Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

please help my computer

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: please help my computer

Unread postby amandarutledge » April 17th, 2014, 1:23 pm

OTL logfile created on: 4/17/2014 11:54:24 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ALR4life\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.84 Gb Available Physical Memory | 72.65% Memory free
7.81 Gb Paging File | 6.59 Gb Available in Paging File | 84.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.81 Gb Total Space | 188.51 Gb Free Space | 66.42% Space Free | Partition Type: NTFS
Drive D: | 13.99 Gb Total Space | 2.28 Gb Free Space | 16.31% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 95.88 Mb Free Space | 96.52% Space Free | Partition Type: FAT32

Computer Name: ALR4LIFE-PC | User Name: ALR4life | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/17 07:16:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALR4life\Desktop\OTL.exe
PRC - [2014/04/17 06:26:06 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/17 06:26:06 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/17 18:55:26 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/01 12:35:30 | 007,393,912 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/02/04 16:32:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/11/09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/11/09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe


========== Modules (No Company Name) ==========

MOD - [2014/04/17 06:26:06 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010/02/22 13:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/02/22 13:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/02/22 13:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/04/17 06:26:06 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/06/24 15:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2014/03/31 03:16:23 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/19 06:22:29 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/01 12:35:30 | 007,393,912 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/02/04 16:32:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/11/09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/04 13:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/04/17 06:26:07 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/04/17 06:26:07 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/04/17 06:26:07 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/04/17 06:26:07 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/04/17 06:26:07 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/04/17 06:26:07 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/04/17 06:26:07 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/04/10 12:09:43 | 000,156,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys -- (ESETOlmarikOlmascoCleaner)
DRV:64bit: - [2013/11/27 10:38:44 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/11/13 05:51:44 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/08/22 07:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/05/06 09:32:28 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/02 16:02:00 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:64bit: - [2012/03/02 16:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:64bit: - [2012/03/02 16:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:64bit: - [2012/03/02 16:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010/03/05 14:57:18 | 000,144,896 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2010/03/05 14:57:00 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/01/19 20:55:34 | 001,088,544 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/11/27 20:45:00 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/13 13:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/22 20:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/09/22 20:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ED829130-90CE-420F-9CC8-0AEBEB4D9E0E}
IE:64bit: - HKLM\..\SearchScopes\{ED829130-90CE-420F-9CC8-0AEBEB4D9E0E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{ED829130-90CE-420F-9CC8-0AEBEB4D9E0E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FD AD F3 1D D3 FE CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {ED829130-90CE-420F-9CC8-0AEBEB4D9E0E}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.8.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/19 21:50:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/06/29 14:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/29 14:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/04/17 06:26:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.3.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.3.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/06/12 11:01:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Extensions
[2014/03/31 03:26:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\extensions
[2014/03/20 11:01:14 | 000,000,000 | ---D | M] ("Flash Video Downloader - Full HD Download") -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\extensions\artur.dubovoy@gmail.com
[2014/03/19 06:28:00 | 000,170,819 | ---- | M] () (No name found) -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi
[2014/03/04 17:55:37 | 000,001,449 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\100-search-engines.xml
[2013/07/26 08:01:09 | 000,001,793 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\Bing.xml
[2014/03/04 17:54:33 | 000,001,874 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\duckduckgo.xml
[2014/03/07 21:30:21 | 000,001,752 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\eccellio-science.xml
[2014/03/04 17:55:56 | 000,000,816 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\facebook-search.xml
[2014/03/04 17:55:06 | 000,004,855 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\google-images.xml
[2014/03/07 21:31:37 | 000,002,070 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\privatelee-https.xml
[2014/03/07 21:30:34 | 000,002,123 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\qrobeit.xml
[2014/03/07 21:32:36 | 000,003,790 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\radio-online.xml
[2014/03/07 21:32:48 | 000,001,539 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\thesaurus---referencecom.xml
[2014/04/17 09:50:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/31 03:16:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language},
CHR - homepage: http://mysearch.avg.com/?cid={8102C2BB-329F-4293-A103-9E55508ED1EF}&mid=dee5d48ec81d47d38a0a1943ef2d8070-9477b8438277e65baceeef65ebf6b167ed5b373a&lang=en&ds=dn011&pr=sa&d=2013-06-15 16:57:50&v=15.2.0.5&pid=safeguard&sg=0&sap=hp
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Disabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Disabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: The Beauty Book = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiehabhniopmmjabhidpigmfncnfnche\1.0.0.1_0\
CHR - Extension: TV = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\
CHR - Extension: Strawberry Pal Menstrual Calendar = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmeafmbadejchdjffdbdjdkcgfmlhjmh\0.9.2_0\
CHR - Extension: CashControl = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlemijlafnipidpkcdfopieocaadjji\1.8_0\
CHR - Extension: HelloFax: 50 Free Fax Pages = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm\1.20_0\
CHR - Extension: Fight Depression! = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpcanhncamomjgapncfnedcimpcmlbnf\1.0.0.1_0\
CHR - Extension: Cash Organizer = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppdehaogjdmkkiaiokmjdjmjnjicddk\2.0.0.77_0\
CHR - Extension: WEEK PLAN = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\caggnmlckgjpgpgpgjeobdcfgbkefioo\2.3_0\
CHR - Extension: SlickTasks = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\cilfofbacaplmfmfbdgfdphmfdljnioc\1.0.0.0_0\
CHR - Extension: Timout - Time Management = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\dekpabfaimofbinkbjlgdkkecodejmbf\0.3_0\
CHR - Extension: Video Downloader professional = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.43_0\
CHR - Extension: Wunderlist - To-do and Task list = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc\2.3.7.0_0\
CHR - Extension: Wunderlist - To-do and Task list = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc\2.3.7.3_0\
CHR - Extension: Court Records = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\fldmpfhmlhlbbbmgpononlchkmgnjmii\2.5_0\
CHR - Extension: Beauty and anti-aging secrets = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbjpdbmnfpbcplagojnpoeikmalaemi\1.0.0.1_0\
CHR - Extension: avast! Online Security = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2016.82_0\
CHR - Extension: avast! Online Security = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: GoAnimate for Schools = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpaebfogajhndljeplcmjicfjcdddf\1.0.2_0\
CHR - Extension: Zillow = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh\1.2_0\
CHR - Extension: Personal Trainer - Yoga = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjigbeknhpeholihfbnpmofgfnobdllk\1.0_0\
CHR - Extension: Surveyjury.com = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkffdnlpdklagcijcdapjdhjhpbdnnac\0.1_0\
CHR - Extension: KIDO'Z TV = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokdeafnhahffanabnbjjjjmoechjklc\2.2_0\
CHR - Extension: Success Quotes = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\jolndiondpgkiadiddddhoghgcalmeop\1.0.0.0_0\
CHR - Extension: CashBase = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\klehkbljbmijfgbokipcjeialaonhjlc\2.0.0_0\
CHR - Extension: FVD Downloader = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.7.7_0\
CHR - Extension: Manage your life now = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcpjljkmnlofkkieakmjpgbmgppdfldj\0.0.0.1_0\
CHR - Extension: Home Remedies = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfickcipmookfdkloejeolilefhjmaje\0.1_0\
CHR - Extension: Finance41 Personal Finance Manager = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgkhncobohkmgdjdiijlbgjidpnnkcd\2.0.0.5_0\
CHR - Extension: Google Wallet = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Transcribe: transcribe audio/interviews fast! = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm\2.0.4_0\
CHR - Extension: Foreclosure and RTO Homes (Rent To Own) = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpbcdmhelgenakfbfanbebkdahokioc\1.0.1_0\
CHR - Extension: Birdhouse for Autism = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\omehdhccbjjobcofeeloidmnmilefdhp\2.0_0\
CHR - Extension: Moosti = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkkfpnoobbihpjbophkgcibemmmidhk\1.0.4_0\
CHR - Extension: Simply Recipes = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\phkkbopifpbfgacfpbemlgpeimkfdnok\0.2_0\
CHR - Extension: Learn Alphabet and Numbers = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\podikmghblokmmdgoilcnnpgogaocoal\1.0.1_0\

O1 HOSTS File: ([2014/03/16 23:37:58 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave File not found
O4 - HKCU..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - Startup: C:\Users\ALR4life\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\ALR4life\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D71D341-D373-44E5-8A85-CE6B6CDDFD85}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/17 09:48:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/04/17 07:16:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ALR4life\Desktop\OTL.exe
[2014/04/17 06:44:37 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\AppData\Roaming\AVAST Software
[2014/04/17 06:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/04/17 06:26:10 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/04/17 06:26:10 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/04/17 06:26:10 | 000,084,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/04/17 06:26:09 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/04/17 06:26:09 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/04/17 06:26:09 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/04/17 06:26:07 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/17 06:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/04/17 06:18:28 | 004,732,664 | ---- | C] (AVAST Software) -- C:\Users\ALR4life\Desktop\avast_free_antivirus_setup_online (1).exe
[2014/04/17 03:01:09 | 000,000,000 | ---D | C] -- C:\dffa4099759fedf1bac43b46fc034a0c
[2014/04/16 11:46:02 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2014/04/16 09:35:03 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\Desktop\cleanup of desktop
[2014/04/11 03:59:34 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/11 03:58:57 | 002,157,056 | ---- | C] (Farbar) -- C:\Users\ALR4life\Desktop\FRST64.exe
[2014/04/11 03:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2014/04/11 03:20:45 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\AppData\Roaming\vlc
[2014/04/11 03:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/04/11 03:19:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/04/11 03:01:20 | 000,000,000 | ---D | C] -- C:\a80bed0a8bfd706fde
[2014/04/10 11:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/04/10 11:49:33 | 002,347,384 | ---- | C] (ESET) -- C:\Users\ALR4life\Desktop\esetsmartinstaller_enu.exe
[2014/04/09 03:00:45 | 000,000,000 | ---D | C] -- C:\e6848fbf2fbf17eff48cf2f759c141
[2014/04/04 01:35:19 | 000,000,000 | ---D | C] -- C:\NewFolder
[2014/04/04 00:42:00 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\New folder (2)
[2014/04/03 11:11:35 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\AppData\Roaming\DropboxMaster
[2014/04/02 09:57:08 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\ALR4life\Desktop\JRT_NEW.exe
[2014/03/31 03:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/30 22:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCare Data Recovery Free
[2014/03/30 22:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iCare Data Recovery Free
[2014/03/30 02:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 7.5
[2014/03/30 02:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2014/03/30 02:49:56 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\Documents\My Data Files
[2014/03/30 01:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ffmpeg For Audacity
[2014/03/29 00:10:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/03/28 15:19:28 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014/03/28 15:18:37 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/28 15:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/03/28 15:13:44 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/28 15:13:42 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/03/28 15:13:42 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/28 15:13:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/03/28 15:12:13 | 017,523,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ALR4life\Desktop\mbam-setup-2.0.0.1000.exe
[2014/03/21 00:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe

========== Files - Modified Within 30 Days ==========

[2014/04/17 11:28:03 | 000,783,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/17 11:28:03 | 000,662,882 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/17 11:28:03 | 000,122,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/17 10:03:14 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/17 10:03:14 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/17 09:56:28 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_ALR4life.job
[2014/04/17 09:55:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/17 09:55:47 | 3144,880,128 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/17 07:47:02 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_ALR4life.job
[2014/04/17 07:16:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALR4life\Desktop\OTL.exe
[2014/04/17 06:46:14 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_ALR4life.job
[2014/04/17 06:26:42 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/04/17 06:26:07 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/04/17 06:26:07 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/04/17 06:26:07 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/04/17 06:26:07 | 000,208,928 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/04/17 06:26:07 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/04/17 06:26:07 | 000,084,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/04/17 06:26:07 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/04/17 06:26:07 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/04/17 06:26:07 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/17 06:18:57 | 004,732,664 | ---- | M] (AVAST Software) -- C:\Users\ALR4life\Desktop\avast_free_antivirus_setup_online (1).exe
[2014/04/16 11:47:10 | 000,468,480 | ---- | M] () -- C:\Users\ALR4life\Desktop\CKScanner.exe
[2014/04/16 09:34:55 | 000,002,115 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/04/15 14:25:03 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForALR4life.job
[2014/04/11 14:47:48 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/11 03:59:07 | 002,157,056 | ---- | M] (Farbar) -- C:\Users\ALR4life\Desktop\FRST64.exe
[2014/04/11 03:25:20 | 000,000,116 | RH-- | M] () -- C:\Users\ALR4life\Desktop\Stinger.opt
[2014/04/11 03:19:30 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/11 03:18:53 | 024,677,393 | ---- | M] () -- C:\Users\ALR4life\Desktop\vlc-2.1.3-win32.exe
[2014/04/10 12:09:43 | 000,156,360 | ---- | M] () -- C:\Windows\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys
[2014/04/10 11:49:41 | 002,347,384 | ---- | M] (ESET) -- C:\Users\ALR4life\Desktop\esetsmartinstaller_enu.exe
[2014/04/06 01:36:06 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\ALR4life\Desktop\JRT_NEW.exe
[2014/04/05 23:59:49 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/03 11:11:37 | 000,001,057 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/02 09:51:12 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/30 22:38:44 | 000,001,223 | ---- | M] () -- C:\Users\Public\Desktop\iCare Data Recovery Software.lnk
[2014/03/30 19:24:35 | 002,469,824 | ---- | M] () -- C:\Users\ALR4life\Desktop\AdobeDownloadAssistant.exe
[2014/03/30 02:53:16 | 000,001,228 | ---- | M] () -- C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 7.5.lnk
[2014/03/28 15:13:20 | 017,523,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ALR4life\Desktop\mbam-setup-2.0.0.1000.exe
[2014/03/26 08:36:06 | 000,003,216 | ---- | M] () -- C:\Users\ALR4life\Documents\-6356180677049974192_256.cache
[2014/03/21 04:45:18 | 356,088,312 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/03/19 13:14:54 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/19 11:19:52 | 000,006,918 | ---- | M] () -- C:\Users\ALR4life\Desktop\w7-msiserver.reg
[2014/03/19 05:44:29 | 000,003,591 | ---- | M] () -- C:\Users\ALR4life\Desktop\Msirepair.reg

========== Files Created - No Company Name ==========

[2014/04/17 06:26:42 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/04/17 06:26:10 | 000,208,928 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/04/17 06:26:09 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/04/16 11:47:09 | 000,468,480 | ---- | C] () -- C:\Users\ALR4life\Desktop\CKScanner.exe
[2014/04/16 09:01:46 | 000,444,471 | ---- | C] () -- C:\Users\ALR4life\Desktop\IMG434.jpg
[2014/04/11 03:24:32 | 000,000,116 | RH-- | C] () -- C:\Users\ALR4life\Desktop\Stinger.opt
[2014/04/11 03:19:30 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/11 03:16:52 | 024,677,393 | ---- | C] () -- C:\Users\ALR4life\Desktop\vlc-2.1.3-win32.exe
[2014/04/10 12:09:43 | 000,156,360 | ---- | C] () -- C:\Windows\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys
[2014/03/30 22:38:44 | 000,001,223 | ---- | C] () -- C:\Users\Public\Desktop\iCare Data Recovery Software.lnk
[2014/03/30 19:24:23 | 002,469,824 | ---- | C] () -- C:\Users\ALR4life\Desktop\AdobeDownloadAssistant.exe
[2014/03/30 02:53:16 | 000,001,228 | ---- | C] () -- C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 7.5.lnk
[2014/03/28 15:13:51 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/26 16:22:02 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_ALR4life.job
[2014/03/26 16:22:02 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_ALR4life.job
[2014/03/26 16:22:02 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_ALR4life.job
[2014/03/26 08:36:06 | 000,003,216 | ---- | C] () -- C:\Users\ALR4life\Documents\-6356180677049974192_256.cache
[2014/03/21 04:45:17 | 356,088,312 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/03/16 23:56:06 | 029,873,626 | ---- | C] () -- C:\Users\ALR4life\Cute Hot Babe Whore Gets 2 - Porn Video.mp4
[2014/03/16 23:55:15 | 000,001,043 | ---- | C] () -- C:\Users\ALR4life\Burgler_s_Enjoying_Young_Girls_2035936 - Shortcut.lnk
[2014/03/16 23:55:11 | 000,000,988 | ---- | C] () -- C:\Users\ALR4life\Cherry_Busters_1985_2048385 - Shortcut.lnk
[2014/03/16 23:27:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/03/16 23:27:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/03/16 23:27:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/03/16 23:27:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/03/16 23:27:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/03/05 21:39:04 | 000,007,599 | ---- | C] () -- C:\Users\ALR4life\AppData\Local\Resmon.ResmonCfg
[2014/03/03 06:38:34 | 000,001,097 | ---- | C] () -- C:\Users\ALR4life\Documents - Shortcut.lnk
[2013/12/02 14:07:12 | 000,000,218 | ---- | C] () -- C:\Users\ALR4life\AppData\Local\recently-used.xbel
[2013/11/14 20:21:44 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013/11/08 05:07:36 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/10/03 14:55:28 | 000,000,790 | ---- | C] () -- C:\Users\ALR4life\AppData\Roaming\wklnhst.dat
[2013/08/26 07:35:37 | 000,253,952 | ---- | C] () -- C:\Windows\msfxinfz.dat
[2013/06/18 22:58:51 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/18 22:41:25 | 000,000,632 | RHS- | C] () -- C:\Users\ALR4life\ntuser.pol
[2013/06/18 13:38:02 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013/06/18 13:38:02 | 000,002,411 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013/06/12 07:31:07 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2013/06/12 07:27:38 | 000,000,268 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2013/06/12 07:27:38 | 000,000,209 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/06/18 22:59:31 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\.minecraft
[2014/03/31 02:21:29 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Audacity
[2014/04/17 06:44:37 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\AVAST Software
[2013/06/15 17:41:22 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Dextronet
[2014/04/17 11:30:53 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Dropbox
[2014/04/03 11:11:35 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\DropboxMaster
[2013/11/24 10:38:01 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Eendsoft
[2013/07/18 09:23:39 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\EscSoft
[2013/06/15 17:28:43 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\FreePriceAlerts
[2013/08/10 11:42:40 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\muvee Technologies
[2014/02/16 03:16:11 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Opera Software
[2013/07/15 11:11:36 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Oracle
[2013/06/12 07:00:20 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\PictureMover
[2013/07/28 22:41:16 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Python-Eggs
[2013/10/24 00:18:41 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Samsung
[2013/06/18 23:20:46 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\SketchUp
[2013/10/03 14:55:30 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Template
[2014/02/16 03:16:13 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Thunderbird
[2013/06/27 09:00:04 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Tific
[2013/11/14 20:29:09 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\VSRevoGroup
[2013/07/18 09:49:09 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\WindSolutions

========== Purity Check ==========



< End of report >
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am
Advertisement
Register to Remove

Re: please help my computer

Unread postby amandarutledge » April 17th, 2014, 4:07 pm

I did the restore and have internet again. I did the OTL scans when my internet was down and copied them to a flash drive and had my husband post them from his computer. They are the previous 2 posts. I don't know if they are relevant now that I did the restore.
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby askey127 » April 17th, 2014, 4:15 pm

Amanda,
Let's have another go at removing known stuff.
Unfortunately, the earlier logs won't apply accurately since the Restore.
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
  • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    IE:64bit: - HKLM\..\SearchScopes\{0ED85345-D725-4656-A14B-DD1874755282}: "URL" = http://www.ask.com/web?q= {searchterms}&l=dis&o=ushpl
    IE - HKLM\..\SearchScopes\{0ED85345-D725-4656-A14B-DD1874755282}: "URL" = http://www.ask.com/web?q= {searchterms}&l=dis&o=ushpl
    FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll File not found
    [2014/03/04 17:56:05 | 000,001,614 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\dogpile.xml
    [2014/03/30 02:49:45 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\AppData\Local\Wondershare
    [2014/03/30 02:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare
    [2014/03/30 02:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    
    :Files
    C:\Program Files (x86)\TelevisionFanatic
    ipconfig /flushdns /c
    
    :Commands
    [emptyjava]
    [emptyflash] 
    [EMPTYTEMP]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, and click to allow the Reboot when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • That is the FIX log file. Copy the contents of that file and post it in your next reply.
    It will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log
----------------------------------------------
After posting the Resulting log, Please Rescan as follows:
Open OTL again and click the Quick Scan button. Post the new log it produces, OTL.txt, in a separate reply.

-----------------------------------------
Check hard Drive for Errors
Open Notepad... then copy and paste the following single line into Notepad:
(Notepad is in Start, Programs, Accessories)
Code: Select all
cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"

Now Save the NotePad file like this:
  • Click on File from the top menu bar.
  • Select Save As, use Filename: testhd.bat and Save As Type: All Files.
  • Choose Desktop as the location
  • Click Save.
Right click on testhd.bat on your desktop and select Run As Administrator to run it. OK the UAC.
A Command Prompt box will pop up, then close after a couple minutes.
Please post the contents of the checkhd.txt file from your desktop.
If the file is very long, just copy and paste the LAST 20 or 30 lines into your reply.

So we are looking for the FIX log, the new version of OTL.txt from a Quick scan, and the results in checkhd.txt
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: please help my computer

Unread postby amandarutledge » April 18th, 2014, 1:01 am

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ED85345-D725-4656-A14B-DD1874755282}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ED85345-D725-4656-A14B-DD1874755282}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ED85345-D725-4656-A14B-DD1874755282}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ED85345-D725-4656-A14B-DD1874755282}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin\ deleted successfully.
File C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\dogpile.xml not found.
Folder C:\Users\ALR4life\AppData\Local\Wondershare\ not found.
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact folder moved successfully.
C:\Program Files (x86)\Common Files\Wondershare folder moved successfully.
Folder C:\Program Files (x86)\Wondershare\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\TelevisionFanatic not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\ALR4life\Desktop\cmd.bat deleted successfully.
C:\Users\ALR4life\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: Administrator

User: All Users

User: ALR4life
->Java cache emptied: 0 bytes

User: Amanda Rutledge

User: Default

User: Default User

User: Guest

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: ALR4life
->Flash cache emptied: 0 bytes

User: Amanda Rutledge

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: ALR4life
->Temp folder emptied: 90484680 bytes
->Temporary Internet Files folder emptied: 56293877 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 10274 bytes
->Google Chrome cache emptied: 6305549 bytes
->Flash cache emptied: 0 bytes

User: Amanda Rutledge

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 2049 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 66068274 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 117684 bytes

Total Files Cleaned = 209.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04172014_235809

Files\Folders moved on Reboot...
C:\Users\ALR4life\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ALR4life\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby amandarutledge » April 18th, 2014, 1:14 am

OTL logfile created on: 4/18/2014 12:03:26 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ALR4life\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 2.51 Gb Available Physical Memory | 64.36% Memory free
7.81 Gb Paging File | 6.34 Gb Available in Paging File | 81.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.81 Gb Total Space | 190.48 Gb Free Space | 67.12% Space Free | Partition Type: NTFS
Drive D: | 13.99 Gb Total Space | 2.28 Gb Free Space | 16.31% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 95.88 Mb Free Space | 96.52% Space Free | Partition Type: FAT32
Drive G: | 4.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 1.86 Gb Total Space | 1.84 Gb Free Space | 98.99% Space Free | Partition Type: FAT

Computer Name: ALR4LIFE-PC | User Name: ALR4life | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/17 07:16:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALR4life\Desktop\OTL.exe
PRC - [2014/04/17 06:26:06 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/17 06:26:06 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/17 18:55:26 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/04/01 12:35:30 | 007,393,912 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/02/04 16:32:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/11/09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/11/09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe


========== Modules (No Company Name) ==========

MOD - [2014/04/17 06:26:06 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/03 21:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/03 21:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/03 21:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/03 21:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/03 21:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2010/02/22 13:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/02/22 13:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/02/22 13:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/04/17 06:26:06 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/04/11 03:30:27 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/06/24 15:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2014/03/31 03:16:23 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/19 06:22:29 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/01 12:35:30 | 007,393,912 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/02/04 16:32:02 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/11/09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/04 13:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/04/17 06:26:07 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/04/17 06:26:07 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/04/17 06:26:07 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/04/17 06:26:07 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/04/17 06:26:07 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/04/17 06:26:07 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/04/17 06:26:07 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/04/11 03:30:27 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/04/11 03:30:27 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2014/04/10 12:09:43 | 000,156,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys -- (ESETOlmarikOlmascoCleaner)
DRV:64bit: - [2013/11/27 10:38:44 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/11/13 05:51:44 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/11/13 05:49:06 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2013/08/22 07:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/05/06 09:32:28 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/02 16:02:00 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:64bit: - [2012/03/02 16:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:64bit: - [2012/03/02 16:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:64bit: - [2012/03/02 16:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010/03/05 14:57:18 | 000,144,896 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2010/03/05 14:57:00 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/01/19 20:55:34 | 001,088,544 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/11/27 20:45:00 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/13 13:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/22 20:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/09/22 20:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ED829130-90CE-420F-9CC8-0AEBEB4D9E0E}
IE:64bit: - HKLM\..\SearchScopes\{ED829130-90CE-420F-9CC8-0AEBEB4D9E0E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{ED829130-90CE-420F-9CC8-0AEBEB4D9E0E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FD AD F3 1D D3 FE CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {ED829130-90CE-420F-9CC8-0AEBEB4D9E0E}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.8.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/19 21:50:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/06/29 14:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/29 14:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/04/17 06:26:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.3.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.3.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/06/12 11:01:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Extensions
[2014/03/31 03:26:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\extensions
[2014/03/20 11:01:14 | 000,000,000 | ---D | M] ("Flash Video Downloader - Full HD Download") -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\extensions\artur.dubovoy@gmail.com
[2014/03/19 06:28:00 | 000,170,819 | ---- | M] () (No name found) -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi
[2014/03/04 17:55:37 | 000,001,449 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\100-search-engines.xml
[2013/07/26 08:01:09 | 000,001,793 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\Bing.xml
[2014/03/04 17:54:33 | 000,001,874 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\duckduckgo.xml
[2014/03/07 21:30:21 | 000,001,752 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\eccellio-science.xml
[2014/03/04 17:55:56 | 000,000,816 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\facebook-search.xml
[2014/03/04 17:55:06 | 000,004,855 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\google-images.xml
[2014/03/07 21:31:37 | 000,002,070 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\privatelee-https.xml
[2014/03/07 21:30:34 | 000,002,123 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\qrobeit.xml
[2014/03/07 21:32:36 | 000,003,790 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\radio-online.xml
[2014/03/07 21:32:48 | 000,001,539 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Mozilla\Firefox\Profiles\1mrkiljb.default\searchplugins\thesaurus---referencecom.xml
[2014/04/17 14:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/31 03:16:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/17 14:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language},
CHR - homepage: http://mysearch.avg.com/?cid={8102C2BB-329F-4293-A103-9E55508ED1EF}&mid=dee5d48ec81d47d38a0a1943ef2d8070-9477b8438277e65baceeef65ebf6b167ed5b373a&lang=en&ds=dn011&pr=sa&d=2013-06-15 16:57:50&v=15.2.0.5&pid=safeguard&sg=0&sap=hp
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: iTunes Application Detector (Disabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Disabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Disabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Disabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: The Beauty Book = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiehabhniopmmjabhidpigmfncnfnche\1.0.0.1_0\
CHR - Extension: TV = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\
CHR - Extension: Strawberry Pal Menstrual Calendar = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmeafmbadejchdjffdbdjdkcgfmlhjmh\0.9.2_0\
CHR - Extension: CashControl = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlemijlafnipidpkcdfopieocaadjji\1.8_0\
CHR - Extension: HelloFax: 50 Free Fax Pages = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm\1.20_0\
CHR - Extension: Fight Depression! = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpcanhncamomjgapncfnedcimpcmlbnf\1.0.0.1_0\
CHR - Extension: Cash Organizer = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppdehaogjdmkkiaiokmjdjmjnjicddk\2.0.0.77_0\
CHR - Extension: WEEK PLAN = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\caggnmlckgjpgpgpgjeobdcfgbkefioo\2.3_0\
CHR - Extension: SlickTasks = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\cilfofbacaplmfmfbdgfdphmfdljnioc\1.0.0.0_0\
CHR - Extension: Timout - Time Management = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\dekpabfaimofbinkbjlgdkkecodejmbf\0.3_0\
CHR - Extension: Video Downloader professional = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil\1.97.43_0\
CHR - Extension: Wunderlist - To-do and Task list = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc\2.3.7.0_0\
CHR - Extension: Wunderlist - To-do and Task list = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc\2.3.7.3_0\
CHR - Extension: Court Records = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\fldmpfhmlhlbbbmgpononlchkmgnjmii\2.5_0\
CHR - Extension: Beauty and anti-aging secrets = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbjpdbmnfpbcplagojnpoeikmalaemi\1.0.0.1_0\
CHR - Extension: avast! Online Security = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2016.82_0\
CHR - Extension: avast! Online Security = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: GoAnimate for Schools = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpaebfogajhndljeplcmjicfjcdddf\1.0.2_0\
CHR - Extension: Zillow = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh\1.2_0\
CHR - Extension: Personal Trainer - Yoga = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjigbeknhpeholihfbnpmofgfnobdllk\1.0_0\
CHR - Extension: Surveyjury.com = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkffdnlpdklagcijcdapjdhjhpbdnnac\0.1_0\
CHR - Extension: KIDO'Z TV = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokdeafnhahffanabnbjjjjmoechjklc\2.2_0\
CHR - Extension: Success Quotes = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\jolndiondpgkiadiddddhoghgcalmeop\1.0.0.0_0\
CHR - Extension: CashBase = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\klehkbljbmijfgbokipcjeialaonhjlc\2.0.0_0\
CHR - Extension: FVD Downloader = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.7.7_0\
CHR - Extension: Manage your life now = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcpjljkmnlofkkieakmjpgbmgppdfldj\0.0.0.1_0\
CHR - Extension: Home Remedies = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfickcipmookfdkloejeolilefhjmaje\0.1_0\
CHR - Extension: Finance41 Personal Finance Manager = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgkhncobohkmgdjdiijlbgjidpnnkcd\2.0.0.5_0\
CHR - Extension: Google Wallet = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Transcribe: transcribe audio/interviews fast! = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm\2.0.4_0\
CHR - Extension: Foreclosure and RTO Homes (Rent To Own) = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpbcdmhelgenakfbfanbebkdahokioc\1.0.1_0\
CHR - Extension: Birdhouse for Autism = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\omehdhccbjjobcofeeloidmnmilefdhp\2.0_0\
CHR - Extension: Moosti = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkkfpnoobbihpjbophkgcibemmmidhk\1.0.4_0\
CHR - Extension: Simply Recipes = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\phkkbopifpbfgacfpbemlgpeimkfdnok\0.2_0\
CHR - Extension: Learn Alphabet and Numbers = C:\Users\ALR4life\AppData\Local\Google\Chrome\User Data\Default\Extensions\podikmghblokmmdgoilcnnpgogaocoal\1.0.1_0\

O1 HOSTS File: ([2014/03/16 23:37:58 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave File not found
O4 - HKCU..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - Startup: C:\Users\ALR4life\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\ALR4life\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D71D341-D373-44E5-8A85-CE6B6CDDFD85}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/24 05:36:40 | 000,000,157 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/17 09:48:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/04/17 07:16:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ALR4life\Desktop\OTL.exe
[2014/04/17 06:44:37 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\AppData\Roaming\AVAST Software
[2014/04/17 06:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/04/17 06:26:10 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/04/17 06:26:10 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/04/17 06:26:10 | 000,084,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/04/17 06:26:09 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/04/17 06:26:09 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/04/17 06:26:09 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/04/17 06:26:07 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/17 06:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/04/17 06:18:28 | 004,732,664 | ---- | C] (AVAST Software) -- C:\Users\ALR4life\Desktop\avast_free_antivirus_setup_online (1).exe
[2014/04/17 03:01:09 | 000,000,000 | ---D | C] -- C:\dffa4099759fedf1bac43b46fc034a0c
[2014/04/16 11:46:02 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2014/04/16 09:35:03 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\Desktop\cleanup of desktop
[2014/04/11 03:59:34 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/11 03:58:57 | 002,157,056 | ---- | C] (Farbar) -- C:\Users\ALR4life\Desktop\FRST64.exe
[2014/04/11 03:30:30 | 000,106,112 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2014/04/11 03:30:29 | 000,771,096 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2014/04/11 03:30:28 | 000,177,680 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2014/04/11 03:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2014/04/11 03:23:24 | 012,763,168 | ---- | C] (McAfee Inc) -- C:\Users\ALR4life\Desktop\stinger64.exe
[2014/04/11 03:20:45 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\AppData\Roaming\vlc
[2014/04/11 03:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/04/11 03:19:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/04/11 03:01:20 | 000,000,000 | ---D | C] -- C:\a80bed0a8bfd706fde
[2014/04/10 11:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/04/10 11:49:33 | 002,347,384 | ---- | C] (ESET) -- C:\Users\ALR4life\Desktop\esetsmartinstaller_enu.exe
[2014/04/09 03:00:45 | 000,000,000 | ---D | C] -- C:\e6848fbf2fbf17eff48cf2f759c141
[2014/04/04 01:35:19 | 000,000,000 | ---D | C] -- C:\NewFolder
[2014/04/04 00:42:00 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\New folder (2)
[2014/04/03 11:11:35 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\AppData\Roaming\DropboxMaster
[2014/04/02 09:57:08 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\ALR4life\Desktop\JRT_NEW.exe
[2014/03/31 03:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/30 22:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCare Data Recovery Free
[2014/03/30 22:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iCare Data Recovery Free
[2014/03/30 02:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 7.5
[2014/03/30 02:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EaseUS
[2014/03/30 02:49:56 | 000,000,000 | ---D | C] -- C:\Users\ALR4life\Documents\My Data Files
[2014/03/30 01:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ffmpeg For Audacity
[2014/03/29 00:10:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/03/28 15:19:28 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014/03/28 15:18:37 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/03/28 15:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/03/28 15:13:44 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/28 15:13:42 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/03/28 15:13:42 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/28 15:13:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/03/28 15:12:13 | 017,523,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ALR4life\Desktop\mbam-setup-2.0.0.1000.exe
[2014/03/21 00:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe

========== Files - Modified Within 30 Days ==========

[2014/04/18 00:07:19 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/18 00:07:19 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/18 00:06:21 | 000,783,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/18 00:06:21 | 000,662,882 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/18 00:06:21 | 000,122,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/18 00:00:26 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_ALR4life.job
[2014/04/18 00:00:14 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/04/18 00:00:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/18 00:00:00 | 3144,880,128 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/17 15:13:08 | 000,007,599 | ---- | M] () -- C:\Users\ALR4life\AppData\Local\Resmon.ResmonCfg
[2014/04/17 07:47:02 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_ALR4life.job
[2014/04/17 07:16:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ALR4life\Desktop\OTL.exe
[2014/04/17 06:46:14 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_ALR4life.job
[2014/04/17 06:26:42 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/04/17 06:26:07 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/04/17 06:26:07 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/04/17 06:26:07 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/04/17 06:26:07 | 000,208,928 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/04/17 06:26:07 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/04/17 06:26:07 | 000,084,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/04/17 06:26:07 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/04/17 06:26:07 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/04/17 06:26:07 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/17 06:18:57 | 004,732,664 | ---- | M] (AVAST Software) -- C:\Users\ALR4life\Desktop\avast_free_antivirus_setup_online (1).exe
[2014/04/16 11:47:10 | 000,468,480 | ---- | M] () -- C:\Users\ALR4life\Desktop\CKScanner.exe
[2014/04/16 09:34:55 | 000,002,115 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/04/15 14:25:03 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForALR4life.job
[2014/04/11 14:47:48 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/11 03:59:07 | 002,157,056 | ---- | M] (Farbar) -- C:\Users\ALR4life\Desktop\FRST64.exe
[2014/04/11 03:30:27 | 000,771,096 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2014/04/11 03:30:27 | 000,177,680 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2014/04/11 03:30:27 | 000,106,112 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2014/04/11 03:25:20 | 000,000,116 | RH-- | M] () -- C:\Users\ALR4life\Desktop\Stinger.opt
[2014/04/11 03:24:26 | 012,763,168 | ---- | M] (McAfee Inc) -- C:\Users\ALR4life\Desktop\stinger64.exe
[2014/04/11 03:19:30 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/11 03:18:53 | 024,677,393 | ---- | M] () -- C:\Users\ALR4life\Desktop\vlc-2.1.3-win32.exe
[2014/04/10 12:09:43 | 000,156,360 | ---- | M] () -- C:\Windows\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys
[2014/04/10 11:49:41 | 002,347,384 | ---- | M] (ESET) -- C:\Users\ALR4life\Desktop\esetsmartinstaller_enu.exe
[2014/04/06 01:36:06 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\ALR4life\Desktop\JRT_NEW.exe
[2014/04/05 23:59:49 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/03 11:11:37 | 000,001,057 | ---- | M] () -- C:\Users\ALR4life\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/02 09:51:12 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/30 22:38:44 | 000,001,223 | ---- | M] () -- C:\Users\Public\Desktop\iCare Data Recovery Software.lnk
[2014/03/30 19:24:35 | 002,469,824 | ---- | M] () -- C:\Users\ALR4life\Desktop\AdobeDownloadAssistant.exe
[2014/03/30 02:53:16 | 000,001,228 | ---- | M] () -- C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 7.5.lnk
[2014/03/28 15:13:20 | 017,523,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ALR4life\Desktop\mbam-setup-2.0.0.1000.exe
[2014/03/26 08:36:06 | 000,003,216 | ---- | M] () -- C:\Users\ALR4life\Documents\-6356180677049974192_256.cache
[2014/03/21 04:45:18 | 356,088,312 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/03/19 13:14:54 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/19 11:19:52 | 000,006,918 | ---- | M] () -- C:\Users\ALR4life\Desktop\w7-msiserver.reg
[2014/03/19 05:44:29 | 000,003,591 | ---- | M] () -- C:\Users\ALR4life\Desktop\Msirepair.reg

========== Files Created - No Company Name ==========

[2014/04/17 06:26:42 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/04/17 06:26:10 | 000,208,928 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/04/17 06:26:09 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/04/16 11:47:09 | 000,468,480 | ---- | C] () -- C:\Users\ALR4life\Desktop\CKScanner.exe
[2014/04/16 09:01:46 | 000,444,471 | ---- | C] () -- C:\Users\ALR4life\Desktop\IMG434.jpg
[2014/04/11 03:24:32 | 000,000,116 | RH-- | C] () -- C:\Users\ALR4life\Desktop\Stinger.opt
[2014/04/11 03:19:30 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/04/11 03:16:52 | 024,677,393 | ---- | C] () -- C:\Users\ALR4life\Desktop\vlc-2.1.3-win32.exe
[2014/04/10 12:09:43 | 000,156,360 | ---- | C] () -- C:\Windows\SysNative\drivers\ESETOlmarikOlmascoCleaner.sys
[2014/03/30 22:38:44 | 000,001,223 | ---- | C] () -- C:\Users\Public\Desktop\iCare Data Recovery Software.lnk
[2014/03/30 19:24:23 | 002,469,824 | ---- | C] () -- C:\Users\ALR4life\Desktop\AdobeDownloadAssistant.exe
[2014/03/30 02:53:16 | 000,001,228 | ---- | C] () -- C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 7.5.lnk
[2014/03/28 15:13:51 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/26 16:22:02 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_ALR4life.job
[2014/03/26 16:22:02 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_ALR4life.job
[2014/03/26 16:22:02 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_ALR4life.job
[2014/03/26 08:36:06 | 000,003,216 | ---- | C] () -- C:\Users\ALR4life\Documents\-6356180677049974192_256.cache
[2014/03/21 04:45:17 | 356,088,312 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/03/16 23:56:06 | 029,873,626 | ---- | C] () -- C:\Users\ALR4life\Cute Hot Babe Whore Gets 2 - Porn Video.mp4
[2014/03/16 23:55:15 | 000,001,043 | ---- | C] () -- C:\Users\ALR4life\Burgler_s_Enjoying_Young_Girls_2035936 - Shortcut.lnk
[2014/03/16 23:55:11 | 000,000,988 | ---- | C] () -- C:\Users\ALR4life\Cherry_Busters_1985_2048385 - Shortcut.lnk
[2014/03/16 23:27:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/03/16 23:27:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/03/16 23:27:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/03/16 23:27:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/03/16 23:27:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/03/05 21:39:04 | 000,007,599 | ---- | C] () -- C:\Users\ALR4life\AppData\Local\Resmon.ResmonCfg
[2014/03/03 06:38:34 | 000,001,097 | ---- | C] () -- C:\Users\ALR4life\Documents - Shortcut.lnk
[2013/12/02 14:07:12 | 000,000,218 | ---- | C] () -- C:\Users\ALR4life\AppData\Local\recently-used.xbel
[2013/11/14 20:21:44 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013/11/08 05:07:36 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/10/03 14:55:28 | 000,000,790 | ---- | C] () -- C:\Users\ALR4life\AppData\Roaming\wklnhst.dat
[2013/08/26 07:35:37 | 000,253,952 | ---- | C] () -- C:\Windows\msfxinfz.dat
[2013/06/18 22:58:51 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/18 22:41:25 | 000,000,632 | RHS- | C] () -- C:\Users\ALR4life\ntuser.pol
[2013/06/18 13:38:02 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013/06/18 13:38:02 | 000,002,411 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013/06/12 07:31:07 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2013/06/12 07:27:38 | 000,000,268 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2013/06/12 07:27:38 | 000,000,209 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/06/18 22:59:31 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\.minecraft
[2014/03/31 02:21:29 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Audacity
[2014/04/17 06:44:37 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\AVAST Software
[2013/06/15 17:41:22 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Dextronet
[2014/04/18 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Dropbox
[2014/04/03 11:11:35 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\DropboxMaster
[2013/11/24 10:38:01 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Eendsoft
[2013/07/18 09:23:39 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\EscSoft
[2013/06/15 17:28:43 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\FreePriceAlerts
[2013/08/10 11:42:40 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\muvee Technologies
[2014/02/16 03:16:11 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Opera Software
[2013/07/15 11:11:36 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Oracle
[2013/06/12 07:00:20 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\PictureMover
[2013/07/28 22:41:16 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Python-Eggs
[2013/10/24 00:18:41 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Samsung
[2013/06/18 23:20:46 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\SketchUp
[2013/10/03 14:55:30 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Template
[2014/02/16 03:16:13 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Thunderbird
[2013/06/27 09:00:04 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\Tific
[2013/11/14 20:29:09 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\VSRevoGroup
[2013/07/18 09:49:09 | 000,000,000 | ---D | M] -- C:\Users\ALR4life\AppData\Roaming\WindSolutions

========== Purity Check ==========



< End of report >
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby amandarutledge » April 18th, 2014, 1:19 am

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
1753 large file records processed.

0 bad file records processed.

0 EA records processed.

60 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
34249 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
The Volume Bitmap is incorrect.
Windows found problems with the file system.
Run CHKDSK with the /F (fix) option to correct these.

297592831 KB total disk space.
97744716 KB in 168704 files.
99940 KB in 34250 indexes.
0 KB in bad sectors.
537187 KB in use by the system.
65536 KB occupied by the log file.
199210988 KB available on disk.

4096 bytes in each allocation unit.
74398207 total allocation units on disk.
49802747 allocation units available on disk.
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby askey127 » April 18th, 2014, 7:18 am

Amanda,
Tell me how it's behaving when you get a chance.
The checkdisk result was good. That bitmap error noted is false - a bug in NTFS reporting.

Need to double check for a rootkit.
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Right Click on TDSSKiller.exe and select "Run as administrator" to run the tool for known TDSS variants.
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
    If you try to change the filename and extension, you may get a warning message from Windows because of the change of file extension. OK the change.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected...
    • let it cure anything it fnds ( except SPTD.SYS or anything detected as UnsignedFile.Multi.Generic, which should be unchecked/ignored) & then choose reboot.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
    (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: please help my computer

Unread postby amandarutledge » April 19th, 2014, 8:59 pm

Ionly ran the scan once but there are 2 files with the same date time stamp one is a lot longer than the other. i will post one in this reply and one in the next reply.
19:44:49.0836 0x0f78 TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
19:44:54.0413 0x0f78 ============================================================
19:44:54.0413 0x0f78 Current date / time: 2014/04/19 19:44:54.0413
19:44:54.0413 0x0f78 SystemInfo:
19:44:54.0414 0x0f78
19:44:54.0414 0x0f78 OS Version: 6.1.7601 ServicePack: 1.0
19:44:54.0414 0x0f78 Product type: Workstation
19:44:54.0414 0x0f78 ComputerName: ALR4LIFE-PC
19:44:54.0416 0x0f78 UserName: ALR4life
19:44:54.0416 0x0f78 Windows directory: C:\Windows
19:44:54.0416 0x0f78 System windows directory: C:\Windows
19:44:54.0416 0x0f78 Running under WOW64
19:44:54.0416 0x0f78 Processor architecture: Intel x64
19:44:54.0416 0x0f78 Number of processors: 2
19:44:54.0416 0x0f78 Page size: 0x1000
19:44:54.0416 0x0f78 Boot type: Normal boot
19:44:54.0416 0x0f78 ============================================================
19:44:54.0837 0x0f78 KLMD registered as C:\Windows\system32\drivers\68603713.sys
19:44:55.0086 0x0f78 System UUID: {D5836F58-040D-BBF0-D504-08236AB5F8B3}
19:44:55.0757 0x0f78 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:44:55.0765 0x0f78 ============================================================
19:44:55.0765 0x0f78 \Device\Harddisk0\DR0:
19:44:55.0765 0x0f78 MBR partitions:
19:44:55.0765 0x0f78 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:44:55.0765 0x0f78 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2379D000
19:44:55.0765 0x0f78 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23801000, BlocksNum 0x1BF9800
19:44:55.0765 0x0f78 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
19:44:55.0765 0x0f78 ============================================================
19:44:55.0791 0x0f78 C: <-> \Device\Harddisk0\DR0\Partition2
19:44:55.0840 0x0f78 D: <-> \Device\Harddisk0\DR0\Partition3
19:44:55.0849 0x0f78 E: <-> \Device\Harddisk0\DR0\Partition4
19:44:55.0849 0x0f78 ============================================================
19:44:55.0849 0x0f78 Initialize success
19:44:55.0849 0x0f78 ============================================================
19:45:00.0124 0x1438 Deinitialize success
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby amandarutledge » April 19th, 2014, 9:00 pm

19:45:07.0878 0x10e0 TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
19:45:10.0795 0x10e0 ============================================================
19:45:10.0795 0x10e0 Current date / time: 2014/04/19 19:45:10.0795
19:45:10.0795 0x10e0 SystemInfo:
19:45:10.0795 0x10e0
19:45:10.0795 0x10e0 OS Version: 6.1.7601 ServicePack: 1.0
19:45:10.0795 0x10e0 Product type: Workstation
19:45:10.0795 0x10e0 ComputerName: ALR4LIFE-PC
19:45:10.0795 0x10e0 UserName: ALR4life
19:45:10.0795 0x10e0 Windows directory: C:\Windows
19:45:10.0795 0x10e0 System windows directory: C:\Windows
19:45:10.0795 0x10e0 Running under WOW64
19:45:10.0795 0x10e0 Processor architecture: Intel x64
19:45:10.0795 0x10e0 Number of processors: 2
19:45:10.0795 0x10e0 Page size: 0x1000
19:45:10.0795 0x10e0 Boot type: Normal boot
19:45:10.0795 0x10e0 ============================================================
19:45:11.0200 0x10e0 KLMD registered as C:\Windows\system32\drivers\92772834.sys
19:45:11.0356 0x10e0 System UUID: {D5836F58-040D-BBF0-D504-08236AB5F8B3}
19:45:11.0840 0x10e0 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:45:11.0856 0x10e0 ============================================================
19:45:11.0856 0x10e0 \Device\Harddisk0\DR0:
19:45:11.0856 0x10e0 MBR partitions:
19:45:11.0856 0x10e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:45:11.0856 0x10e0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2379D000
19:45:11.0856 0x10e0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23801000, BlocksNum 0x1BF9800
19:45:11.0856 0x10e0 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
19:45:11.0856 0x10e0 ============================================================
19:45:11.0887 0x10e0 C: <-> \Device\Harddisk0\DR0\Partition2
19:45:11.0934 0x10e0 D: <-> \Device\Harddisk0\DR0\Partition3
19:45:11.0934 0x10e0 E: <-> \Device\Harddisk0\DR0\Partition4
19:45:11.0934 0x10e0 ============================================================
19:45:11.0934 0x10e0 Initialize success
19:45:11.0934 0x10e0 ============================================================
19:45:16.0083 0x11d8 ============================================================
19:45:16.0083 0x11d8 Scan started
19:45:16.0083 0x11d8 Mode: Manual;
19:45:16.0083 0x11d8 ============================================================
19:45:16.0083 0x11d8 KSN ping started
19:45:18.0938 0x11d8 KSN ping finished: true
19:45:19.0671 0x11d8 ================ Scan system memory ========================
19:45:19.0671 0x11d8 System memory - ok
19:45:19.0671 0x11d8 ================ Scan services =============================
19:45:19.0874 0x11d8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:45:19.0890 0x11d8 1394ohci - ok
19:45:19.0936 0x11d8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:45:19.0952 0x11d8 ACPI - ok
19:45:19.0983 0x11d8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:45:19.0983 0x11d8 AcpiPmi - ok
19:45:20.0046 0x11d8 AdobeARMservice - ok
19:45:21.0216 0x11d8 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:45:21.0231 0x11d8 AdobeFlashPlayerUpdateSvc - ok
19:45:21.0278 0x11d8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:45:21.0309 0x11d8 adp94xx - ok
19:45:21.0340 0x11d8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:45:21.0356 0x11d8 adpahci - ok
19:45:21.0372 0x11d8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:45:21.0387 0x11d8 adpu320 - ok
19:45:21.0418 0x11d8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:45:21.0418 0x11d8 AeLookupSvc - ok
19:45:21.0481 0x11d8 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:45:21.0496 0x11d8 AERTFilters - ok
19:45:21.0559 0x11d8 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
19:45:21.0574 0x11d8 AFD - ok
19:45:21.0652 0x11d8 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
19:45:21.0730 0x11d8 AgereSoftModem - ok
19:45:21.0777 0x11d8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:45:21.0777 0x11d8 agp440 - ok
19:45:21.0808 0x11d8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:45:21.0808 0x11d8 ALG - ok
19:45:21.0840 0x11d8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:45:21.0840 0x11d8 aliide - ok
19:45:21.0871 0x11d8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:45:21.0871 0x11d8 amdide - ok
19:45:21.0902 0x11d8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:45:21.0902 0x11d8 AmdK8 - ok
19:45:21.0933 0x11d8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:45:21.0933 0x11d8 AmdPPM - ok
19:45:21.0964 0x11d8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:45:21.0980 0x11d8 amdsata - ok
19:45:22.0011 0x11d8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:45:22.0011 0x11d8 amdsbs - ok
19:45:22.0058 0x11d8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:45:22.0058 0x11d8 amdxata - ok
19:45:22.0089 0x11d8 [ 48CD7E6520D47D62EAB0E6CE3EC30C65, D5E6206081202A005888F6F576DDE37C1EE973D7FD155B6C41C7BFE07DEE61F8 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
19:45:22.0089 0x11d8 Andbus - ok
19:45:22.0152 0x11d8 [ 08CBACC00D15DCDBBAAE1A7C8F231C61, E713CA0A7A1DC50408004523FC91149CB99AF443E511D00899244AA7C5D1E0EC ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
19:45:22.0152 0x11d8 AndDiag - ok
19:45:22.0167 0x11d8 [ CEA9A4CD6B3A83428CE8501240833668, B382AD9E0D5CBB057D64C505A6E1A1A1C3769C83981C60F4EDF966D7BB13A459 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
19:45:22.0167 0x11d8 AndGps - ok
19:45:22.0183 0x11d8 [ E2B5663E547FA5E756B253EFA8EC8286, 78FC406BF15615A6BA9AF9CDC49AC0B8EE7F54628BDB1B1FF8596AB2C65E5925 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
19:45:22.0183 0x11d8 ANDModem - ok
19:45:22.0245 0x11d8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
19:45:22.0261 0x11d8 AppID - ok
19:45:22.0292 0x11d8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:45:22.0292 0x11d8 AppIDSvc - ok
19:45:22.0339 0x11d8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:45:22.0339 0x11d8 Appinfo - ok
19:45:22.0370 0x11d8 Apple Mobile Device - ok
19:45:22.0432 0x11d8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:45:22.0432 0x11d8 arc - ok
19:45:22.0464 0x11d8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:45:22.0464 0x11d8 arcsas - ok
19:45:22.0573 0x11d8 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:45:22.0588 0x11d8 aspnet_state - ok
19:45:22.0620 0x11d8 [ 8BE618EB795A87DBFD1E09DA63F009C7, 87443A8DB2B4CA4CCA280E0BBB3EAFBD218F7B0B6485C304CAA6B0BFDCBEB3EC ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:45:22.0620 0x11d8 aswMonFlt - ok
19:45:22.0635 0x11d8 [ D4259F75734EBCC8D815753B09EB2F0A, 93E06432F3E74B4CE606F4BECB80D11580FB72832630164427F36BD62C467103 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
19:45:22.0651 0x11d8 aswRdr - ok
19:45:22.0682 0x11d8 [ 8D4B8BF93C65BDBC133B20706A3B5208, BBCC103F722434DE38FD4D3DF8D543478405E139C5923B0EDFBA80A6C2762AB2 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:45:22.0682 0x11d8 aswRvrt - ok
19:45:22.0760 0x11d8 [ AA0D1B47BE967E1E17301DDFB66C432C, 0283A503D9875C7D51288FAD28BC3F44E4637EDBBBFD968E51D4D505E3AE97B1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:45:22.0822 0x11d8 aswSnx - ok
19:45:22.0854 0x11d8 [ 15C6B7D20EE0E44A4DF82183A89CCFC2, 8CCE561CF25A6ED686DDD15C6041B29A82EF52247AFAD937EA5ADBA61C6A18AF ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:45:22.0869 0x11d8 aswSP - ok
19:45:22.0885 0x11d8 [ 81FA56F29440406A7264CBD7B1C7CB29, 704FAC64596D949C2F83AEE9E3B235CB3E9240EEF310361691CB213A30341141 ] aswStm C:\Windows\system32\drivers\aswStm.sys
19:45:22.0885 0x11d8 aswStm - ok
19:45:22.0900 0x11d8 [ 0606875650850B0697D662934529F6FC, BC0D7B83888F88966F2DFC0BC26D038290FFBA83079DC7C3B67272557DA3E25D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:45:22.0916 0x11d8 aswVmm - ok
19:45:22.0932 0x11d8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:45:22.0932 0x11d8 AsyncMac - ok
19:45:22.0963 0x11d8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:45:22.0963 0x11d8 atapi - ok
19:45:23.0041 0x11d8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:45:23.0119 0x11d8 AudioEndpointBuilder - ok
19:45:23.0134 0x11d8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:45:23.0150 0x11d8 AudioSrv - ok
19:45:23.0228 0x11d8 [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:45:23.0228 0x11d8 avast! Antivirus - ok
19:45:23.0291 0x11d8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:45:23.0306 0x11d8 AxInstSV - ok
19:45:23.0353 0x11d8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:45:23.0384 0x11d8 b06bdrv - ok
19:45:23.0431 0x11d8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:45:23.0431 0x11d8 b57nd60a - ok
19:45:23.0509 0x11d8 [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:45:23.0587 0x11d8 BCM43XX - ok
19:45:23.0618 0x11d8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:45:23.0618 0x11d8 BDESVC - ok
19:45:23.0634 0x11d8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:45:23.0634 0x11d8 Beep - ok
19:45:23.0712 0x11d8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:45:23.0759 0x11d8 BFE - ok
19:45:23.0805 0x11d8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:45:23.0852 0x11d8 BITS - ok
19:45:23.0899 0x11d8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:45:23.0899 0x11d8 blbdrive - ok
19:45:23.0961 0x11d8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:45:23.0977 0x11d8 Bonjour Service - ok
19:45:24.0024 0x11d8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:45:24.0024 0x11d8 bowser - ok
19:45:24.0039 0x11d8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:45:24.0039 0x11d8 BrFiltLo - ok
19:45:24.0055 0x11d8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:45:24.0055 0x11d8 BrFiltUp - ok
19:45:24.0086 0x11d8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:45:24.0102 0x11d8 BridgeMP - ok
19:45:24.0117 0x11d8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:45:24.0133 0x11d8 Browser - ok
19:45:24.0149 0x11d8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:45:24.0149 0x11d8 Brserid - ok
19:45:24.0164 0x11d8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:45:24.0180 0x11d8 BrSerWdm - ok
19:45:24.0180 0x11d8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:45:24.0180 0x11d8 BrUsbMdm - ok
19:45:24.0180 0x11d8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:45:24.0195 0x11d8 BrUsbSer - ok
19:45:24.0227 0x11d8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:45:24.0227 0x11d8 BTHMODEM - ok
19:45:24.0258 0x11d8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:45:24.0258 0x11d8 bthserv - ok
19:45:24.0289 0x11d8 catchme - ok
19:45:24.0305 0x11d8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:45:24.0305 0x11d8 cdfs - ok
19:45:24.0367 0x11d8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:45:24.0383 0x11d8 cdrom - ok
19:45:24.0429 0x11d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:45:24.0429 0x11d8 CertPropSvc - ok
19:45:24.0445 0x11d8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:45:24.0445 0x11d8 circlass - ok
19:45:24.0476 0x11d8 [ FF60401F1C659CA2ED4BAE85D3FD14DA, 71EEA0078E1545A2F80B0020BE7113843B713DE1A5CC20D9810BD9F3889A4DB0 ] CISVC C:\Windows\system32\CISVC.EXE
19:45:24.0476 0x11d8 CISVC - ok
19:45:24.0507 0x11d8 cleanhlp - ok
19:45:24.0523 0x11d8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:45:24.0554 0x11d8 CLFS - ok
19:45:24.0601 0x11d8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:45:24.0601 0x11d8 clr_optimization_v2.0.50727_32 - ok
19:45:24.0617 0x11d8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:45:24.0617 0x11d8 clr_optimization_v2.0.50727_64 - ok
19:45:24.0710 0x11d8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:45:24.0741 0x11d8 clr_optimization_v4.0.30319_32 - ok
19:45:24.0773 0x11d8 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:45:24.0804 0x11d8 clr_optimization_v4.0.30319_64 - ok
19:45:24.0835 0x11d8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:45:24.0835 0x11d8 CmBatt - ok
19:45:24.0866 0x11d8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:45:24.0866 0x11d8 cmdide - ok
19:45:24.0929 0x11d8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
19:45:24.0960 0x11d8 CNG - ok
19:45:24.0991 0x11d8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:45:24.0991 0x11d8 Compbatt - ok
19:45:25.0022 0x11d8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:45:25.0022 0x11d8 CompositeBus - ok
19:45:25.0038 0x11d8 COMSysApp - ok
19:45:25.0069 0x11d8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:45:25.0069 0x11d8 crcdisk - ok
19:45:25.0147 0x11d8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:45:25.0147 0x11d8 CryptSvc - ok
19:45:25.0209 0x11d8 [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
19:45:25.0209 0x11d8 dc3d - ok
19:45:25.0287 0x11d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:45:25.0350 0x11d8 DcomLaunch - ok
19:45:25.0381 0x11d8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:45:25.0397 0x11d8 defragsvc - ok
19:45:25.0443 0x11d8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:45:25.0443 0x11d8 DfsC - ok
19:45:25.0475 0x11d8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:45:25.0490 0x11d8 Dhcp - ok
19:45:25.0490 0x11d8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:45:25.0506 0x11d8 discache - ok
19:45:25.0521 0x11d8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:45:25.0521 0x11d8 Disk - ok
19:45:25.0584 0x11d8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:45:25.0584 0x11d8 Dnscache - ok
19:45:25.0646 0x11d8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:45:25.0646 0x11d8 dot3svc - ok
19:45:25.0693 0x11d8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:45:25.0709 0x11d8 DPS - ok
19:45:25.0740 0x11d8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:45:25.0740 0x11d8 drmkaud - ok
19:45:25.0818 0x11d8 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:45:25.0880 0x11d8 DXGKrnl - ok
19:45:25.0927 0x11d8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:45:25.0943 0x11d8 EapHost - ok
19:45:26.0083 0x11d8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:45:26.0239 0x11d8 ebdrv - ok
19:45:26.0286 0x11d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
19:45:26.0301 0x11d8 EFS - ok
19:45:26.0395 0x11d8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:45:26.0426 0x11d8 ehRecvr - ok
19:45:26.0457 0x11d8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:45:26.0457 0x11d8 ehSched - ok
19:45:26.0504 0x11d8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:45:26.0520 0x11d8 elxstor - ok
19:45:26.0567 0x11d8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:45:26.0567 0x11d8 ErrDev - ok
19:45:26.0629 0x11d8 [ 7029424F0F72B1E9912FA42786ED98A9, 8D70E4302991E0174F0C4658BB793A88DFC121F1858127B903B3E2E01DEECA7F ] ESETOlmarikOlmascoCleaner C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys
19:45:26.0645 0x11d8 ESETOlmarikOlmascoCleaner - ok
19:45:26.0691 0x11d8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:45:26.0707 0x11d8 EventSystem - ok
19:45:26.0738 0x11d8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:45:26.0754 0x11d8 exfat - ok
19:45:26.0769 0x11d8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:45:26.0769 0x11d8 fastfat - ok
19:45:26.0832 0x11d8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:45:26.0863 0x11d8 Fax - ok
19:45:26.0879 0x11d8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:45:26.0894 0x11d8 fdc - ok
19:45:26.0910 0x11d8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:45:26.0925 0x11d8 fdPHost - ok
19:45:26.0925 0x11d8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:45:26.0941 0x11d8 FDResPub - ok
19:45:26.0941 0x11d8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:45:26.0941 0x11d8 FileInfo - ok
19:45:26.0957 0x11d8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:45:26.0957 0x11d8 Filetrace - ok
19:45:26.0972 0x11d8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:45:26.0972 0x11d8 flpydisk - ok
19:45:27.0019 0x11d8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:45:27.0050 0x11d8 FltMgr - ok
19:45:27.0144 0x11d8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
19:45:27.0191 0x11d8 FontCache - ok
19:45:27.0237 0x11d8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:45:27.0237 0x11d8 FontCache3.0.0.0 - ok
19:45:27.0253 0x11d8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:45:27.0253 0x11d8 FsDepends - ok
19:45:27.0300 0x11d8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:45:27.0300 0x11d8 Fs_Rec - ok
19:45:27.0347 0x11d8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:45:27.0362 0x11d8 fvevol - ok
19:45:27.0393 0x11d8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:45:27.0393 0x11d8 gagp30kx - ok
19:45:27.0440 0x11d8 [ E53EE18A21C025DEABCFE0F72FC481BB, 4725BEA1AACDCEA8E2EF45DB6385BBD0261DD89D5582647355D8762DB1447743 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:45:27.0456 0x11d8 GameConsoleService - ok
19:45:27.0503 0x11d8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:45:27.0503 0x11d8 GEARAspiWDM - ok
19:45:27.0565 0x11d8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:45:27.0596 0x11d8 gpsvc - ok
19:45:27.0627 0x11d8 gupdate - ok
19:45:27.0627 0x11d8 gupdatem - ok
19:45:27.0674 0x11d8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:45:27.0674 0x11d8 gusvc - ok
19:45:27.0690 0x11d8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:45:27.0705 0x11d8 hcw85cir - ok
19:45:27.0737 0x11d8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:45:27.0768 0x11d8 HdAudAddService - ok
19:45:27.0768 0x11d8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:45:27.0783 0x11d8 HDAudBus - ok
19:45:27.0799 0x11d8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:45:27.0799 0x11d8 HidBatt - ok
19:45:27.0815 0x11d8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:45:27.0830 0x11d8 HidBth - ok
19:45:27.0830 0x11d8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:45:27.0846 0x11d8 HidIr - ok
19:45:27.0861 0x11d8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
19:45:27.0861 0x11d8 hidserv - ok
19:45:27.0908 0x11d8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:45:27.0924 0x11d8 HidUsb - ok
19:45:27.0939 0x11d8 HitmanProScheduler - ok
19:45:27.0986 0x11d8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:45:27.0986 0x11d8 hkmsvc - ok
19:45:28.0033 0x11d8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:45:28.0064 0x11d8 HomeGroupListener - ok
19:45:28.0111 0x11d8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:45:28.0127 0x11d8 HomeGroupProvider - ok
19:45:28.0189 0x11d8 [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:45:28.0205 0x11d8 HP Support Assistant Service - ok
19:45:28.0251 0x11d8 [ 03431817C7236371433D3C860810FE8A, 733D2CEB292C638FCF62B65CDD0DD5D90D58CD2290CFE052769CB51E1EC6D062 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:45:28.0251 0x11d8 HPDrvMntSvc.exe - ok
19:45:28.0361 0x11d8 [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:45:28.0407 0x11d8 hpqwmiex - ok
19:45:28.0454 0x11d8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:45:28.0470 0x11d8 HpSAMD - ok
19:45:28.0517 0x11d8 [ F630DD7564EBB7248A13B1CC774D9EA6, 53BDFDB7177606DCBB5098A417542F181487227FB73C5C93BE1275752D2C002A ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
19:45:28.0517 0x11d8 HPWMISVC - ok
19:45:28.0563 0x11d8 [ 88C43BDA9CF964600F6DF07F7C52452C, BBCA3204A6CAA095AE5FB2D07019632DE45B201532077B7BE5AAA2884D9056DD ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
19:45:28.0563 0x11d8 HssDRV6 - ok
19:45:28.0657 0x11d8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:45:28.0688 0x11d8 HTTP - ok
19:45:28.0719 0x11d8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:45:28.0719 0x11d8 hwpolicy - ok
19:45:28.0766 0x11d8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:45:28.0782 0x11d8 i8042prt - ok
19:45:28.0829 0x11d8 [ BE7D72FCF442C26975942007E0831241, A0FD29B3D1A1278787F8B3FBE7EC3216AAF328467974A6D90752639BB44DCD84 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:45:28.0829 0x11d8 iaStor - ok
19:45:28.0875 0x11d8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:45:28.0891 0x11d8 iaStorV - ok
19:45:28.0985 0x11d8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:45:29.0047 0x11d8 idsvc - ok
19:45:29.0078 0x11d8 IEEtwCollectorService - ok
19:45:29.0421 0x11d8 [ 898AB5BFED7040D7AB07AF01885EB944, 72B140D6A62A8AF9439FA7061D8014EE7D1D49EC9EE6524881749A7C85926721 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:45:29.0765 0x11d8 igfx - ok
19:45:29.0811 0x11d8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:45:29.0811 0x11d8 iirsp - ok
19:45:29.0874 0x11d8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:45:29.0905 0x11d8 IKEEXT - ok
19:45:30.0030 0x11d8 [ D311E2DD59A34079D89C249B2A4D9FDB, F2DB1DBD5619A48545434983DDB5260A610F22B37E1D81720B688FEF95C9AD07 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:45:30.0139 0x11d8 IntcAzAudAddService - ok
19:45:30.0186 0x11d8 [ CFC68CA36A63637E8CA69669EE3693DA, AC30892868E0D0AC5C3E6309AB71A5C3C07460DCAE4DC03DD811FC208B2E6FC9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
19:45:30.0186 0x11d8 IntcHdmiAddService - ok
19:45:30.0217 0x11d8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:45:30.0217 0x11d8 intelide - ok
19:45:30.0248 0x11d8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:45:30.0248 0x11d8 intelppm - ok
19:45:30.0279 0x11d8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:45:30.0279 0x11d8 IPBusEnum - ok
19:45:30.0326 0x11d8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:45:30.0326 0x11d8 IpFilterDriver - ok
19:45:30.0420 0x11d8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:45:30.0451 0x11d8 iphlpsvc - ok
19:45:30.0498 0x11d8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:45:30.0498 0x11d8 IPMIDRV - ok
19:45:30.0513 0x11d8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:45:30.0529 0x11d8 IPNAT - ok
19:45:30.0529 0x11d8 iPod Service - ok
19:45:30.0560 0x11d8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:45:30.0560 0x11d8 IRENUM - ok
19:45:30.0576 0x11d8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:45:30.0576 0x11d8 isapnp - ok
19:45:30.0623 0x11d8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:45:30.0638 0x11d8 iScsiPrt - ok
19:45:30.0654 0x11d8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:45:30.0669 0x11d8 kbdclass - ok
19:45:30.0685 0x11d8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:45:30.0685 0x11d8 kbdhid - ok
19:45:30.0701 0x11d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
19:45:30.0701 0x11d8 KeyIso - ok
19:45:30.0747 0x11d8 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:45:30.0747 0x11d8 KSecDD - ok
19:45:30.0794 0x11d8 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:45:30.0810 0x11d8 KSecPkg - ok
19:45:30.0825 0x11d8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:45:30.0825 0x11d8 ksthunk - ok
19:45:30.0872 0x11d8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:45:30.0903 0x11d8 KtmRm - ok
19:45:30.0966 0x11d8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:45:30.0997 0x11d8 LanmanServer - ok
19:45:31.0044 0x11d8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:45:31.0059 0x11d8 LanmanWorkstation - ok
19:45:31.0340 0x11d8 [ 6DAAFFE9807B65E7CFA729974F844D1C, A25999C07264BEF7E1D0B93E56CE0F89FE0C28CE1AC4BD321C0B59CBF26B7E4D ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
19:45:31.0605 0x11d8 LeapFrog Connect Device Service - ok
19:45:31.0652 0x11d8 LightScribeService - ok
19:45:31.0668 0x11d8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:45:31.0668 0x11d8 lltdio - ok
19:45:31.0683 0x11d8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:45:31.0699 0x11d8 lltdsvc - ok
19:45:31.0715 0x11d8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:45:31.0730 0x11d8 lmhosts - ok
19:45:31.0746 0x11d8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:45:31.0761 0x11d8 LSI_FC - ok
19:45:31.0761 0x11d8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:45:31.0777 0x11d8 LSI_SAS - ok
19:45:31.0777 0x11d8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:45:31.0793 0x11d8 LSI_SAS2 - ok
19:45:31.0808 0x11d8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:45:31.0808 0x11d8 LSI_SCSI - ok
19:45:31.0824 0x11d8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:45:31.0839 0x11d8 luafv - ok
19:45:31.0871 0x11d8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:45:31.0871 0x11d8 Mcx2Svc - ok
19:45:31.0886 0x11d8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:45:31.0886 0x11d8 megasas - ok
19:45:31.0917 0x11d8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:45:31.0933 0x11d8 MegaSR - ok
19:45:31.0980 0x11d8 [ 2DA1B2DD0B7395292582113FFAFF1A09, 91A5FB5E35026DAD4DD8F65D5BE54DEE7B71CAEEA651B87BBA924053C1D17549 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
19:45:32.0011 0x11d8 mfehidk - ok
19:45:32.0042 0x11d8 [ 6FB5ACE08DC6136EC41FC3E3D11F6FC3, 32822E4250CD3B2BA52CF468D4D72F16F9FDD1C90D1CF7E5EA91D92311C820EB ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
19:45:32.0042 0x11d8 mferkdet - ok
19:45:32.0058 0x11d8 [ 42EB23142C60C914CF1F652F1303F7B2, 5E3056D75118C2E3C3D3E086AB0B05BEEE32ECBB74010C6562BC5DC2E4015C06 ] mfevtp C:\Windows\system32\mfevtps.exe
19:45:32.0073 0x11d8 mfevtp - ok
19:45:32.0089 0x11d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:45:32.0089 0x11d8 MMCSS - ok
19:45:32.0105 0x11d8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:45:32.0120 0x11d8 Modem - ok
19:45:32.0120 0x11d8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:45:32.0120 0x11d8 monitor - ok
19:45:32.0151 0x11d8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:45:32.0151 0x11d8 mouclass - ok
19:45:32.0183 0x11d8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:45:32.0183 0x11d8 mouhid - ok
19:45:32.0229 0x11d8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:45:32.0229 0x11d8 mountmgr - ok
19:45:32.0276 0x11d8 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:45:32.0292 0x11d8 MozillaMaintenance - ok
19:45:32.0339 0x11d8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:45:32.0339 0x11d8 mpio - ok
19:45:32.0370 0x11d8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:45:32.0385 0x11d8 mpsdrv - ok
19:45:32.0463 0x11d8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:45:32.0541 0x11d8 MpsSvc - ok
19:45:32.0557 0x11d8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:45:32.0573 0x11d8 MRxDAV - ok
19:45:32.0619 0x11d8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:45:32.0619 0x11d8 mrxsmb - ok
19:45:32.0666 0x11d8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:45:32.0697 0x11d8 mrxsmb10 - ok
19:45:32.0729 0x11d8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:45:32.0729 0x11d8 mrxsmb20 - ok
19:45:32.0760 0x11d8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:45:32.0760 0x11d8 msahci - ok
19:45:32.0775 0x11d8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:45:32.0775 0x11d8 msdsm - ok
19:45:32.0807 0x11d8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:45:32.0807 0x11d8 MSDTC - ok
19:45:32.0838 0x11d8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:45:32.0838 0x11d8 Msfs - ok
19:45:32.0853 0x11d8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:45:32.0853 0x11d8 mshidkmdf - ok
19:45:32.0869 0x11d8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:45:32.0869 0x11d8 msisadrv - ok
19:45:32.0916 0x11d8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:45:32.0916 0x11d8 MSiSCSI - ok
19:45:32.0931 0x11d8 msiserver - ok
19:45:32.0947 0x11d8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:45:32.0947 0x11d8 MSKSSRV - ok
19:45:32.0963 0x11d8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:45:32.0963 0x11d8 MSPCLOCK - ok
19:45:32.0978 0x11d8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:45:32.0978 0x11d8 MSPQM - ok
19:45:33.0009 0x11d8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:45:33.0025 0x11d8 MsRPC - ok
19:45:33.0072 0x11d8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:45:33.0087 0x11d8 mssmbios - ok
19:45:33.0087 0x11d8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:45:33.0087 0x11d8 MSTEE - ok
19:45:33.0103 0x11d8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:45:33.0103 0x11d8 MTConfig - ok
19:45:33.0119 0x11d8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:45:33.0119 0x11d8 Mup - ok
19:45:33.0181 0x11d8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:45:33.0212 0x11d8 napagent - ok
19:45:33.0259 0x11d8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:45:33.0275 0x11d8 NativeWifiP - ok
19:45:33.0368 0x11d8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:45:33.0415 0x11d8 NDIS - ok
19:45:33.0415 0x11d8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:45:33.0431 0x11d8 NdisCap - ok
19:45:33.0446 0x11d8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:45:33.0446 0x11d8 NdisTapi - ok
19:45:33.0477 0x11d8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:45:33.0477 0x11d8 Ndisuio - ok
19:45:33.0524 0x11d8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:45:33.0540 0x11d8 NdisWan - ok
19:45:33.0571 0x11d8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:45:33.0571 0x11d8 NDProxy - ok
19:45:33.0587 0x11d8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:45:33.0587 0x11d8 NetBIOS - ok
19:45:33.0602 0x11d8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:45:33.0618 0x11d8 NetBT - ok
19:45:33.0633 0x11d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
19:45:33.0633 0x11d8 Netlogon - ok
19:45:33.0680 0x11d8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:45:33.0696 0x11d8 Netman - ok
19:45:33.0743 0x11d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:33.0758 0x11d8 NetMsmqActivator - ok
19:45:33.0758 0x11d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:33.0774 0x11d8 NetPipeActivator - ok
19:45:33.0789 0x11d8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:45:33.0821 0x11d8 netprofm - ok
19:45:33.0836 0x11d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:33.0836 0x11d8 NetTcpActivator - ok
19:45:33.0836 0x11d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:33.0836 0x11d8 NetTcpPortSharing - ok
19:45:34.0055 0x11d8 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
19:45:34.0257 0x11d8 netw5v64 - ok
19:45:34.0289 0x11d8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:45:34.0304 0x11d8 nfrd960 - ok
19:45:34.0351 0x11d8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:45:34.0367 0x11d8 NlaSvc - ok
19:45:34.0382 0x11d8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:45:34.0382 0x11d8 Npfs - ok
19:45:34.0398 0x11d8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:45:34.0398 0x11d8 nsi - ok
19:45:34.0413 0x11d8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:45:34.0429 0x11d8 nsiproxy - ok
19:45:34.0523 0x11d8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:45:34.0601 0x11d8 Ntfs - ok
19:45:34.0616 0x11d8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:45:34.0616 0x11d8 Null - ok
19:45:34.0647 0x11d8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:45:34.0647 0x11d8 nvraid - ok
19:45:34.0679 0x11d8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:45:34.0679 0x11d8 nvstor - ok
19:45:34.0710 0x11d8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:45:34.0725 0x11d8 nv_agp - ok
19:45:34.0819 0x11d8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:45:34.0850 0x11d8 odserv - ok
19:45:34.0897 0x11d8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:45:34.0897 0x11d8 ohci1394 - ok
19:45:34.0913 0x11d8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:45:34.0928 0x11d8 ose - ok
19:45:34.0959 0x11d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:45:34.0975 0x11d8 p2pimsvc - ok
19:45:35.0006 0x11d8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:45:35.0022 0x11d8 p2psvc - ok
19:45:35.0053 0x11d8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:45:35.0069 0x11d8 Parport - ok
19:45:35.0100 0x11d8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:45:35.0100 0x11d8 partmgr - ok
19:45:35.0115 0x11d8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:45:35.0131 0x11d8 PcaSvc - ok
19:45:35.0147 0x11d8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:45:35.0162 0x11d8 pci - ok
19:45:35.0178 0x11d8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:45:35.0193 0x11d8 pciide - ok
19:45:35.0209 0x11d8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:45:35.0225 0x11d8 pcmcia - ok
19:45:35.0225 0x11d8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:45:35.0225 0x11d8 pcw - ok
19:45:35.0256 0x11d8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:45:35.0287 0x11d8 PEAUTH - ok
19:45:35.0349 0x11d8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:45:35.0365 0x11d8 PerfHost - ok
19:45:35.0474 0x11d8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:45:35.0521 0x11d8 pla - ok
19:45:35.0568 0x11d8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:45:35.0583 0x11d8 PlugPlay - ok
19:45:35.0615 0x11d8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:45:35.0615 0x11d8 PNRPAutoReg - ok
19:45:35.0630 0x11d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:45:35.0646 0x11d8 PNRPsvc - ok
19:45:35.0677 0x11d8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:45:35.0693 0x11d8 PolicyAgent - ok
19:45:35.0724 0x11d8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:45:35.0739 0x11d8 Power - ok
19:45:35.0786 0x11d8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:45:35.0786 0x11d8 PptpMiniport - ok
19:45:35.0817 0x11d8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:45:35.0833 0x11d8 Processor - ok
19:45:35.0864 0x11d8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
19:45:35.0880 0x11d8 ProfSvc - ok
19:45:35.0895 0x11d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:45:35.0895 0x11d8 ProtectedStorage - ok
19:45:35.0942 0x11d8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:45:35.0942 0x11d8 Psched - ok
19:45:36.0005 0x11d8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:45:36.0051 0x11d8 ql2300 - ok
19:45:36.0067 0x11d8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:45:36.0083 0x11d8 ql40xx - ok
19:45:36.0114 0x11d8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:45:36.0114 0x11d8 QWAVE - ok
19:45:36.0129 0x11d8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:45:36.0145 0x11d8 QWAVEdrv - ok
19:45:36.0145 0x11d8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:45:36.0161 0x11d8 RasAcd - ok
19:45:36.0176 0x11d8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:45:36.0176 0x11d8 RasAgileVpn - ok
19:45:36.0192 0x11d8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:45:36.0207 0x11d8 RasAuto - ok
19:45:36.0239 0x11d8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:45:36.0254 0x11d8 Rasl2tp - ok
19:45:36.0301 0x11d8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:45:36.0317 0x11d8 RasMan - ok
19:45:36.0332 0x11d8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:45:36.0348 0x11d8 RasPppoe - ok
19:45:36.0363 0x11d8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:45:36.0363 0x11d8 RasSstp - ok
19:45:36.0410 0x11d8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:45:36.0441 0x11d8 rdbss - ok
19:45:36.0457 0x11d8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:45:36.0457 0x11d8 rdpbus - ok
19:45:36.0473 0x11d8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:45:36.0473 0x11d8 RDPCDD - ok
19:45:36.0504 0x11d8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:45:36.0504 0x11d8 RDPENCDD - ok
19:45:36.0519 0x11d8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:45:36.0519 0x11d8 RDPREFMP - ok
19:45:36.0566 0x11d8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:45:36.0582 0x11d8 RDPWD - ok
19:45:36.0629 0x11d8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:45:36.0644 0x11d8 rdyboost - ok
19:45:36.0691 0x11d8 RealNetworks Downloader Resolver Service - ok
19:45:36.0722 0x11d8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:45:36.0722 0x11d8 RemoteAccess - ok
19:45:36.0753 0x11d8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:45:36.0753 0x11d8 RemoteRegistry - ok
19:45:36.0816 0x11d8 RichVideo - ok
19:45:36.0816 0x11d8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:45:36.0831 0x11d8 RpcEptMapper - ok
19:45:36.0847 0x11d8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:45:36.0863 0x11d8 RpcLocator - ok
19:45:36.0909 0x11d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\System32\rpcss.dll
19:45:36.0925 0x11d8 RpcSs - ok
19:45:36.0956 0x11d8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:45:36.0956 0x11d8 rspndr - ok
19:45:36.0987 0x11d8 [ 483DF0B58CA532E5240E59DC41F30AA2, 3A5AC91E5B57B671072A40F38DA1F804ECDE30FB4D9042FB3FE7B7CA10C0D0BC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
19:45:36.0987 0x11d8 RSUSBSTOR - ok
19:45:37.0019 0x11d8 [ 777FC2C418465404E3D8A290DC247D24, D053ABB41B0F859762E4BE724EF4EB9F39B83215BC1C7C02B3BE8F02B2A4B094 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:45:37.0034 0x11d8 RTL8167 - ok
19:45:37.0097 0x11d8 [ 03E0627C26943916A7276AC5306206C7, AC3C3BC767FF66E232D40E16F5F8493311F8A5B17033A939DD3555199989D5A4 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
19:45:37.0159 0x11d8 rtl8192se - ok
19:45:37.0237 0x11d8 [ 4EA7E5DF0CB237156176FA0349E6E87F, 542C5291369009FD9B52B5939E3B55E4CC37056E03815986CA1C1EFCFB52F5D6 ] RtVOsdService C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
19:45:37.0253 0x11d8 RtVOsdService - ok
19:45:37.0268 0x11d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
19:45:37.0284 0x11d8 SamSs - ok
19:45:37.0315 0x11d8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:45:37.0315 0x11d8 sbp2port - ok
19:45:37.0346 0x11d8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:45:37.0346 0x11d8 SCardSvr - ok
19:45:37.0393 0x11d8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:45:37.0409 0x11d8 scfilter - ok
19:45:37.0487 0x11d8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:45:37.0533 0x11d8 Schedule - ok
19:45:37.0565 0x11d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:45:37.0580 0x11d8 SCPolicySvc - ok
19:45:37.0627 0x11d8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
19:45:37.0627 0x11d8 sdbus - ok
19:45:37.0674 0x11d8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:45:37.0689 0x11d8 SDRSVC - ok
19:45:37.0705 0x11d8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:45:37.0705 0x11d8 secdrv - ok
19:45:37.0752 0x11d8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:45:37.0767 0x11d8 seclogon - ok
19:45:37.0783 0x11d8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
19:45:37.0783 0x11d8 SENS - ok
19:45:37.0814 0x11d8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:45:37.0814 0x11d8 SensrSvc - ok
19:45:37.0830 0x11d8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:45:37.0845 0x11d8 Serenum - ok
19:45:37.0845 0x11d8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:45:37.0861 0x11d8 Serial - ok
19:45:37.0892 0x11d8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:45:37.0908 0x11d8 sermouse - ok
19:45:37.0955 0x11d8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:45:37.0970 0x11d8 SessionEnv - ok
19:45:38.0001 0x11d8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:45:38.0001 0x11d8 sffdisk - ok
19:45:38.0017 0x11d8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:45:38.0017 0x11d8 sffp_mmc - ok
19:45:38.0033 0x11d8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:45:38.0033 0x11d8 sffp_sd - ok
19:45:38.0048 0x11d8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:45:38.0048 0x11d8 sfloppy - ok
19:45:38.0095 0x11d8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:45:38.0111 0x11d8 SharedAccess - ok
19:45:38.0173 0x11d8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:45:38.0189 0x11d8 ShellHWDetection - ok
19:45:38.0204 0x11d8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:45:38.0204 0x11d8 SiSRaid2 - ok
19:45:38.0220 0x11d8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:45:38.0220 0x11d8 SiSRaid4 - ok
19:45:38.0251 0x11d8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:45:38.0251 0x11d8 Smb - ok
19:45:38.0298 0x11d8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:45:38.0298 0x11d8 SNMPTRAP - ok
19:45:38.0313 0x11d8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:45:38.0313 0x11d8 spldr - ok
19:45:38.0345 0x11d8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:45:38.0376 0x11d8 Spooler - ok
19:45:38.0532 0x11d8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:45:38.0657 0x11d8 sppsvc - ok
19:45:38.0688 0x11d8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:45:38.0688 0x11d8 sppuinotify - ok
19:45:38.0750 0x11d8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:45:38.0781 0x11d8 srv - ok
19:45:38.0828 0x11d8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:45:38.0844 0x11d8 srv2 - ok
19:45:38.0875 0x11d8 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:45:38.0891 0x11d8 SrvHsfHDA - ok
19:45:38.0953 0x11d8 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:45:39.0015 0x11d8 SrvHsfV92 - ok
19:45:39.0062 0x11d8 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:45:39.0093 0x11d8 SrvHsfWinac - ok
19:45:39.0109 0x11d8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:45:39.0125 0x11d8 srvnet - ok
19:45:39.0125 0x11d8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:45:39.0140 0x11d8 SSDPSRV - ok
19:45:39.0156 0x11d8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:45:39.0171 0x11d8 SstpSvc - ok
19:45:39.0171 0x11d8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:45:39.0187 0x11d8 stexstor - ok
19:45:39.0234 0x11d8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:45:39.0281 0x11d8 stisvc - ok
19:45:39.0327 0x11d8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
19:45:39.0327 0x11d8 swenum - ok
19:45:39.0359 0x11d8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:45:39.0374 0x11d8 swprv - ok
19:45:39.0452 0x11d8 [ 961CFAC2A5318E212F459D651F28E0A4, 4FA1C9E3BD527E3B5AE9268955C48FDE8E75F33C333DC0AE768DAFE1F49D0B1B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:45:39.0499 0x11d8 SynTP - ok
19:45:39.0608 0x11d8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:45:39.0686 0x11d8 SysMain - ok
19:45:39.0733 0x11d8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:45:39.0764 0x11d8 TabletInputService - ok
19:45:39.0795 0x11d8 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
19:45:39.0795 0x11d8 tap0901 - ok
19:45:39.0827 0x11d8 [ 95206567C7CA71A3D485146824224C40, 2687BB34D271E2B8D9D64B5961A0D3B053192CBFCF7BDEE048B3E50C1C38A81F ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
19:45:39.0842 0x11d8 taphss6 - ok
19:45:39.0889 0x11d8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:45:39.0920 0x11d8 TapiSrv - ok
19:45:39.0936 0x11d8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:45:39.0936 0x11d8 TBS - ok
19:45:40.0029 0x11d8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:45:40.0092 0x11d8 Tcpip - ok
19:45:40.0185 0x11d8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:45:40.0217 0x11d8 TCPIP6 - ok
19:45:40.0263 0x11d8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:45:40.0263 0x11d8 tcpipreg - ok
19:45:40.0295 0x11d8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:45:40.0295 0x11d8 TDPIPE - ok
19:45:40.0310 0x11d8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:45:40.0326 0x11d8 TDTCP - ok
19:45:40.0357 0x11d8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:45:40.0373 0x11d8 tdx - ok
19:45:40.0404 0x11d8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
19:45:40.0419 0x11d8 TermDD - ok
19:45:40.0466 0x11d8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
19:45:40.0497 0x11d8 TermService - ok
19:45:40.0560 0x11d8 [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
19:45:40.0560 0x11d8 TFsExDisk - ok
19:45:40.0591 0x11d8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:45:40.0591 0x11d8 Themes - ok
19:45:40.0607 0x11d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:45:40.0622 0x11d8 THREADORDER - ok
19:45:40.0638 0x11d8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:45:40.0638 0x11d8 TrkWks - ok
19:45:40.0669 0x11d8 TrustedInstaller - ok
19:45:40.0700 0x11d8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:45:40.0700 0x11d8 tssecsrv - ok
19:45:40.0747 0x11d8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:45:40.0747 0x11d8 TsUsbFlt - ok
19:45:40.0809 0x11d8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:45:40.0809 0x11d8 tunnel - ok
19:45:40.0841 0x11d8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:45:40.0841 0x11d8 uagp35 - ok
19:45:40.0903 0x11d8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:45:40.0919 0x11d8 udfs - ok
19:45:40.0934 0x11d8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:45:40.0950 0x11d8 UI0Detect - ok
19:45:40.0981 0x11d8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:45:40.0981 0x11d8 uliagpkx - ok
19:45:41.0012 0x11d8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
19:45:41.0012 0x11d8 umbus - ok
19:45:41.0043 0x11d8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:45:41.0043 0x11d8 UmPass - ok
19:45:41.0075 0x11d8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:45:41.0090 0x11d8 upnphost - ok
19:45:41.0153 0x11d8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:45:41.0153 0x11d8 usbaudio - ok
19:45:41.0215 0x11d8 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:45:41.0215 0x11d8 usbccgp - ok
19:45:41.0246 0x11d8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:45:41.0246 0x11d8 usbcir - ok
19:45:41.0293 0x11d8 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:45:41.0293 0x11d8 usbehci - ok
19:45:41.0324 0x11d8 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:45:41.0340 0x11d8 usbhub - ok
19:45:41.0371 0x11d8 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:45:41.0371 0x11d8 usbohci - ok
19:45:41.0402 0x11d8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:45:41.0402 0x11d8 usbprint - ok
19:45:41.0418 0x11d8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:45:41.0418 0x11d8 usbscan - ok
19:45:41.0449 0x11d8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:45:41.0449 0x11d8 USBSTOR - ok
19:45:41.0496 0x11d8 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:45:41.0496 0x11d8 usbuhci - ok
19:45:41.0527 0x11d8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:45:41.0543 0x11d8 usbvideo - ok
19:45:41.0574 0x11d8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:45:41.0589 0x11d8 UxSms - ok
19:45:41.0589 0x11d8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
19:45:41.0589 0x11d8 VaultSvc - ok
19:45:41.0652 0x11d8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:45:41.0667 0x11d8 vdrvroot - ok
19:45:41.0730 0x11d8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:45:41.0761 0x11d8 vds - ok
19:45:41.0792 0x11d8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:45:41.0792 0x11d8 vga - ok
19:45:41.0808 0x11d8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:45:41.0808 0x11d8 VgaSave - ok
19:45:41.0823 0x11d8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:45:41.0839 0x11d8 vhdmp - ok
19:45:41.0855 0x11d8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:45:41.0870 0x11d8 viaide - ok
19:45:41.0870 0x11d8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:45:41.0886 0x11d8 volmgr - ok
19:45:41.0933 0x11d8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:45:41.0948 0x11d8 volmgrx - ok
19:45:41.0979 0x11d8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:45:41.0979 0x11d8 volsnap - ok
19:45:42.0011 0x11d8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:45:42.0011 0x11d8 vsmraid - ok
19:45:42.0135 0x11d8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:45:42.0182 0x11d8 VSS - ok
19:45:42.0213 0x11d8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:45:42.0213 0x11d8 vwifibus - ok
19:45:42.0229 0x11d8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:45:42.0229 0x11d8 vwififlt - ok
19:45:42.0245 0x11d8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:45:42.0245 0x11d8 vwifimp - ok
19:45:42.0276 0x11d8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:45:42.0307 0x11d8 W32Time - ok
19:45:42.0323 0x11d8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:45:42.0323 0x11d8 WacomPen - ok
19:45:42.0338 0x11d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:45:42.0354 0x11d8 WANARP - ok
19:45:42.0369 0x11d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:45:42.0369 0x11d8 Wanarpv6 - ok
19:45:42.0463 0x11d8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:45:42.0525 0x11d8 WatAdminSvc - ok
19:45:42.0619 0x11d8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:45:42.0697 0x11d8 wbengine - ok
19:45:42.0728 0x11d8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:45:42.0728 0x11d8 WbioSrvc - ok
19:45:42.0775 0x11d8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:45:42.0806 0x11d8 wcncsvc - ok
19:45:42.0822 0x11d8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:45:42.0837 0x11d8 WcsPlugInService - ok
19:45:42.0853 0x11d8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:45:42.0853 0x11d8 Wd - ok
19:45:42.0900 0x11d8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:45:42.0931 0x11d8 Wdf01000 - ok
19:45:42.0962 0x11d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:45:42.0962 0x11d8 WdiServiceHost - ok
19:45:42.0962 0x11d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:45:42.0978 0x11d8 WdiSystemHost - ok
19:45:42.0993 0x11d8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
19:45:43.0025 0x11d8 WebClient - ok
19:45:43.0040 0x11d8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:45:43.0056 0x11d8 Wecsvc - ok
19:45:43.0087 0x11d8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:45:43.0087 0x11d8 wercplsupport - ok
19:45:43.0118 0x11d8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:45:43.0118 0x11d8 WerSvc - ok
19:45:43.0134 0x11d8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:45:43.0149 0x11d8 WfpLwf - ok
19:45:43.0149 0x11d8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:45:43.0149 0x11d8 WIMMount - ok
19:45:43.0181 0x11d8 WinDefend - ok
19:45:43.0181 0x11d8 WinHttpAutoProxySvc - ok
19:45:43.0227 0x11d8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:45:43.0243 0x11d8 Winmgmt - ok
19:45:43.0352 0x11d8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
19:45:43.0446 0x11d8 WinRM - ok
19:45:43.0477 0x11d8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:45:43.0493 0x11d8 WinUsb - ok
19:45:43.0524 0x11d8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:45:43.0555 0x11d8 Wlansvc - ok
19:45:43.0602 0x11d8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:45:43.0602 0x11d8 WmiAcpi - ok
19:45:43.0633 0x11d8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:45:43.0649 0x11d8 wmiApSrv - ok
19:45:43.0664 0x11d8 WMPNetworkSvc - ok
19:45:43.0680 0x11d8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:45:43.0695 0x11d8 WPCSvc - ok
19:45:43.0742 0x11d8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:45:43.0742 0x11d8 WPDBusEnum - ok
19:45:43.0773 0x11d8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:45:43.0773 0x11d8 ws2ifsl - ok
19:45:43.0805 0x11d8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
19:45:43.0805 0x11d8 wscsvc - ok
19:45:43.0820 0x11d8 WSearch - ok
19:45:43.0914 0x11d8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
19:45:44.0023 0x11d8 wuauserv - ok
19:45:44.0070 0x11d8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:45:44.0070 0x11d8 WudfPf - ok
19:45:44.0101 0x11d8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:45:44.0117 0x11d8 WUDFRd - ok
19:45:44.0148 0x11d8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:45:44.0163 0x11d8 wudfsvc - ok
19:45:44.0195 0x11d8 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:45:44.0226 0x11d8 WwanSvc - ok
19:45:44.0257 0x11d8 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
19:45:44.0288 0x11d8 yukonw7 - ok
19:45:44.0304 0x11d8 ================ Scan global ===============================
19:45:44.0319 0x11d8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:45:44.0366 0x11d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:45:44.0413 0x11d8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:45:44.0444 0x11d8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:45:44.0460 0x11d8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:45:44.0475 0x11d8 [ Global ] - ok
19:45:44.0475 0x11d8 ================ Scan MBR ==================================
19:45:44.0491 0x11d8 [ 02D421B3F987EE041A8FEBBAE9C153C7 ] \Device\Harddisk0\DR0
19:45:44.0772 0x11d8 \Device\Harddisk0\DR0 - ok
19:45:44.0772 0x11d8 ================ Scan VBR ==================================
19:45:44.0787 0x11d8 [ B916D8FFAF42141622390D1336A0CC13 ] \Device\Harddisk0\DR0\Partition1
19:45:44.0787 0x11d8 \Device\Harddisk0\DR0\Partition1 - ok
19:45:44.0787 0x11d8 [ B10DB88F82DA22E51EFC03CBA47DB19B ] \Device\Harddisk0\DR0\Partition2
19:45:44.0787 0x11d8 \Device\Harddisk0\DR0\Partition2 - ok
19:45:44.0787 0x11d8 [ 3E8FE11B7F727A01E4616BF9BE7D1688 ] \Device\Harddisk0\DR0\Partition3
19:45:44.0803 0x11d8 \Device\Harddisk0\DR0\Partition3 - ok
19:45:44.0803 0x11d8 [ 306FBDE8DBD478C5B1959764AB8130E6 ] \Device\Harddisk0\DR0\Partition4
19:45:44.0803 0x11d8 \Device\Harddisk0\DR0\Partition4 - ok
19:45:44.0803 0x11d8 Waiting for KSN requests completion. In queue: 60
19:45:45.0817 0x11d8 Waiting for KSN requests completion. In queue: 60
19:45:46.0831 0x11d8 Waiting for KSN requests completion. In queue: 60
19:45:47.0845 0x11d8 Waiting for KSN requests completion. In queue: 60
19:45:48.0906 0x11d8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2016.330 ), 0x41000 ( enabled : updated )
19:45:48.0921 0x11d8 Win FW state via NFP2: enabled
19:45:51.0870 0x11d8 ============================================================
19:45:51.0870 0x11d8 Scan finished
19:45:51.0870 0x11d8 ============================================================
19:45:51.0870 0x149c Detected object count: 0
19:45:51.0870 0x149c Actual detected object count: 0
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby amandarutledge » April 19th, 2014, 9:09 pm

The screen is flashing between screens when going through folders, etc. I haven't tried to delete any programs on my own since working with you so I don't know if the windows installer message would still appear.
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby askey127 » April 21st, 2014, 6:20 am

Amanda,
I am trying to figure out what you mean by "screen is flashing between screens". Could you describe in more detail?

Go to Start and type msiexec.exe into the box.
click on msiexec.exe in the popup menu.
When the dialog comes up, drag the mouse to highlight all the contents, copy (Ctrl and C), and paste (Ctrl and V) back here in a reply.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: please help my computer

Unread postby amandarutledge » April 21st, 2014, 6:40 am

Whenever I open any file folder (ex:start menu->computer->C: ) when I get to open the C: (or any folder) the folder popup remains normal but the rest of the screen quickly flashes as it opens the selected folder.
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby amandarutledge » April 21st, 2014, 6:46 am

Last night I also noticed that my computer has 11 failed updates ( all important) that have a failed status. I took I screenshot of the update history showing this. I didn't want to post it until you direct me to.
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby amandarutledge » April 21st, 2014, 7:16 am

I followed your directions to open msiexec.exe so I could paste the contents, but I received this message when I tried to open the document option "cannot open C:\Users\ALR4life\Documents\cc_20140107_133624.reg: Not all data was successfully written to the registry. Some keys are open by the system or other processes.

There is also a file option that opened a notepad shortcut with a lot of content (over 250000 characters) do you want me to post the whole thing?
amandarutledge
Regular Member
 
Posts: 21
Joined: April 11th, 2014, 7:02 am

Re: please help my computer

Unread postby askey127 » April 22nd, 2014, 7:58 am

Amanda,
Sorry for any confusion here.
Evidently, the MalwareRemoval site server here had a period between last Friday and yesterday when it was not sending e-mail notices of topic responses..
So you wouldn't know when I posted, and I wouldn't know when you posted.
It has been fixed.

An error like you show "cannot open C:\Users\ALR4life\Documents\cc_20140107_133624.reg"
might occur only if you were trying to restore some registry backups done by CCleaner.

I am a bit concerned that you have done Registry cleanups of any kind, since they can be dangerous to the Windows system
We recommend never using a Registry cleaner/booster/helper/optimizer for any reason.

When you type msiexec.exe into the Start box, and click on msiexec.exe does a window pop up or not ?
If so, is the Window labeled "Windows Installer"?
Please open the attached file, WInstaller.pdf, for a sample of what you should see.
I have no idea what a "file option" would be in the case of that window.

Is your computer a commercial brand like Dell, Gateway, Acer, HP, etc.?
Can you tell me what make and model?

Thanks, askey127
You do not have the required permissions to view the files attached to this post.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 123 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware