 0x0af0 VSS - ok
21:02:36.0608 0x0af0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:02:36.0608 0x0af0 vwifibus - ok
21:02:36.0623 0x0af0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:02:36.0654 0x0af0 W32Time - ok
21:02:36.0670 0x0af0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:02:36.0670 0x0af0 WacomPen - ok
21:02:36.0686 0x0af0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:02:36.0701 0x0af0 WANARP - ok
21:02:36.0701 0x0af0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:02:36.0732 0x0af0 Wanarpv6 - ok
21:02:36.0779 0x0af0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:02:36.0795 0x0af0 WatAdminSvc - ok
21:02:36.0842 0x0af0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:02:36.0873 0x0af0 wbengine - ok
21:02:36.0888 0x0af0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:02:36.0920 0x0af0 WbioSrvc - ok
21:02:36.0920 0x0af0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:02:36.0951 0x0af0 wcncsvc - ok
21:02:36.0966 0x0af0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:02:36.0982 0x0af0 WcsPlugInService - ok
21:02:36.0998 0x0af0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:02:36.0998 0x0af0 Wd - ok
21:02:37.0029 0x0af0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:02:37.0044 0x0af0 Wdf01000 - ok
21:02:37.0060 0x0af0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:02:37.0122 0x0af0 WdiServiceHost - ok
21:02:37.0122 0x0af0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:02:37.0138 0x0af0 WdiSystemHost - ok
21:02:37.0154 0x0af0 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
21:02:37.0185 0x0af0 WebClient - ok
21:02:37.0200 0x0af0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:02:37.0216 0x0af0 Wecsvc - ok
21:02:37.0247 0x0af0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:02:37.0263 0x0af0 wercplsupport - ok
21:02:37.0278 0x0af0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:02:37.0294 0x0af0 WerSvc - ok
21:02:37.0310 0x0af0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:02:37.0325 0x0af0 WfpLwf - ok
21:02:37.0341 0x0af0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:02:37.0356 0x0af0 WIMMount - ok
21:02:37.0372 0x0af0 WinDefend - ok
21:02:37.0372 0x0af0 WinHttpAutoProxySvc - ok
21:02:37.0403 0x0af0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:02:37.0419 0x0af0 Winmgmt - ok
21:02:37.0481 0x0af0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
21:02:37.0528 0x0af0 WinRM - ok
21:02:37.0544 0x0af0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:02:37.0559 0x0af0 WinUsb - ok
21:02:37.0590 0x0af0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:02:37.0622 0x0af0 Wlansvc - ok
21:02:37.0809 0x0af0 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:02:37.0856 0x0af0 wlidsvc - ok
21:02:37.0856 0x0af0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:02:37.0871 0x0af0 WmiAcpi - ok
21:02:37.0887 0x0af0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:02:37.0887 0x0af0 wmiApSrv - ok
21:02:37.0887 0x0af0 WMPNetworkSvc - ok
21:02:37.0902 0x0af0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:02:37.0934 0x0af0 WPCSvc - ok
21:02:37.0934 0x0af0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:02:37.0949 0x0af0 WPDBusEnum - ok
21:02:37.0949 0x0af0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:02:37.0980 0x0af0 ws2ifsl - ok
21:02:37.0980 0x0af0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:02:37.0996 0x0af0 wscsvc - ok
21:02:37.0996 0x0af0 WSearch - ok
21:02:38.0074 0x0af0 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
21:02:38.0136 0x0af0 wuauserv - ok
21:02:38.0152 0x0af0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:02:38.0168 0x0af0 WudfPf - ok
21:02:38.0183 0x0af0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:02:38.0199 0x0af0 WUDFRd - ok
21:02:38.0214 0x0af0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:02:38.0230 0x0af0 wudfsvc - ok
21:02:38.0246 0x0af0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:02:38.0261 0x0af0 WwanSvc - ok
21:02:38.0261 0x0af0 ================ Scan global ===============================
21:02:38.0292 0x0af0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:02:38.0308 0x0af0 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
21:02:38.0308 0x0af0 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
21:02:38.0339 0x0af0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:02:38.0355 0x0af0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:02:38.0355 0x0af0 [ Global ] - ok
21:02:38.0355 0x0af0 ================ Scan MBR ==================================
21:02:38.0370 0x0af0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:02:38.0542 0x0af0 \Device\Harddisk0\DR0 - ok
21:02:38.0542 0x0af0 ================ Scan VBR ==================================
21:02:38.0542 0x0af0 [ 9260155BDC7C369121FD4779BA12DE97 ] \Device\Harddisk0\DR0\Partition1
21:02:38.0589 0x0af0 \Device\Harddisk0\DR0\Partition1 - ok
21:02:38.0589 0x0af0 [ 64117C5665B9EE886222D852FE39E213 ] \Device\Harddisk0\DR0\Partition2
21:02:38.0636 0x0af0 \Device\Harddisk0\DR0\Partition2 - ok
21:02:38.0636 0x0af0 [ 810A3967FA8F75D1FE962B4E0A535D07 ] \Device\Harddisk0\DR0\Partition3
21:02:38.0667 0x0af0 \Device\Harddisk0\DR0\Partition3 - ok
21:02:38.0667 0x0af0 ================ Scan generic autorun ======================
21:02:38.0916 0x0af0 [ 7180CC6A80918BB5F9A50F6FFF51AC33, 5D1FF27BB2AE0F3A722F396D4E0E4E7EBCEF806B49533D2292AFB8C7529CBBC6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:02:39.0104 0x0af0 RTHDVCPL - ok
21:02:39.0166 0x0af0 [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
21:02:39.0197 0x0af0 MSC - ok
21:02:39.0275 0x0af0 [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
21:02:39.0322 0x0af0 EvtMgr6 - ok
21:02:39.0353 0x0af0 [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
21:02:39.0369 0x0af0 IAStorIcon - ok
21:02:39.0400 0x0af0 [ 7F271833DF826333F8EFB1EB4DEB2F39, F790791269BC6941DC61686C623DD9477F3C6A56EFBAEC025ECF31431010B614 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:02:39.0416 0x0af0 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
21:02:39.0416 0x0af0 Detect skipped due to KSN trusted
21:02:39.0416 0x0af0 StartCCC - ok
21:02:39.0447 0x0af0 [ FE248A991DC14D2E5FACF7729BF88B23, 727C7260AC106BC32226B55205D3552368990DFEAFC860149110C09E1F76CBE2 ] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
21:02:39.0462 0x0af0 ASUSGamerOSD - detected UnsignedFile.Multi.Generic ( 1 )
21:02:39.0462 0x0af0 Detect skipped due to KSN trusted
21:02:39.0462 0x0af0 ASUSGamerOSD - ok
21:02:39.0494 0x0af0 [ 5944DC25A337F489679388E3308DD6AC, 0CC6F129B67DAE67DE0278AA68AFA6597EACA1521E19099109DEFCB0D386FCA1 ] C:\Program Files (x86)\Winamp\winampa.exe
21:02:39.0494 0x0af0 WinampAgent - detected UnsignedFile.Multi.Generic ( 1 )
21:02:39.0494 0x0af0 Detect skipped due to KSN trusted
21:02:39.0494 0x0af0 WinampAgent - ok
21:02:39.0525 0x0af0 [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
21:02:39.0540 0x0af0 LifeCam - ok
21:02:39.0634 0x0af0 [ BBA5F685CC03C5B4D43DC1EFB7ACC653, 325108E4751C82D370C3B450669C702DC4663AB631EBA3597D37E77CDE30652E ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
21:02:39.0681 0x0af0 KiesTrayAgent - ok
21:02:39.0743 0x0af0 CitrixReceiver - ok
21:02:39.0806 0x0af0 [ 2EBE05FD8ECBA5F230FC26E534E91A11, B8E85D51BD4E6C0D4D447DFA327EAA0AE4A33F04F42063A58122153933C1770E ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
21:02:39.0821 0x0af0 ConnectionCenter - ok
21:02:39.0837 0x0af0 [ 17D9622BFE68386E8C647C4C7F8FEA3E, 50F943F2E47512DCE61A9EBB188361CB71CACC74D9397FA1367AB7112F2C7A09 ] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
21:02:39.0852 0x0af0 Redirector - ok
21:02:39.0868 0x0af0 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:02:39.0884 0x0af0 APSDaemon - ok
21:02:39.0915 0x0af0 [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
21:02:39.0946 0x0af0 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
21:02:39.0946 0x0af0 Detect skipped due to KSN trusted
21:02:39.0946 0x0af0 QuickTime Task - ok
21:02:39.0962 0x0af0 [ B88D8AA53CC8E67C13B9D6BF5B49A8E3, F90E00731872CD8071A968F2121084A7AC85E781AFDBCD1A7D47CB1CA57758F5 ] C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe
21:02:39.0977 0x0af0 InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707 - ok
21:02:40.0008 0x0af0 [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
21:02:40.0008 0x0af0 amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
21:02:40.0008 0x0af0 Detect skipped due to KSN trusted
21:02:40.0008 0x0af0 amd_dc_opt - ok
21:02:40.0055 0x0af0 [ BDFE0D7AC114A3C0986B09468D841100, 9FC2342D24F92EB731D905795A7B38EEF2B8084D29B1407796F6BAC9E3772BC3 ] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
21:02:40.0055 0x0af0 HPUsageTrackingLEDM - ok
21:02:40.0086 0x0af0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:02:40.0118 0x0af0 Sidebar - ok
21:02:40.0133 0x0af0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:02:40.0149 0x0af0 mctadmin - ok
21:02:40.0180 0x0af0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:02:40.0211 0x0af0 Sidebar - ok
21:02:40.0211 0x0af0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:02:40.0227 0x0af0 mctadmin - ok
21:02:40.0227 0x0af0 KiesAirMessage - ok
21:02:40.0242 0x0af0 [ BAD288309D60BCC105A844F4A03E8A74, 326EEABDB0C5D985AD0E49A037C4F888E00A2FD7AC4FC89E60DD88D105874AC6 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
21:02:40.0242 0x0af0 KiesPDLR - ok
21:02:40.0305 0x0af0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
21:02:40.0305 0x0af0 Google Update - ok
21:02:40.0352 0x0af0 [ 331F2281EF2094D8A23AF219FD9E759A, F8106B2B70A9055B618F5496AE701D8DB577B315311C2BE583870E031F727823 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
21:02:40.0367 0x0af0 KiesPreload - ok
21:02:40.0398 0x0af0 [ 9A6BED0E491E76B1DCB5016CB9E5A747, 325B5A7F1CD6CFD8B738E7887DB4CC17860565465A92840017F7DE311ACEA6DF ] C:\Program Files (x86)\No-IP\DUC40.exe
21:02:40.0398 0x0af0 NoIPDUCv4 - detected UnsignedFile.Multi.Generic ( 1 )
21:02:40.0398 0x0af0 Detect skipped due to KSN trusted
21:02:40.0398 0x0af0 NoIPDUCv4 - ok
21:02:40.0445 0x0af0 [ 7A2870C2A8283B3630BF7670D0362B94, A36AA6F2A78DF3E66ACA484E9E33D0CB01207FF52A0A8C006424493A5C489C48 ] C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
21:02:40.0461 0x0af0 GoogleChromeAutoLaunch_A9A28D217F0AF6C0AE66A9006030A09A - ok
21:02:40.0476 0x0af0 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
21:02:40.0476 0x0af0 Win FW state via NFP2: disabled ( trusted )
21:02:43.0144 0x0af0 ============================================================
21:02:43.0144 0x0af0 Scan finished
21:02:43.0144 0x0af0 ============================================================
21:02:43.0144 0x0850 Detected object count: 0
21:02:43.0144 0x0850 Actual detected object count: 0
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

Re: PUMS.dns help

Unread postby ukemike » November 21st, 2015, 1:10 am

no difficulty following the instructions.

I'm not sure that there is any difference. The latency in my net connection is much improved. That could be coincidence.
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

Re: PUMS.dns help

Unread postby pgmigg » November 21st, 2015, 4:19 pm

Hello ukemike,

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :Files
    C:\Program Files (x86)\Common Files\LogiShrd\eReg
    
    :Reg
    [HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5]
    "ProductName"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\SourceList]
    "PackageName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\Program Files (x86)\Common Files\LogiShrd\eReg\"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Components\0704CDBD0A274EC45B838D687B4DAD0B]
    "EACB9EE39A9E5E54B9C1384A3D750EC5"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\InstallProperties]
    "InstallLocation"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\InstallProperties]
    "DisplayName"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}]
    "InstallLocation"==
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}]
    "DisplayName"==
    [HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5]
    "ProductName"=-
    [HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\SourceList]
    "PackageName"=-
    
    :Commands
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
Malwarebytes' Anti-Malware
  1. Please download Free Malwarebytes' Anti-Malware and save mbam-setup-2.2.0.1024.exe to your desktop.
  2. Right-click on mbam-setup-2.2.0.1024.exe and select "Run as administrator... ", then follow the prompts to install the program.
  3. At the end, Uncheck enable free trial of Malwarebytes' Anti-Malware, (You can activate this when we've finished, if you wish)
  4. Then click Finish.
  5. You'll see an alert that "Databases out of date" Click the "Update Now" button.
  6. Press the Scan icon on the top bar of the MBAM interface, make sure Threat Scan is selected.
  7. Press the Start Scan button.
  8. When the scan is finished:
  9. If clean, a message will be displayed "The scan completed successfully! No malicious items were detected!"
  10. If infections were found, click the Quarantine all button.
  11. Press the View detailed log >> link to display the results log.
  12. Press the Copy to Clipboard button.
  13. Copy and paste the scan results in your next reply and exit MBAM.

Step 3.
ESET NOD32 Online Scan
  1. Firstly please Disable any Antivirus you have active, as shown in This topic. If active, it could impact the online scan.
    Do NOT use the computer while the scan is running!
    Make sure all other programs and windows are closed!
  2. You need to right-click on the Internet Explorer or Firefox icons on the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.
  3. Go to ESET Online Scanner - © ESET All Rights Reserved, to run an online scan.
  4. Click the dark blue Run ESET Online Scanner button:
    • If you using Google Chrome or Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted. Then double click on it to install.
    • If you using Internet Explorer please read the End User License Agreement and check the box: Yes, I accept the terms of use. Then click the green Start button.
  5. Accept any security warnings from your browser and allow the download/installation of any required files.
    If your browser blocks or halts a download, please allow it to download any required files.
  6. Under scan settings:
    • Check "Scan archives"
    • UNCHECK "Remove found threats"
  7. Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  8. Click the Start button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while so please be patient. Do NOT use the computer while the scan is running!
  9. When the scan completes, please press the text: Image
  10. Press the text: Image, then save the file to your desktop as ESETScan.txt.
  11. Press the Back button, then press the Finish button.
  12. Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the most recent C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-2015-05-... file
  4. Contents of the ESETScan.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3179
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

11212015_141908.txt

Unread postby ukemike » November 21st, 2015, 6:30 pm

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint folder moved successfully.
C:\Program Files (x86)\Common Files\LogiShrd\eReg folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\\ProductName deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\SourceList\\PackageName deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Components\0704CDBD0A274EC45B838D687B4DAD0B not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\InstallProperties not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\InstallProperties not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\\"InstallLocation"=| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\\"DisplayName"=| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\\ProductName not found.
Registry value HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\SourceList\\PackageName not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lara
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mike
->Temp folder emptied: 115416 bytes
->Temporary Internet Files folder emptied: 840 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21905742 bytes
->Google Chrome cache emptied: 1905008 bytes
->Flash cache emptied: 506 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 140434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 23.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11212015_141908

Files\Folders moved on Reboot...
C:\Users\Mike\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\officeclicktorun.exe_c2ruidll(201511211404296C0).log not found!
File\Folder C:\Windows\temp\officeclicktorun.exe_streamserver(201511211404296C0).log not found!
C:\Windows\temp\SERENITY-20151121-1404.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm

malwarebytes log

Unread postby ukemike » November 21st, 2015, 7:01 pm

FYI the instructions for Malwarebytes did not match the options that were actually available in the program. I suspect the instructions were for an older version. For instance to get the log provided below I clicked on "Save Results..." in the lower right corner. I did not find a button called save detailed log.



All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint folder moved successfully.
C:\Program Files (x86)\Common Files\LogiShrd\eReg folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\\ProductName deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\SourceList\\PackageName deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Components\0704CDBD0A274EC45B838D687B4DAD0B not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\InstallProperties not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-517068509-634416315-2748464958-1000\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\InstallProperties not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\\"InstallLocation"=| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\\"DisplayName"=| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\\ProductName not found.
Registry value HKEY_USERS\S-1-5-21-517068509-634416315-2748464958-1000\Software\Microsoft\Installer\Products\EACB9EE39A9E5E54B9C1384A3D750EC5\SourceList\\PackageName not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lara
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mike
->Temp folder emptied: 115416 bytes
->Temporary Internet Files folder emptied: 840 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21905742 bytes
->Google Chrome cache emptied: 1905008 bytes
->Flash cache emptied: 506 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 140434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 23.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11212015_141908

Files\Folders moved on Reboot...
C:\Users\Mike\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\officeclicktorun.exe_c2ruidll(201511211404296C0).log not found!
File\Folder C:\Windows\temp\officeclicktorun.exe_streamserver(201511211404296C0).log not found!
C:\Windows\temp\SERENITY-20151121-1404.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
ukemike
Regular Member
 
Posts: 31
Joined: November 15th, 2015, 11:55 pm
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 60 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware