Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Huge Bandwidth Usage [Closed]


  • This topic is locked This topic is locked

#1
Acousticcountry

Acousticcountry

    Member

  • Member
  • PipPip
  • 13 posts

Hi,

 

I think my computer may be infected with something that is constantly using bandwidth.  I have been getting emails from my ISP about bandwidth overages, and after further investigation have found that I have been going through 10-15 GB of bandwidth even on days when nobody is at the house to use anything.

 

I did a scan with Housecall from trend micro and it found some problems and fixed them.  I rebooted my computer and when I first launched Internet Explorer got a Proxy isn't responding page.  Went in to Internet Options and unclicked the use a proxy button so that my browser would work, did another scan from Housecall and it came up clean.  My network activity is still constantly running though and is going up approx. 1 MB every 5-10 seconds. 

 

Any idea what could be causing this or what I can do to fix it?  My ISP wants me to upgrade my internet package because of all the bandwidth use, so any help is appreciated.

 

Thanks in advance,

 

Chris


  • 0

Advertisements


#2
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello and welcome to Geeks To Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please download to and run all requested tools from your Desktop.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:


Hello, let's get a look at your system and see what's going on. :)


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press the Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Step 2: Scan with TDSSKiller

Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!


Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

TDSSKiller Log

  • 0

#3
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

I am not getting help on any other forums.

 

Thanks for  your response and help!

 

Here is my FRST.txt log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Chris (administrator) on CHRISB on 23-03-2015 23:49:51
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available profiles: Chris)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbarsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(MOTU Inc.) C:\Program Files (x86)\MOTU\motuDNSResponder.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbrmon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
() C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Runner.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [M-Audio Taskbar Icon] => C:\windows\system32\M-AudioTaskBarIcon.exe [798728 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe [8947008 2014-12-18] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2396160 2010-01-08] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [395144 2011-05-17] (Ask)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BringMeSports_1c Browser Plugin Loader] => C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbrmon.exe [30096 2012-12-09] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2014-08-14] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [590056 2010-10-17] (SANDBOXIE L.T.D)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [GoogleChromeAutoLaunch_4E6299B33FA0592A57BB7C6E94F010D2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-02-02] (Google Inc.)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\RunOnce: [FlashPlayerUpdate] => C:\windows\system32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe [651440 2015-02-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\MountPoints2: {42b37c81-8660-11e0-a613-406186b4c408} - F:\Autorun.exe
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\MountPoints2: {60ede31e-a5e8-11e4-b1de-406186b4c408} - G:\Setup.exe
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\PHOTOJ~1.SCR
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62213;https=127.0.0.1:62213
ProxyServer: [S-1-5-21-346444361-470292555-3986792257-1000] => 127.0.0.1:8118
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {f2c43291-151e-499c-98a7-923c120b88fa} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {06b5b051-1d05-443d-822f-39ab0d05f018} - C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cSrcAs.dll (MindSpark)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {789F9CCE-188C-46E2-A713-18E5A6B68305} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {85A78607-08E6-45B2-B40E-CB2746BDD490} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {8c9ef753-beb6-4582-b653-93ac59274437} URL = http://search.mywebs...or={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT3074349
SearchScopes: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...&q={searchTerms}
SearchScopes: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...&q={searchTerms}
SearchScopes: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> {85A78607-08E6-45B2-B40E-CB2746BDD490} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-07-30] (RealDownloader)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-20] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Search Assistant BHO -> {002d1ba6-4766-4d7d-82b8-f49439c66f97} -> C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cSrcAs.dll [2012-12-09] (MindSpark)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-07-30] (RealDownloader)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll [2011-07-13] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL [2010-05-13] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-16] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17] (Ask)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Toolbar BHO -> {f653d037-97fa-4755-98c1-7f382eeb59a7} -> C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbar.dll [2012-12-09] (MindSpark)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-20] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll [2011-07-13] (Symantec Corporation)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17] (Ask)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM-x32 - BringMeSports - {cc53bd19-7b23-43b0-ab7c-0e06c708cced} - C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbar.dll [2012-12-09] (MindSpark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-16] (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {F2C43291-151E-499C-98A7-923C120B88FA} -  No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {CC53BD19-7B23-43B0-AB7C-0E06C708CCED} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @emusic.com/dlm-plugin -> C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll [2010-01-20] (eMusic.com)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-07-30] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-08-14] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-346444361-470292555-3986792257-1000: @emusic.com/dlm-plugin -> C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll [2010-01-20] (eMusic.com)
FF Extension: ArcadeParlor - C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} [2014-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn
FF Extension: Norton IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn [2010-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn_2010_9_0_6
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn_2010_9_0_6 [2015-03-23]
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-14]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=M6B691981-25AB-4032-A8BB-9F2A0CF70104&SearchSource=55&CUI=&UM=8&UP=SP76EEA3FA-1DB6-445B-A55B-A793EC901AAE&SSPV=SP22030TA_sp_ch
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=M35D8DE5C-EF21-42CD-B7F3-2B009843728F&SearchSource=55&CUI=&UM=8&UP=SPAC345DF8-D122-46F3-86FC-20CD4250A967&SSPV=SP22030TA_sp_ch"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com...SP22030TA_sp_ch
CHR DefaultSuggestURL: Default -> http://suggest.secci...ix={searchTerms}
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-20]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-17]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-20]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-20]
CHR Extension: (HQvidPv1.12) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak [2014-04-28]
CHR Extension: (Rr Savings) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe [2014-04-28]
CHR Extension: (PricePeep) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2014-04-28]
CHR Extension: (Skype Click to Call) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-20]
CHR Extension: (Information) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgacjdfplhakjfljpbbagagjcbccpmnl [2014-04-28]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-23]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 BringMeSports_1cService; C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbarsvc.exe [42504 2012-12-09] (COMPANYVERS_NAME)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe [713568 2014-12-18] ()
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MOTU_ZeroConf; C:\Program Files (x86)\MOTU\motuDNSResponder.exe [390544 2014-08-27] (MOTU Inc.)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4948992 2009-07-17] (Native Instruments GmbH) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-03] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
R2 PrivoxyService; C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe [371200 2015-02-16] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-14] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [99048 2010-10-17] (SANDBOXIE L.T.D)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20110114.001\BHDrvx64.sys [953904 2010-11-23] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-03] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-06-13] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-12-25] (Symantec Corporation)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-10-09] (BitDefender LLC)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20110221.001\IDSvia64.sys [476792 2010-12-01] (Symantec Corporation)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-09-20] (JMicron )
S4 LMIRfsClientNP; No ImagePath
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [187912 2010-12-07] (Avid Technology, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [145512 2010-10-17] (SANDBOXIE L.T.D)
S3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-21] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-21] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-10-14] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-21] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-12-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-29] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-21] (Symantec Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-10-09] (BitDefender S.R.L.)
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20110222.036\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20110222.036\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 23:49 - 2015-03-23 23:50 - 00034854 _____ () C:\Users\Chris\Desktop\FRST.txt
2015-03-23 23:49 - 2015-03-23 23:49 - 00000000 ____D () C:\FRST
2015-03-23 23:47 - 2015-03-23 23:47 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Desktop\tdsskiller.exe
2015-03-23 23:44 - 2015-03-23 23:44 - 02095616 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2015-03-23 03:35 - 2015-03-23 03:35 - 00003224 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-346444361-470292555-3986792257-1000
2015-03-21 19:58 - 2015-03-21 19:58 - 00833080 _____ () C:\Users\Chris\Downloads\Unconfirmed 62263.crdownload
2015-03-21 19:58 - 2015-03-21 19:58 - 00833080 _____ () C:\Users\Chris\Downloads\Unconfirmed 220585.crdownload
2015-03-21 19:57 - 2015-03-21 19:57 - 00833080 _____ () C:\Users\Chris\Downloads\Unconfirmed 996013.crdownload
2015-03-21 19:56 - 2015-03-21 19:57 - 00833080 _____ () C:\Users\Chris\Downloads\Unconfirmed 117499.crdownload
2015-03-21 19:56 - 2015-03-21 19:56 - 00833080 _____ () C:\Users\Chris\Downloads\Unconfirmed 441532.crdownload
2015-03-21 17:49 - 2015-03-21 18:38 - 00503305 _____ () C:\Users\Chris\AppData\Local\census.cache
2015-03-21 17:48 - 2015-03-21 18:38 - 00223573 _____ () C:\Users\Chris\AppData\Local\ars.cache
2015-03-21 17:38 - 2015-03-21 18:28 - 00000010 _____ () C:\Users\Chris\AppData\Local\sponge.last.runtime.cache
2015-03-21 17:21 - 2015-03-21 17:21 - 00000036 _____ () C:\Users\Chris\AppData\Local\housecall.guid.cache
2015-03-21 10:49 - 2015-03-21 10:49 - 00010407 _____ () C:\Users\Chris\Downloads\Unconfirmed 377626.crdownload
2015-03-21 05:45 - 2015-03-21 05:45 - 00779511 _____ (Software ) C:\Users\Chris\Downloads\Unconfirmed 275455.crdownload
2015-03-21 05:11 - 2015-03-21 05:12 - 00779511 _____ (Software ) C:\Users\Chris\Downloads\Unconfirmed 967311.crdownload
2015-03-20 23:39 - 2015-03-20 23:39 - 01742640 _____ (Bandoo Media Inc) C:\Users\Chris\Downloads\Unconfirmed 336996.crdownload
2015-03-20 17:18 - 2015-03-20 17:18 - 00888168 _____ () C:\Users\Chris\Downloads\Unconfirmed 854626.crdownload
2015-03-20 09:27 - 2015-03-20 09:27 - 00779511 _____ (Software ) C:\Users\Chris\Downloads\Unconfirmed 56471.crdownload
2015-03-20 09:26 - 2015-03-20 09:26 - 00779511 _____ (Software ) C:\Users\Chris\Downloads\Unconfirmed 401020.crdownload
2015-03-20 01:17 - 2015-03-20 01:17 - 00831576 _____ () C:\Users\Chris\Downloads\Unconfirmed 833047.crdownload
2015-03-20 00:45 - 2015-03-20 00:45 - 00831576 _____ () C:\Users\Chris\Downloads\Unconfirmed 728406.crdownload
2015-03-20 00:44 - 2015-03-20 00:44 - 00831576 _____ () C:\Users\Chris\Downloads\Unconfirmed 780245.crdownload
2015-03-20 00:44 - 2015-03-20 00:44 - 00831576 _____ () C:\Users\Chris\Downloads\Unconfirmed 119985.crdownload
2015-03-20 00:43 - 2015-03-20 00:43 - 00831576 _____ () C:\Users\Chris\Downloads\Unconfirmed 152332.crdownload
2015-03-20 00:42 - 2015-03-20 00:42 - 00779511 _____ (Software ) C:\Users\Chris\Downloads\Unconfirmed 582955.crdownload
2015-03-19 23:45 - 2015-03-19 23:45 - 00831536 _____ () C:\Users\Chris\Downloads\Unconfirmed 638028.crdownload
2015-03-19 23:45 - 2015-03-19 23:45 - 00831536 _____ () C:\Users\Chris\Downloads\Unconfirmed 135091.crdownload
2015-03-19 06:56 - 2015-03-19 06:56 - 00798952 _____ (Program Generic ) C:\Users\Chris\Downloads\Unconfirmed 890924.crdownload
2015-03-18 23:18 - 2015-03-18 23:18 - 01742640 _____ (Bandoo Media Inc) C:\Users\Chris\Downloads\Unconfirmed 807855.crdownload
2015-03-18 23:16 - 2015-03-18 23:16 - 00779511 _____ (Software ) C:\Users\Chris\Downloads\Unconfirmed 729131.crdownload
2015-03-18 23:03 - 2015-03-18 23:03 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 817199.crdownload
2015-03-18 19:21 - 2015-03-18 19:22 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 451940.crdownload
2015-03-18 08:14 - 2015-03-18 08:19 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 539427.crdownload
2015-03-18 08:12 - 2015-03-18 08:12 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 821456.crdownload
2015-03-18 07:01 - 2015-03-18 07:01 - 00010399 _____ () C:\Users\Chris\Downloads\Unconfirmed 192279.crdownload
2015-03-17 22:19 - 2015-03-17 22:19 - 00798952 _____ (Program Generic ) C:\Users\Chris\Downloads\Unconfirmed 721168.crdownload
2015-03-17 22:18 - 2015-03-17 22:18 - 00798952 _____ (Program Generic ) C:\Users\Chris\Downloads\Unconfirmed 762171.crdownload
2015-03-17 19:50 - 2015-03-17 19:50 - 00798024 _____ (Program ) C:\Users\Chris\Downloads\Unconfirmed 39295.crdownload
2015-03-17 19:02 - 2015-03-17 19:02 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 301584.crdownload
2015-03-17 19:02 - 2015-03-17 19:02 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 208202.crdownload
2015-03-17 19:01 - 2015-03-17 19:01 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 663994.crdownload
2015-03-17 19:00 - 2015-03-17 19:00 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 515077.crdownload
2015-03-17 19:00 - 2015-03-17 19:00 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 286059.crdownload
2015-03-17 18:59 - 2015-03-17 18:59 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 370724.crdownload
2015-03-17 18:05 - 2015-03-17 18:10 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 688324.crdownload
2015-03-17 18:05 - 2015-03-17 18:05 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 170337.crdownload
2015-03-17 09:55 - 2015-03-17 09:59 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 800406.crdownload
2015-03-17 09:55 - 2015-03-17 09:55 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 625680.crdownload
2015-03-17 09:47 - 2015-03-17 09:47 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 670087.crdownload
2015-03-17 00:25 - 2015-03-17 00:25 - 01742640 _____ (Bandoo Media Inc) C:\Users\Chris\Downloads\Unconfirmed 149376.crdownload
2015-03-17 00:24 - 2015-03-17 00:24 - 01742640 _____ (Bandoo Media Inc) C:\Users\Chris\Downloads\Unconfirmed 329817.crdownload
2015-03-16 21:39 - 2015-03-16 21:42 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 375211.crdownload
2015-03-16 21:38 - 2015-03-16 21:39 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 863925.crdownload
2015-03-16 09:48 - 2015-03-16 09:49 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 733059.crdownload
2015-03-15 13:35 - 2015-03-15 13:35 - 00882552 _____ () C:\Users\Chris\Downloads\Unconfirmed 801927.crdownload
2015-03-15 13:34 - 2015-03-15 13:34 - 00985840 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 491773.crdownload
2015-03-15 13:34 - 2015-03-15 13:34 - 00734336 _____ () C:\Users\Chris\Downloads\Unconfirmed 974167.crdownload
2015-03-15 13:34 - 2015-03-15 13:34 - 00734336 _____ () C:\Users\Chris\Downloads\Unconfirmed 160484.crdownload
2015-03-15 13:31 - 2015-03-15 13:34 - 08678858 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 911994.crdownload
2015-03-15 13:30 - 2015-03-15 13:31 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 648933.crdownload
2015-03-15 13:25 - 2015-03-15 13:25 - 00355632 _____ (Dropbox, Inc.) C:\Users\Chris\Downloads\Unconfirmed 622689.crdownload
2015-03-15 08:22 - 2015-03-15 08:24 - 03541664 _____ (Aeria Games & Entertainment) C:\Users\Chris\Downloads\Unconfirmed 503949.crdownload
2015-03-15 08:20 - 2015-03-15 08:21 - 03541664 _____ (Aeria Games & Entertainment) C:\Users\Chris\Downloads\Unconfirmed 754501.crdownload
2015-03-15 05:48 - 2015-03-15 05:49 - 10294272 _____ () C:\Users\Chris\Downloads\101857102.xls
2015-03-15 05:13 - 2015-03-15 05:13 - 00010406 _____ () C:\Users\Chris\Downloads\Unconfirmed 687800.crdownload
2015-03-14 17:06 - 2015-03-14 17:06 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 519153.crdownload
2015-03-14 17:03 - 2015-03-14 17:04 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 994726.crdownload
2015-03-14 01:05 - 2015-03-14 01:06 - 01152104 _____ () C:\Users\Chris\Downloads\Unconfirmed 739212.crdownload
2015-03-14 00:24 - 2015-03-14 00:24 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 303926.crdownload
2015-03-13 20:00 - 2015-03-13 20:00 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 820616.crdownload
2015-03-13 19:59 - 2015-03-13 19:59 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 61826.crdownload
2015-03-13 17:20 - 2015-03-13 17:20 - 01988690 _____ () C:\Users\Chris\Downloads\Unconfirmed 467699.crdownload
2015-03-13 17:20 - 2015-03-13 17:20 - 00985832 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 691786.crdownload
2015-03-13 17:19 - 2015-03-13 17:19 - 00985832 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 652829.crdownload
2015-03-13 17:19 - 2015-03-13 17:19 - 00734504 _____ () C:\Users\Chris\Downloads\Unconfirmed 609543.crdownload
2015-03-13 17:19 - 2015-03-13 17:19 - 00734504 _____ () C:\Users\Chris\Downloads\Unconfirmed 2447.crdownload
2015-03-13 17:18 - 2015-03-13 17:18 - 00985840 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 353216.crdownload
2015-03-13 17:18 - 2015-03-13 17:18 - 00985840 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 334626.crdownload
2015-03-13 17:17 - 2015-03-13 17:17 - 00832208 _____ () C:\Users\Chris\Downloads\Unconfirmed 668735.crdownload
2015-03-13 17:16 - 2015-03-13 17:19 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 936010.crdownload
2015-03-13 17:16 - 2015-03-13 17:17 - 01988690 _____ () C:\Users\Chris\Downloads\Unconfirmed 242101.crdownload
2015-03-13 17:15 - 2015-03-13 17:15 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 883370.crdownload
2015-03-13 15:43 - 2015-03-13 15:43 - 00798024 _____ (Program ) C:\Users\Chris\Downloads\Unconfirmed 16274.crdownload
2015-03-13 12:48 - 2015-03-13 12:51 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 467426.crdownload
2015-03-13 12:47 - 2015-03-13 12:47 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 2018.crdownload
2015-03-13 12:20 - 2015-03-13 12:20 - 00839936 _____ () C:\Users\Chris\Downloads\Unconfirmed 547140.crdownload
2015-03-13 12:18 - 2015-03-13 12:18 - 00831696 _____ () C:\Users\Chris\Downloads\Unconfirmed 556315.crdownload
2015-03-13 12:17 - 2015-03-13 12:17 - 00839936 _____ () C:\Users\Chris\Downloads\Unconfirmed 876499.crdownload
2015-03-13 12:17 - 2015-03-13 12:17 - 00839936 _____ () C:\Users\Chris\Downloads\Unconfirmed 677985.crdownload
2015-03-13 12:17 - 2015-03-13 12:17 - 00831696 _____ () C:\Users\Chris\Downloads\Unconfirmed 446226.crdownload
2015-03-13 12:13 - 2015-03-13 12:13 - 00831696 _____ () C:\Users\Chris\Downloads\Unconfirmed 301482.crdownload
2015-03-13 05:21 - 2015-03-13 05:21 - 00000538 _____ () C:\Users\Chris\Downloads\Setup                         .website
2015-03-13 04:48 - 2015-03-13 04:48 - 01152120 _____ () C:\Users\Chris\Downloads\Unconfirmed 118475.crdownload
2015-03-13 04:47 - 2015-03-13 04:47 - 01152112 _____ () C:\Users\Chris\Downloads\Unconfirmed 646553.crdownload
2015-03-13 04:46 - 2015-03-13 04:47 - 01152120 _____ () C:\Users\Chris\Downloads\Unconfirmed 536530.crdownload
2015-03-13 01:32 - 2015-03-13 01:32 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 35651.crdownload
2015-03-13 01:06 - 2015-03-13 01:06 - 00798024 _____ (Program ) C:\Users\Chris\Downloads\Unconfirmed 288954.crdownload
2015-03-13 01:05 - 2015-03-13 01:05 - 00798024 _____ (Program ) C:\Users\Chris\Downloads\Unconfirmed 596764.crdownload
2015-03-12 20:30 - 2015-03-12 20:30 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 704294.crdownload
2015-03-12 19:22 - 2015-03-12 19:22 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 728583.crdownload
2015-03-12 17:43 - 2015-03-12 17:43 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 48792.crdownload
2015-03-12 16:01 - 2015-03-12 16:01 - 01764704 _____ (Bandoo Media Inc) C:\Users\Chris\Downloads\Unconfirmed 785985.crdownload
2015-03-12 12:56 - 2015-03-12 13:02 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 917345.crdownload
2015-03-12 12:56 - 2015-03-12 12:56 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 722929.crdownload
2015-03-12 11:35 - 2015-03-12 11:37 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 942130.crdownload
2015-03-12 11:33 - 2015-03-12 11:33 - 00796720 _____ (Installer Soft Prog ) C:\Users\Chris\Downloads\Unconfirmed 96175.crdownload
2015-03-12 11:30 - 2015-03-12 11:31 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 650377.crdownload
2015-03-12 10:50 - 2015-03-12 10:50 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 153461.crdownload
2015-03-12 10:49 - 2015-03-12 10:49 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 72484.crdownload
2015-03-12 10:49 - 2015-03-12 10:49 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 499369.crdownload
2015-03-12 10:48 - 2015-03-12 10:48 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 74644.crdownload
2015-03-12 10:47 - 2015-03-12 10:47 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 651060.crdownload
2015-03-12 10:46 - 2015-03-12 10:46 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 723800.crdownload
2015-03-12 08:30 - 2015-03-12 08:30 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 313355.crdownload
2015-03-12 08:29 - 2015-03-12 08:29 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 847448.crdownload
2015-03-12 00:33 - 2015-03-12 00:33 - 01146704 _____ () C:\Users\Chris\Downloads\Unconfirmed 788186.crdownload
2015-03-12 00:32 - 2015-03-12 00:32 - 01146704 _____ () C:\Users\Chris\Downloads\Unconfirmed 647597.crdownload
2015-03-12 00:31 - 2015-03-12 00:31 - 01146704 _____ () C:\Users\Chris\Downloads\Unconfirmed 642839.crdownload
2015-03-11 23:50 - 2015-03-11 23:50 - 01146712 _____ () C:\Users\Chris\Downloads\Unconfirmed 693411.crdownload
2015-03-11 23:49 - 2015-03-11 23:49 - 01146704 _____ () C:\Users\Chris\Downloads\Unconfirmed 214395.crdownload
2015-03-11 23:47 - 2015-03-11 23:47 - 01146704 _____ () C:\Users\Chris\Downloads\Unconfirmed 749054.crdownload
2015-03-11 23:47 - 2015-03-11 23:47 - 01146704 _____ () C:\Users\Chris\Downloads\Unconfirmed 739766.crdownload
2015-03-11 22:02 - 2015-03-11 22:03 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 681953.crdownload
2015-03-11 17:10 - 2015-03-11 17:10 - 00797232 _____ (Application Software Generic ) C:\Users\Chris\Downloads\Unconfirmed 785444.crdownload
2015-03-11 14:25 - 2015-03-11 14:30 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 72340.crdownload
2015-03-11 14:25 - 2015-03-11 14:25 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 15682.crdownload
2015-03-11 11:24 - 2015-03-11 11:25 - 01146704 _____ () C:\Users\Chris\Downloads\Unconfirmed 579761.crdownload
2015-03-11 10:47 - 2015-03-11 10:47 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 511880.crdownload
2015-03-11 07:24 - 2015-03-11 07:24 - 01146680 _____ () C:\Users\Chris\Downloads\Unconfirmed 753185.crdownload
2015-03-11 07:22 - 2015-03-11 07:22 - 01146680 _____ () C:\Users\Chris\Downloads\Unconfirmed 999574.crdownload
2015-03-11 04:16 - 2015-03-23 03:35 - 00003358 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-346444361-470292555-3986792257-1000
2015-03-11 01:06 - 2015-03-11 01:06 - 01146720 _____ () C:\Users\Chris\Downloads\Unconfirmed 275240.crdownload
2015-03-11 01:05 - 2015-03-11 01:05 - 01146720 _____ () C:\Users\Chris\Downloads\Unconfirmed 21879.crdownload
2015-03-11 00:38 - 2015-03-11 00:38 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 85763.crdownload
2015-03-10 21:37 - 2015-03-10 21:37 - 01146712 _____ () C:\Users\Chris\Downloads\Unconfirmed 118439.crdownload
2015-03-10 21:36 - 2015-03-10 21:36 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 706691.crdownload
2015-03-10 21:34 - 2015-03-10 21:35 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 645745.crdownload
2015-03-10 21:34 - 2015-03-10 21:35 - 00001051 _____ () C:\Users\Chris\Downloads\Download-setup (1).website
2015-03-10 21:33 - 2015-03-10 21:33 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 579541.crdownload
2015-03-10 20:57 - 2015-03-10 21:01 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 736543.crdownload
2015-03-10 20:56 - 2015-03-10 20:57 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 136537.crdownload
2015-03-10 20:47 - 2015-03-10 20:47 - 00826360 _____ () C:\Users\Chris\Downloads\Unconfirmed 483086.crdownload
2015-03-10 20:45 - 2015-03-10 20:45 - 00826360 _____ () C:\Users\Chris\Downloads\Unconfirmed 928329.crdownload
2015-03-10 20:45 - 2015-03-10 20:45 - 00826360 _____ () C:\Users\Chris\Downloads\Unconfirmed 688281.crdownload
2015-03-10 20:44 - 2015-03-10 20:44 - 00826360 _____ () C:\Users\Chris\Downloads\Unconfirmed 597538.crdownload
2015-03-10 20:17 - 2015-03-10 20:17 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 928436.crdownload
2015-03-10 20:15 - 2015-03-10 20:15 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 323733.crdownload
2015-03-10 17:30 - 2015-03-10 17:30 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 496192.crdownload
2015-03-10 16:41 - 2015-02-19 23:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-10 16:41 - 2015-02-19 23:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-10 16:41 - 2015-02-19 23:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-10 16:41 - 2015-02-19 23:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-10 16:41 - 2015-02-19 23:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-10 16:41 - 2015-02-19 23:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-10 16:41 - 2015-02-19 23:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-10 16:41 - 2015-02-19 23:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-10 16:41 - 2015-02-19 22:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-10 16:41 - 2015-02-19 22:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-10 16:41 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-10 16:41 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-10 16:40 - 2015-01-28 22:23 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-10 16:40 - 2015-01-28 22:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-10 16:40 - 2015-01-28 22:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-10 16:40 - 2015-01-28 22:19 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-10 16:40 - 2015-01-28 22:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-10 16:40 - 2015-01-28 22:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-10 16:40 - 2015-01-28 22:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-10 16:40 - 2015-01-28 22:05 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-10 16:40 - 2015-01-28 22:05 - 03917752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-10 16:40 - 2015-01-28 22:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-10 16:40 - 2015-01-28 21:57 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-10 16:39 - 2015-03-06 00:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-10 16:39 - 2015-03-06 00:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-10 16:39 - 2015-03-06 00:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-10 16:39 - 2015-03-06 00:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-10 16:39 - 2015-03-06 00:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-10 16:39 - 2015-03-06 00:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-10 16:39 - 2015-03-06 00:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-10 16:39 - 2015-03-06 00:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-10 16:39 - 2015-03-06 00:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-10 16:39 - 2015-03-06 00:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-10 16:39 - 2015-03-06 00:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-10 16:39 - 2015-03-06 00:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-10 16:39 - 2015-03-06 00:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-10 16:39 - 2015-02-13 00:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-10 16:39 - 2015-02-13 00:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-10 16:39 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-10 16:39 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-10 16:39 - 2015-01-30 18:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-10 16:38 - 2015-02-25 22:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-10 16:38 - 2015-02-23 22:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-10 16:38 - 2015-02-23 21:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-10 16:38 - 2015-02-20 20:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-10 16:38 - 2015-02-20 19:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-10 16:38 - 2015-02-20 19:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-10 16:38 - 2015-02-20 19:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-10 16:38 - 2015-02-20 19:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-10 16:38 - 2015-02-20 18:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-10 16:38 - 2015-02-20 18:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-10 16:38 - 2015-02-19 22:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-10 16:38 - 2015-02-19 22:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-10 16:38 - 2015-02-19 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-10 16:38 - 2015-02-19 21:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-10 16:38 - 2015-02-19 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-10 16:38 - 2015-02-19 21:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-10 16:38 - 2015-02-19 21:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-10 16:38 - 2015-02-19 21:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-10 16:38 - 2015-02-19 21:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-10 16:38 - 2015-02-19 21:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-10 16:38 - 2015-02-19 21:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-10 16:38 - 2015-02-19 21:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-10 16:38 - 2015-02-19 21:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-10 16:38 - 2015-02-19 21:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-10 16:38 - 2015-02-19 21:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-10 16:38 - 2015-02-19 21:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-10 16:38 - 2015-02-19 21:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-10 16:38 - 2015-02-19 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 16:38 - 2015-02-19 21:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-10 16:38 - 2015-02-19 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-10 16:38 - 2015-02-19 21:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-10 16:38 - 2015-02-19 21:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-10 16:38 - 2015-02-19 21:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-10 16:38 - 2015-02-19 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-10 16:38 - 2015-02-19 21:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-10 16:38 - 2015-02-19 21:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-10 16:38 - 2015-02-19 21:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-10 16:38 - 2015-02-19 20:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-10 16:38 - 2015-02-19 20:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-10 16:38 - 2015-02-19 20:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-10 16:38 - 2015-02-19 20:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-10 16:38 - 2015-02-19 20:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-10 16:38 - 2015-02-19 20:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-10 16:38 - 2015-02-19 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-10 16:38 - 2015-02-19 20:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-10 16:38 - 2015-02-19 20:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-10 16:38 - 2015-02-19 20:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-10 16:38 - 2015-02-19 20:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-10 16:38 - 2015-02-19 20:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-10 16:38 - 2015-02-19 20:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-10 16:38 - 2015-02-19 20:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-10 16:38 - 2015-02-19 20:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-10 16:38 - 2015-02-19 20:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-10 16:38 - 2015-02-19 20:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-10 16:38 - 2015-02-19 20:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-10 16:38 - 2015-02-19 19:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-10 16:38 - 2015-02-19 19:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-10 16:38 - 2015-02-02 22:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-10 16:38 - 2015-02-02 22:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-10 16:38 - 2015-01-16 21:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-10 16:38 - 2015-01-16 21:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-10 08:40 - 2015-03-10 08:40 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 450215.crdownload
2015-03-10 08:39 - 2015-03-10 08:39 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 811087.crdownload
2015-03-10 08:38 - 2015-03-10 08:38 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 375406.crdownload
2015-03-10 08:37 - 2015-03-10 08:37 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 391027.crdownload
2015-03-10 06:43 - 2015-03-10 06:43 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 985019.crdownload
2015-03-10 06:42 - 2015-03-10 06:42 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 734476.crdownload
2015-03-10 06:41 - 2015-03-10 06:41 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 100856.crdownload
2015-03-10 04:59 - 2015-03-10 04:59 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 229270.crdownload
2015-03-10 03:28 - 2015-03-10 03:28 - 01146752 _____ () C:\Users\Chris\Downloads\Unconfirmed 633590.crdownload
2015-03-09 23:04 - 2015-03-09 23:08 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 8539.crdownload
2015-03-09 23:04 - 2015-03-09 23:04 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 229645.crdownload
2015-03-09 16:19 - 2015-03-09 16:19 - 01146760 _____ () C:\Users\Chris\Downloads\Unconfirmed 159036.crdownload
2015-03-09 15:55 - 2015-03-09 15:55 - 00001051 _____ () C:\Users\Chris\Downloads\Download-setup.website
2015-03-09 12:59 - 2015-03-09 13:02 - 21361976 _____ (Perion Network Ltd. ) C:\Users\Chris\Downloads\Unconfirmed 944334.crdownload
2015-03-09 12:59 - 2015-03-09 12:59 - 21361976 _____ (Perion Network Ltd. ) C:\Users\Chris\Downloads\Unconfirmed 390993.crdownload
2015-03-09 08:26 - 2015-03-09 08:26 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 864863.crdownload
2015-03-09 05:00 - 2015-03-09 05:00 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 526152.crdownload
2015-03-09 04:59 - 2015-03-09 04:59 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 892843.crdownload
2015-03-09 03:49 - 2015-03-09 03:49 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 865398.crdownload
2015-03-09 03:48 - 2015-03-09 03:48 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 522460.crdownload
2015-03-09 02:31 - 2015-03-09 02:31 - 00826384 _____ () C:\Users\Chris\Downloads\Unconfirmed 998095.crdownload
2015-03-09 02:31 - 2015-03-09 02:31 - 00826384 _____ () C:\Users\Chris\Downloads\Unconfirmed 222081.crdownload
2015-03-09 02:30 - 2015-03-09 02:30 - 00826384 _____ () C:\Users\Chris\Downloads\Unconfirmed 615944.crdownload
2015-03-09 02:30 - 2015-03-09 02:30 - 00826384 _____ () C:\Users\Chris\Downloads\Unconfirmed 558830.crdownload
2015-03-09 02:29 - 2015-03-09 02:29 - 00826384 _____ () C:\Users\Chris\Downloads\Unconfirmed 295482.crdownload
2015-03-08 23:17 - 2015-03-08 23:18 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 68261.crdownload
2015-03-08 20:13 - 2015-03-08 20:13 - 00010345 _____ () C:\Users\Chris\Downloads\Unconfirmed 308471.crdownload
2015-03-08 20:12 - 2015-03-08 20:12 - 00010345 _____ () C:\Users\Chris\Downloads\Unconfirmed 917509.crdownload
2015-03-08 12:24 - 2015-03-08 12:24 - 01146624 _____ () C:\Users\Chris\Downloads\Unconfirmed 273575.crdownload
2015-03-08 11:34 - 2015-03-08 11:34 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 449709.crdownload
2015-03-08 10:31 - 2015-03-08 10:31 - 01147184 _____ () C:\Users\Chris\Downloads\Unconfirmed 858207.crdownload
2015-03-08 10:30 - 2015-03-08 10:30 - 01147176 _____ () C:\Users\Chris\Downloads\Unconfirmed 856436.crdownload
2015-03-08 10:29 - 2015-03-08 10:29 - 01147176 _____ () C:\Users\Chris\Downloads\Unconfirmed 603295.crdownload
2015-03-08 10:03 - 2015-03-08 10:03 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 1759.crdownload
2015-03-08 10:02 - 2015-03-08 10:03 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 564768.crdownload
2015-03-08 09:31 - 2015-03-08 09:31 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 354905.crdownload
2015-03-08 08:52 - 2015-03-08 08:56 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 781147.crdownload
2015-03-08 08:52 - 2015-03-08 08:52 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 913313.crdownload
2015-03-08 06:54 - 2015-03-08 06:54 - 01147224 _____ () C:\Users\Chris\Downloads\Unconfirmed 457306.crdownload
2015-03-08 05:59 - 2015-03-08 05:59 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 471495.crdownload
2015-03-08 01:05 - 2015-03-08 01:05 - 00984808 _____ (Installer Setup) C:\Users\Chris\Downloads\Unconfirmed 228081.crdownload
2015-03-07 23:45 - 2015-03-07 23:45 - 00776770 _____ (Program ) C:\Users\Chris\Downloads\Unconfirmed 793058.crdownload
2015-03-07 20:21 - 2015-03-07 20:22 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 694270.crdownload
2015-03-07 20:21 - 2015-03-07 20:22 - 00928784 _____ () C:\Users\Chris\Downloads\Unconfirmed 155793.crdownload
2015-03-07 20:21 - 2015-03-07 20:21 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 543145.crdownload
2015-03-07 20:20 - 2015-03-07 20:20 - 00928784 _____ () C:\Users\Chris\Downloads\Unconfirmed 437586.crdownload
2015-03-07 20:20 - 2015-03-07 20:20 - 00928784 _____ () C:\Users\Chris\Downloads\Unconfirmed 3425.crdownload
2015-03-07 20:19 - 2015-03-07 20:19 - 01146624 _____ () C:\Users\Chris\Downloads\Unconfirmed 219155.crdownload
2015-03-07 20:19 - 2015-03-07 20:19 - 00928784 _____ () C:\Users\Chris\Downloads\Unconfirmed 134660.crdownload
2015-03-07 20:18 - 2015-03-07 20:18 - 00928784 _____ () C:\Users\Chris\Downloads\Unconfirmed 661388.crdownload
2015-03-07 20:18 - 2015-03-07 20:18 - 00010406 _____ () C:\Users\Chris\Downloads\Unconfirmed 801802.crdownload
2015-03-07 18:18 - 2015-03-07 18:18 - 01146600 _____ () C:\Users\Chris\Downloads\Unconfirmed 611938.crdownload
2015-03-07 14:40 - 2015-03-07 14:40 - 00010345 _____ () C:\Users\Chris\Downloads\Unconfirmed 39576.crdownload
2015-03-07 14:38 - 2015-03-07 14:38 - 00010345 _____ () C:\Users\Chris\Downloads\Unconfirmed 879790.crdownload
2015-03-07 14:37 - 2015-03-07 14:37 - 00010345 _____ () C:\Users\Chris\Downloads\Unconfirmed 392145.crdownload
2015-03-07 12:43 - 2015-03-07 12:43 - 01146616 _____ () C:\Users\Chris\Downloads\Unconfirmed 901549.crdownload
2015-03-07 12:42 - 2015-03-07 12:42 - 01146616 _____ () C:\Users\Chris\Downloads\Unconfirmed 696570.crdownload
2015-03-07 10:49 - 2015-03-07 10:49 - 01453024 _____ (Bandoo Media Inc) C:\Users\Chris\Downloads\Unconfirmed 239709.crdownload
2015-03-07 10:48 - 2015-03-07 10:48 - 01453024 _____ (Bandoo Media Inc) C:\Users\Chris\Downloads\Unconfirmed 773568.crdownload
2015-03-07 10:08 - 2015-03-07 10:09 - 00543032 _____ (BetOnSoft N.V.) C:\Users\Chris\Downloads\Unconfirmed 483554.crdownload
2015-03-07 10:07 - 2015-03-07 10:08 - 00543032 _____ (BetOnSoft N.V.) C:\Users\Chris\Downloads\Unconfirmed 936941.crdownload
2015-03-07 05:53 - 2015-03-07 05:53 - 01146600 _____ () C:\Users\Chris\Downloads\Unconfirmed 809531.crdownload
2015-03-07 03:38 - 2015-03-07 03:38 - 00012161 _____ () C:\Users\Chris\Downloads\DKSalaries.csv
2015-03-07 01:05 - 2015-03-07 01:05 - 01146600 _____ () C:\Users\Chris\Downloads\Unconfirmed 488126.crdownload
2015-03-06 16:45 - 2015-03-06 16:46 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 646454.crdownload
2015-03-06 16:42 - 2015-03-06 16:45 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 789291.crdownload
2015-03-06 16:41 - 2015-03-06 16:42 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 414808.crdownload
2015-03-06 11:15 - 2015-03-06 11:15 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 742591.crdownload
2015-03-06 08:18 - 2015-03-06 08:23 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 261830.crdownload
2015-03-06 08:18 - 2015-03-06 08:18 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 492016.crdownload
2015-03-06 07:59 - 2015-03-06 07:59 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 382452.crdownload
2015-03-06 05:28 - 2015-03-06 05:28 - 00413336 _____ () C:\Users\Chris\Downloads\Unconfirmed 592904.crdownload
2015-03-06 03:33 - 2015-03-06 03:33 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 325039.crdownload
2015-03-06 02:16 - 2015-03-06 02:16 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 98970.crdownload
2015-03-06 02:15 - 2015-03-06 02:15 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 624796.crdownload
2015-03-06 00:44 - 2015-03-06 00:44 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 12673.crdownload
2015-03-05 22:04 - 2015-03-05 22:04 - 00800912 _____ (Software ) C:\Users\Chris\Downloads\Unconfirmed 201797.crdownload
2015-03-05 19:02 - 2015-03-05 19:02 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 830461.crdownload
2015-03-05 19:01 - 2015-03-05 19:01 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 69309.crdownload
2015-03-05 18:59 - 2015-03-05 18:59 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 467046.crdownload
2015-03-05 15:21 - 2015-03-05 15:22 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 730292.crdownload
2015-03-05 15:20 - 2015-03-05 15:21 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 108848.crdownload
2015-03-05 15:17 - 2015-03-05 15:20 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 635376.crdownload
2015-03-05 15:17 - 2015-03-05 15:17 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 503620.crdownload
2015-03-05 09:17 - 2015-03-05 09:17 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 514330.crdownload
2015-03-05 09:16 - 2015-03-05 09:16 - 00291336 _____ () C:\Users\Chris\Downloads\Unconfirmed 284664.crdownload
2015-03-05 01:38 - 2015-03-05 01:38 - 01097817 _____ () C:\Users\Chris\Downloads\Unconfirmed 810673.crdownload
2015-03-05 01:38 - 2015-03-05 01:38 - 01091739 _____ () C:\Users\Chris\Downloads\Unconfirmed 322770.crdownload
2015-03-05 01:37 - 2015-03-05 01:37 - 01072158 _____ () C:\Users\Chris\Downloads\Unconfirmed 105605.crdownload
2015-03-05 01:37 - 2015-03-05 01:37 - 01063355 _____ () C:\Users\Chris\Downloads\Unconfirmed 486460.crdownload
2015-03-05 01:36 - 2015-03-05 01:36 - 01118019 _____ () C:\Users\Chris\Downloads\Unconfirmed 458275.crdownload
2015-03-05 01:35 - 2015-03-05 01:36 - 01121621 _____ () C:\Users\Chris\Downloads\Unconfirmed 201361.crdownload
2015-03-04 22:34 - 2015-03-04 22:34 - 00776770 _____ (Program ) C:\Users\Chris\Downloads\Unconfirmed 230473.crdownload
2015-03-04 22:33 - 2015-03-04 22:33 - 00776770 _____ (Program ) C:\Users\Chris\Downloads\Unconfirmed 69737.crdownload
2015-03-04 22:32 - 2015-03-04 22:32 - 01453024 _____ (Bandoo Media Inc) C:\Users\Chris\Downloads\Unconfirmed 326113.crdownload
2015-03-04 16:17 - 2015-03-04 16:20 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 492171.crdownload
2015-03-04 16:17 - 2015-03-04 16:17 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 128618.crdownload
2015-03-04 16:17 - 2015-03-04 16:17 - 00920892 _____ () C:\Users\Chris\Downloads\Unconfirmed 831997.crdownload
2015-03-04 16:17 - 2015-03-04 16:17 - 00010401 _____ () C:\Users\Chris\Downloads\Unconfirmed 498159.crdownload
2015-03-04 14:43 - 2015-03-04 14:43 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 865969.crdownload
2015-03-04 14:33 - 2015-03-04 14:33 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 775572.crdownload
2015-03-04 14:32 - 2015-03-04 14:32 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 549473.crdownload
2015-03-04 10:21 - 2015-03-04 10:21 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 707147.crdownload
2015-03-04 07:35 - 2015-03-04 07:35 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 2179.crdownload
2015-03-04 07:34 - 2015-03-04 07:34 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 743304.crdownload
2015-03-04 06:09 - 2015-03-04 06:09 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 507405.crdownload
2015-03-04 06:08 - 2015-03-04 06:08 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 540317.crdownload
2015-03-04 03:05 - 2015-03-04 03:05 - 01146584 _____ () C:\Users\Chris\Downloads\Unconfirmed 949703.crdownload
2015-03-04 03:05 - 2015-03-04 03:05 - 01146584 _____ () C:\Users\Chris\Downloads\Unconfirmed 918063.crdownload
2015-03-03 19:28 - 2015-03-03 19:29 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 961264.crdownload
2015-03-03 14:41 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-03-03 14:41 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-03-03 14:41 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-03-03 14:41 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-03-03 14:25 - 2015-03-03 14:25 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 32986.crdownload
2015-03-03 14:24 - 2015-03-03 14:24 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 185442.crdownload
2015-03-03 09:20 - 2015-03-03 09:20 - 01146624 _____ () C:\Users\Chris\Downloads\Unconfirmed 56559.crdownload
2015-03-03 07:39 - 2015-03-03 07:40 - 01146592 _____ () C:\Users\Chris\Downloads\Unconfirmed 289428.crdownload
2015-03-03 05:07 - 2015-03-03 05:07 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 161261.crdownload
2015-03-03 05:06 - 2015-03-03 05:06 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 734899.crdownload
2015-03-03 03:16 - 2015-03-03 03:16 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 475144.crdownload
2015-03-03 03:15 - 2015-03-03 03:15 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 484010.crdownload
2015-03-03 03:14 - 2015-03-03 03:14 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 596883.crdownload
2015-03-03 03:04 - 2015-03-03 03:05 - 01146600 _____ () C:\Users\Chris\Downloads\Unconfirmed 894850.crdownload
2015-03-03 02:31 - 2015-03-03 02:31 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 67677.crdownload
2015-03-03 02:30 - 2015-03-03 02:30 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 542094.crdownload
2015-03-03 01:44 - 2015-03-03 01:44 - 01146592 _____ () C:\Users\Chris\Downloads\Unconfirmed 939014.crdownload
2015-03-03 01:24 - 2015-03-03 01:24 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 361718.crdownload
2015-03-03 00:58 - 2015-03-03 00:58 - 00010319 _____ () C:\Users\Chris\Downloads\Unconfirmed 637316.crdownload
2015-03-02 23:53 - 2015-03-02 23:53 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 482133.crdownload
2015-03-02 18:10 - 2015-03-02 18:10 - 01146592 _____ () C:\Users\Chris\Downloads\Unconfirmed 890458.crdownload
2015-03-02 17:03 - 2015-03-02 17:03 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 725807.crdownload
2015-03-02 07:04 - 2015-03-02 07:04 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 138089.crdownload
2015-03-02 07:03 - 2015-03-02 07:03 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 499248.crdownload
2015-03-02 05:33 - 2015-03-02 05:38 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 448473.crdownload
2015-03-02 05:33 - 2015-03-02 05:33 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 966122.crdownload
2015-03-02 03:58 - 2015-03-02 03:59 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 567767.crdownload
2015-03-02 03:18 - 2015-03-02 03:18 - 00323601 _____ (InstallerTech Corp) C:\Users\Chris\Downloads\Unconfirmed 149155.crdownload
2015-03-02 01:36 - 2015-03-02 01:36 - 01198000 _____ (Topgame) C:\Users\Chris\Downloads\Unconfirmed 569890.crdownload
2015-03-02 01:35 - 2015-03-02 01:35 - 01198000 _____ (Topgame) C:\Users\Chris\Downloads\Unconfirmed 798094.crdownload
2015-03-02 01:34 - 2015-03-02 01:34 - 01198000 _____ (Topgame) C:\Users\Chris\Downloads\Unconfirmed 908130.crdownload
2015-03-02 01:34 - 2015-03-02 01:34 - 01198000 _____ (Topgame) C:\Users\Chris\Downloads\Unconfirmed 787851.crdownload
2015-03-02 01:34 - 2015-03-02 01:34 - 01198000 _____ (Topgame) C:\Users\Chris\Downloads\Unconfirmed 398135.crdownload
2015-03-02 01:08 - 2015-03-02 01:08 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 905978.crdownload
2015-03-01 23:57 - 2015-03-01 23:57 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 91261.crdownload
2015-03-01 23:56 - 2015-03-01 23:56 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 283279.crdownload
2015-03-01 23:14 - 2015-03-01 23:14 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 746140.crdownload
2015-03-01 23:13 - 2015-03-01 23:13 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 647205.crdownload
2015-03-01 19:01 - 2015-03-01 19:01 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 764965.crdownload
2015-03-01 17:58 - 2015-03-01 17:58 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 740059.crdownload
2015-03-01 17:57 - 2015-03-01 17:57 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 319593.crdownload
2015-03-01 17:56 - 2015-03-01 17:56 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 575079.crdownload
2015-03-01 17:13 - 2015-03-01 17:13 - 00291088 _____ () C:\Users\Chris\Downloads\Unconfirmed 103249.crdownload
2015-03-01 15:42 - 2015-03-01 15:42 - 00260936 _____ () C:\Users\Chris\Downloads\Unconfirmed 880056.crdownload
2015-03-01 15:42 - 2015-03-01 15:42 - 00260936 _____ () C:\Users\Chris\Downloads\Unconfirmed 69820.crdownload
2015-03-01 14:08 - 2015-03-01 14:08 - 00778138 _____ (App Internet Program ) C:\Users\Chris\Downloads\Unconfirmed 640644.crdownload
2015-03-01 01:17 - 2015-03-01 01:17 - 00291144 _____ () C:\Users\Chris\Downloads\Unconfirmed 822626.crdownload
2015-03-01 01:17 - 2015-03-01 01:17 - 00291144 _____ () C:\Users\Chris\Downloads\Unconfirmed 505562.crdownload
2015-03-01 01:16 - 2015-03-01 01:16 - 00291144 _____ () C:\Users\Chris\Downloads\Unconfirmed 873454.crdownload
2015-03-01 01:16 - 2015-03-01 01:16 - 00291144 _____ () C:\Users\Chris\Downloads\Unconfirmed 438328.crdownload
2015-02-28 23:45 - 2015-02-28 23:45 - 02388000 _____ (ooVoo LLC) C:\Users\Chris\Downloads\Unconfirmed 904428.crdownload
2015-02-28 18:04 - 2015-02-28 18:08 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 449285.crdownload
2015-02-28 18:02 - 2015-02-28 18:03 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 698340.crdownload
2015-02-28 16:41 - 2015-02-28 16:41 - 00010375 _____ () C:\Users\Chris\Downloads\Unconfirmed 417866.crdownload
2015-02-28 11:32 - 2015-02-28 11:32 - 00010319 _____ () C:\Users\Chris\Downloads\Unconfirmed 5013.crdownload
2015-02-28 11:31 - 2015-02-28 11:31 - 00010319 _____ () C:\Users\Chris\Downloads\Unconfirmed 53220.crdownload
2015-02-28 11:30 - 2015-02-28 11:30 - 00010319 _____ () C:\Users\Chris\Downloads\Unconfirmed 320791.crdownload
2015-02-28 10:15 - 2015-02-28 10:15 - 21361976 _____ (Perion Network Ltd. ) C:\Users\Chris\Downloads\Unconfirmed 739511.crdownload
2015-02-28 08:27 - 2015-02-28 08:27 - 00103880 _____ () C:\Users\Chris\Downloads\PopcornTime - Movies (2).zip
2015-02-28 08:27 - 2015-02-28 08:27 - 00103880 _____ () C:\Users\Chris\Downloads\PopcornTime - Movies (1).zip
2015-02-28 08:26 - 2015-02-28 08:27 - 00103880 _____ () C:\Users\Chris\Downloads\PopcornTime - Movies.zip
2015-02-28 07:23 - 2015-02-28 07:23 - 00010319 _____ () C:\Users\Chris\Downloads\Unconfirmed 535203.crdownload
2015-02-28 07:22 - 2015-02-28 07:22 - 00010319 _____ () C:\Users\Chris\Downloads\Unconfirmed 909042.crdownload
2015-02-27 21:57 - 2015-02-27 21:58 - 00816081 _____ () C:\Users\Chris\Downloads\Unconfirmed 182900.crdownload
2015-02-27 20:50 - 2015-02-27 20:50 - 01146632 _____ () C:\Users\Chris\Downloads\Unconfirmed 996837.crdownload
2015-02-27 20:49 - 2015-02-27 20:49 - 01146616 _____ () C:\Users\Chris\Downloads\Unconfirmed 600173.crdownload
2015-02-27 20:48 - 2015-02-27 20:48 - 01146624 _____ () C:\Users\Chris\Downloads\Unconfirmed 844321.crdownload
2015-02-27 20:46 - 2015-02-27 20:47 - 01146616 _____ () C:\Users\Chris\Downloads\Unconfirmed 721869.crdownload
2015-02-27 20:00 - 2015-02-27 20:00 - 00291376 _____ () C:\Users\Chris\Downloads\Unconfirmed 484146.crdownload
2015-02-27 19:59 - 2015-02-27 19:59 - 00291376 _____ () C:\Users\Chris\Downloads\Unconfirmed 436500.crdownload
2015-02-27 08:22 - 2015-02-27 08:27 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 683801.crdownload
2015-02-27 08:21 - 2015-02-27 08:21 - 32167704 _____ (VideoLan ) C:\Users\Chris\Downloads\Unconfirmed 345379.crdownload
2015-02-26 04:01 - 2015-01-08 18:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-26 04:01 - 2015-01-08 18:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 18:44 - 2015-02-25 18:44 - 00648927 _____ () C:\Users\Chris\Downloads\Unconfirmed 212443.crdownload
2015-02-25 02:48 - 2015-02-25 02:48 - 00328952 _____ (InstallerTech Corp) C:\Users\Chris\Downloads\Unconfirmed 611499.crdownload
2015-02-23 21:27 - 2015-02-23 21:27 - 00583216 _____ () C:\Users\Chris\Downloads\Unconfirmed 114267.crdownload
2015-02-23 21:24 - 2015-02-23 21:24 - 00583216 _____ () C:\Users\Chris\Downloads\Unconfirmed 596358.crdownload
2015-02-23 16:15 - 2015-02-23 16:16 - 00820944 _____ (CoinisRevShare) C:\Users\Chris\Downloads\Unconfirmed 813841.crdownload
2015-02-23 05:22 - 2015-02-23 05:23 - 01127324 _____ () C:\Users\Chris\Downloads\Unconfirmed 334143.crdownload
2015-02-23 05:22 - 2015-02-23 05:22 - 01127320 _____ () C:\Users\Chris\Downloads\Unconfirmed 701894.crdownload

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 23:42 - 2010-09-14 21:08 - 01415225 _____ () C:\windows\WindowsUpdate.log
2015-03-23 23:28 - 2013-08-11 03:25 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-23 23:05 - 2011-02-02 19:11 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-23 21:05 - 2011-02-02 19:11 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-23 20:30 - 2009-07-13 23:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-23 20:30 - 2009-07-13 23:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-23 20:08 - 2009-07-14 00:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-23 20:07 - 2011-07-14 14:15 - 00000000 ___RD () C:\Users\Chris\Dropbox
2015-03-23 20:07 - 2011-07-14 14:14 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Dropbox
2015-03-23 04:24 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2015-03-23 03:33 - 2011-05-23 02:46 - 00000000 ____D () C:\Users\Chris\Tracing
2015-03-23 03:29 - 2015-02-19 13:47 - 00002331 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-03-23 03:28 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-23 03:27 - 2009-07-13 23:51 - 00079467 _____ () C:\windows\setupact.log
2015-03-23 03:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-23 03:26 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-21 18:39 - 2011-02-14 01:14 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2015-03-21 18:19 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2015-03-21 18:07 - 2010-08-18 12:58 - 00212268 _____ () C:\windows\PFRO.log
2015-03-21 10:29 - 2015-02-05 16:37 - 00000000 ____D () C:\Users\Chris\AppData\Local\avaxvyyvyd
2015-03-20 05:19 - 2014-11-18 16:36 - 00000000 ____D () C:\Program Files (x86)\Jelbrus Secure Web
2015-03-18 03:59 - 2015-01-29 16:36 - 00000000 ____D () C:\Program Files\ChromeEnhancer
2015-03-18 03:43 - 2014-11-17 16:35 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-03-18 03:38 - 2015-01-29 16:36 - 00000726 _____ () C:\CE.txt
2015-03-16 00:36 - 2012-06-08 04:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-12 15:38 - 2014-11-18 16:36 - 00003274 _____ () C:\windows\System32\Tasks\Jelbrus Secure Web Task
2015-03-11 04:20 - 2011-07-14 14:15 - 00001027 _____ () C:\Users\Chris\Desktop\Dropbox.lnk
2015-03-11 04:20 - 2011-07-14 14:14 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-11 04:11 - 2009-07-13 23:45 - 02945664 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-11 03:14 - 2010-08-18 13:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-04 04:19 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\tracing
2015-02-24 04:17 - 2011-03-07 02:11 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-02-21 15:44 - 2014-11-17 16:34 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\GetPrivate
2015-02-21 05:45 - 2014-11-17 16:34 - 00000000 ____D () C:\Program Files (x86)\GetPrivate

==================== Files in the root of some directories =======

2015-03-21 17:48 - 2015-03-21 18:38 - 0223573 _____ () C:\Users\Chris\AppData\Local\ars.cache
2015-03-21 17:49 - 2015-03-21 18:38 - 0503305 _____ () C:\Users\Chris\AppData\Local\census.cache
2015-03-21 17:21 - 2015-03-21 17:21 - 0000036 _____ () C:\Users\Chris\AppData\Local\housecall.guid.cache
2015-02-17 17:50 - 2015-02-17 17:50 - 0628496 _____ (CMI Limited) C:\Users\Chris\AppData\Local\nsd6F9C.tmp
2014-11-17 16:35 - 2014-11-17 16:46 - 0000003 _____ () C:\Users\Chris\AppData\Local\proxy.log
2015-03-21 17:38 - 2015-03-21 18:28 - 0000010 _____ () C:\Users\Chris\AppData\Local\sponge.last.runtime.cache
2011-06-29 03:15 - 2011-06-29 03:15 - 0000000 _____ () C:\Users\Chris\AppData\Local\{226C4828-1DB1-41BF-B2AF-1862F7258298}
2012-01-22 04:11 - 2012-01-22 04:11 - 0000000 _____ () C:\Users\Chris\AppData\Local\{46DC16C0-8B3B-4B41-9589-8CD543D50D1E}
2011-12-25 13:52 - 2011-12-25 13:52 - 0000000 _____ () C:\Users\Chris\AppData\Local\{BBDEBA31-547D-4CAE-9B5A-BF291D06745C}

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\1vjjdjy2.2al.exe
C:\Users\Chris\AppData\Local\Temp\2mpet4es.ar2.exe
C:\Users\Chris\AppData\Local\Temp\binkw32.dll
C:\Users\Chris\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Chris\AppData\Local\Temp\d2l_Install.exe
C:\Users\Chris\AppData\Local\Temp\d2l_PlayD2.exe
C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkos9wk.dll
C:\Users\Chris\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Chris\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Chris\AppData\Local\Temp\GLFD3A0.tmp.ConduitEngineSetup.exe
C:\Users\Chris\AppData\Local\Temp\GPUpd54DBCB690.exe
C:\Users\Chris\AppData\Local\Temp\GPUpd54DD1CE80.exe
C:\Users\Chris\AppData\Local\Temp\GPUpd54DE6E6A0.exe
C:\Users\Chris\AppData\Local\Temp\GPUpd54DFBFE90.exe
C:\Users\Chris\AppData\Local\Temp\GPUpd54E111680.exe
C:\Users\Chris\AppData\Local\Temp\GPUpd54E262F81.exe
C:\Users\Chris\AppData\Local\Temp\hotzeeee.exe
C:\Users\Chris\AppData\Local\Temp\hotzenplotz.exe
C:\Users\Chris\AppData\Local\Temp\hwaeva15.4w3.exe
C:\Users\Chris\AppData\Local\Temp\ietCAA6.tmp.exe
C:\Users\Chris\AppData\Local\Temp\lowproc.exe
C:\Users\Chris\AppData\Local\Temp\nkylqys4.3tu.exe
C:\Users\Chris\AppData\Local\Temp\nsjCDEB.exe
C:\Users\Chris\AppData\Local\Temp\nst1859.exe
C:\Users\Chris\AppData\Local\Temp\nsuE99C.exe
C:\Users\Chris\AppData\Local\Temp\SendMsg.dll
C:\Users\Chris\AppData\Local\Temp\SpOrder.dll
C:\Users\Chris\AppData\Local\Temp\stubhelper.dll
C:\Users\Chris\AppData\Local\Temp\SymCCIS.dll
C:\Users\Chris\AppData\Local\Temp\tbPhot.dll
C:\Users\Chris\AppData\Local\Temp\uotgarsb.v5b.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-21 22:19

==================== End Of Log ============================


  • 0

#4
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Here is the addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Chris at 2015-03-23 23:51:10
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.0 - )
ACE30 Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
ACE30 Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
ACE30 Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Ad-Aware Antivirus (HKLM\...\{A5C0392D-46A7-4CB3-800B-5794909453BD}_AdAwareUpdater) (Version: 11.5.202.7299 - Lavasoft)
AdAwareInstaller (Version: 11.5.202.7299 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.5.202.7299 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}) (Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
AnalogChorus Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
AnalogChorus Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
AnalogChorus Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
AnalogDelay Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
AnalogDelay Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
AnalogDelay Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
AnalogFlanger Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
AnalogFlanger Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
AnalogFlanger Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
AnalogPhaser Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
AnalogPhaser Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
AnalogPhaser Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Arc Panner Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Arc Panner Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Arc Panner Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{8E90189A-A5D4-4C0E-A908-06C4236F98EE}) (Version: 2.0.10.94 - ArcSoft)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version:  - ArcSoft)
ArcSoft Print Creations - Brochures & Flyers (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version:  - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version:  - ArcSoft)
ArcSoft Print Creations - Funhouse II (HKLM-x32\...\{3CE47E6B-AE27-4E40-AC54-329EED96B933}) (Version:  - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Prints (HKLM-x32\...\{95F875CC-1B85-43E6-B3E0-13EA04F3D995}) (Version:  - ArcSoft)
ArcSoft Print Creations - Poster Creator (HKLM-x32\...\{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}) (Version:  - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version:  - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version:  - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{A3324BBB-3A83-40CE-AA8C-759D849B7EA1}) (Version: 3.0.255.487 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{25478065-4CB1-448C-80E4-8C4529017EE3}) (Version: 3.0.32.221 - ArcSoft)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.12.2.0 - Ask.com) <==== ATTENTION
Auralizer Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Auralizer Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Auralizer Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
AutoPan Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
AutoPan Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
AutoPan Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Bass Manager Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Bass Manager Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Bass Manager Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
BassLine Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
BassLine Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
BassLine Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BringMeSports Toolbar (HKLM-x32\...\BringMeSports_1cbar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Buffy Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Buffy Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Buffy Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.1007.2001 - Micro-Star International Co., Ltd.)
Calibration Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Calibration Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Calibration Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
ClearPebble Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
ClearPebble Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
ClearPebble Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conduit Engine (HKLM-x32\...\conduitEngine) (Version:  - Conduit Ltd.) <==== ATTENTION
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Custom59 Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Custom59 Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Custom59 Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DCNotch Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
DCNotch Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
DCNotch Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
DDP Player (HKLM-x32\...\DDP Player) (Version:  - Sonoris Audio Engineering)
DeEsser Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
DeEsser Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
DeEsser Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
DeltaFuzz Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
DeltaFuzz Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
DeltaFuzz Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Diablo II (HKLM-x32\...\Diablo II) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DiamondDrive Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
DiamondDrive Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
DiamondDrive Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Digital Performer 8.0 x64 (Version: 8.0.63959.0 - MOTU) Hidden
Digital Performer 8.0 x86 (x32 Version: 8.0.63959.0 - MOTU) Hidden
Digital Performer Data (x32 Version: 8.0.63959.0 - MOTU) Hidden
Digital Performer Plug-ins x64 (Version: 8.0.63959.0 - MOTU) Hidden
Digital Performer Plug-ins x86 (x32 Version: 8.0.63959.0 - MOTU) Hidden
DPlus Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
DPlus Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
DPlus Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Dropbox (HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DynamicEQ Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
DynamicEQ Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
DynamicEQ Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Dynamics Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Dynamics Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Dynamics Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
DynaSquash Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
DynaSquash Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
DynaSquash Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Echo Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Echo Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Echo Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
eMusic Download Manager 4.1.4 (HKLM-x32\...\eMusic Download Manager) (Version: 4.1.4 - eMusic, Inc.)
ENE CIR Receiver Driver (HKLM\...\5F4DD0919B4763856B77AD385DEEEFCDF01784A8) (Version: 2.7.3.519 - ENE)
EnsembleChorus Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
EnsembleChorus Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
EnsembleChorus Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
eVerb Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
eVerb Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
eVerb Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Flanger Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Flanger Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
HiTop Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
HiTop Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
HiTop Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
Idle Crawler (HKLM-x32\...\64185805-74C2-FD44-B6DC-2FC9F631D24D) (Version: 132.0.0.476 - EUROHAUTE LTD) <==== ATTENTION
Ignite (HKLM-x32\...\{9A731246-E02E-44DC-940D-0F8110C1789D}) (Version: 1.3.1 - AIR Music Technology)
Ignite (x32 Version: 1.3.1 - AIR Music Technology) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
IntelligentNoiseGate Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
IntelligentNoiseGate Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.06.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.31.3 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
LiveRoomB Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomB Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomB Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomB Plug-in Data Library (x32 Version: 0.0.50894.0 - MOTU) Hidden
LiveRoomB Plug-in Data Library (x32 Version: 0.0.55504.0 - MOTU) Hidden
LiveRoomG Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomG Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomG Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
LiveRoomG Plug-in Data Library (x32 Version: 0.0.50858.0 - MOTU) Hidden
LiveRoomG Plug-in Data Library (x32 Version: 0.0.55504.0 - MOTU) Hidden
LiveStage Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
LiveStage Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
LiveStage Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
LiveStage Plug-in Data Library (x32 Version: 0.0.50858.0 - MOTU) Hidden
LiveStage Plug-in Data Library (x32 Version: 0.0.55504.0 - MOTU) Hidden
ManyCam 2.6.55 (remove only) (HKLM-x32\...\ManyCam) (Version: 2.6.55 - ManyCam LLC)
MasterWorks Compressor Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Compressor Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Compressor Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks EQ Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks EQ Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks EQ Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Gate Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Gate Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Gate Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Leveler Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Leveler Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Leveler Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Limiter Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Limiter Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
MasterWorks Limiter Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
M-Audio FastTrackPro Driver 6.0.7 (x64) (HKLM\...\{73089240-023C-11E0-9AE3-2BA1DFD72085}) (Version: 6.0.7 - M-Audio)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Model12 Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Model12 Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Model12 Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Model12 Plug-in Data Library (x32 Version: 0.0.53357.0 - MOTU) Hidden
Model12 Plug-in Data Library (x32 Version: 0.0.55504.0 - MOTU) Hidden
Modulo Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Modulo Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Modulo Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Motorola Bluetooth (HKLM\...\Motorola Bluetooth_is1) (Version: 3.0.0.217 - Motorola, Inc.)
MS Decoder Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
MS Decoder Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
MS Decoder Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
msi Software Install (HKLM-x32\...\{A840FFFB-3A80-4C24-AB34-BE9F56BEB4CE}) (Version: 3.1000.1005.1101 - Micro-Star International Co., Ltd.)
Multimode Filter Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Multimode Filter Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Multimode Filter Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
nanosampler Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
nanosampler Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
nanosampler Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
nanosampler Plug-in Data Library (x32 Version: 0.0.53106.0 - MOTU) Hidden
nanosampler Plug-in Data Library (x32 Version: 0.0.55504.0 - MOTU) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.6.10500.3.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.6.10600 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10300.1.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10600.28.0 - Nero AG)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 17.9.0.12 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
n-Panner Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
n-Panner Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
n-Panner Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA Graphics Driver 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.10 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
ParaEQ Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
ParaEQ Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
ParaEQ Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
PatternGate Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
PatternGate Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
PatternGate Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Phaser Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PhotoSync (HKLM\...\{D1BD008E-E769-4189-ABB5-F407A353A105}) (Version: 1.3.3 - touchbyte GmbH)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Plate Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Plate Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Plate Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
PolySynth Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
PolySynth Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
PolySynth Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Preamp-1 Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Preamp-1 Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Preamp-1 Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
PrecisionDelay Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
PrecisionDelay Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
PrecisionDelay Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Proton Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Proton Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Proton Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
ProVerb Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
ProVerb Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
ProVerb Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
ProVerb Plug-in Data Library (x32 Version: 0.0.52079.0 - MOTU) Hidden
ProVerb Plug-in Data Library (x32 Version: 0.0.55504.0 - MOTU) Hidden
Quan Jr Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Quan Jr Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Quan Jr Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.13 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Reason 5.0 (HKLM-x32\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB)
Reverb Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Reverb Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Reverb Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
RingMod Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
RingMod Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
RingMod Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
RXT Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
RXT Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
RXT Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Sandboxie 3.50 (64-bit) (HKLM\...\Sandboxie) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Soloist Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Soloist Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Soloist Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Sonic Modulator Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Sonic Modulator Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Sonic Modulator Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
SpatialMaximizer Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
SpatialMaximizer Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
SpatialMaximizer Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Springamabob Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Springamabob Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Springamabob Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Springamabob Plug-in Data Library (x32 Version: 0.0.50858.0 - MOTU) Hidden
Springamabob Plug-in Data Library (x32 Version: 0.0.55504.0 - MOTU) Hidden
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1800 - SRS Labs, Inc.)
SubKick Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
SubKick Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
SubKick Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.0108.006.04 - Micro-Star International Co., Ltd.)
Torchlight (HKLM-x32\...\Runic Games Torchlight) (Version: 1.0.69.23 - )
Tremolo Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Tremolo Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Tremolo Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Trigger Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Trigger Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Trigger Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Trim Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Trim Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Trim Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
TriPan Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
TriPan Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
TriPan Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
TubeWailer Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
TubeWailer Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
TubeWailer Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Tuner Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
Tuner Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
Tuner Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
UberTube Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
UberTube Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
UberTube Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
uTorrentBar Toolbar (HKLM-x32\...\uTorrentBar Toolbar) (Version: 6.2.7.3 - uTorrentBar) <==== ATTENTION
WahPedal Plug-in 32 bit DLL (x32 Version: 0.0.60209.0 - MOTU) Hidden
WahPedal Plug-in 64 bit DLL (Version: 0.0.60209.0 - MOTU) Hidden
WahPedal Plug-in Data (x32 Version: 0.0.60209.0 - MOTU) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinX Video Converter 5.0.8 (HKLM-x32\...\WinX Video Converter_is1) (Version:  - Digiarty Software, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-346444361-470292555-3986792257-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

15-03-2015 03:00:23 Windows Update
16-03-2015 03:00:31 Windows Update
17-03-2015 03:00:22 Windows Update
18-03-2015 03:00:42 Windows Update
19-03-2015 03:00:27 Windows Update
20-03-2015 03:00:25 Windows Update
21-03-2015 03:00:21 Windows Update
22-03-2015 03:00:16 Windows Update
23-03-2015 03:00:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2015-01-14 16:36 - 00000865 ____A C:\windows\system32\Drivers\etc\hosts
0.0.0.0         .psf
0.0.0.0         psf

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A29426E-BF9A-48C7-BFE0-8D5A6FEF6229} - System32\Tasks\Jelbrus Secure Web Task => C:\Program Files (x86)\Jelbrus Secure Web\jswtask.exe <==== ATTENTION
Task: {0DEB2100-97FF-4F15-B8D0-67586B31D126} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {1428C219-7744-4990-9881-0609F50F2794} - System32\Tasks\GPUP => C:\Program Files (x86)\GetPrivate\gpup.exe <==== ATTENTION
Task: {1883147D-9C1A-4A29-AE66-A78A273729BE} - System32\Tasks\{5B0FD6CB-EE88-4033-A473-A61105CFDDD2} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {313985E9-E130-4FD9-B161-ACCB4CFA4F3A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {3AF9D13C-C768-4781-8A91-E31B15F760ED} - System32\Tasks\{03B2341D-01F3-48C9-8C40-B32E16435F6D} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {47042731-2F6B-4FBF-B70D-14A6223088FA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {515E5263-2799-4994-9AE7-F3E78C922814} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {53147098-8D71-48BC-8417-CB1B6024C5CB} - System32\Tasks\Runner IC => %LOCALAPPDATA%\64185805-74C2-FD44-B6DC-2FC9F631D24D\Runner.exe
Task: {69852880-9857-4D07-9D49-413A11A569FC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-346444361-470292555-3986792257-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {72222E6E-E54D-4E33-ACB9-3391F420A790} - System32\Tasks\Symantec\Symantec Error Analyzer 17.9.0.12 => C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe [2011-09-19] (Symantec Corporation)
Task: {7DF4BDB2-0757-4A24-8A7E-BE6FC820E79A} - System32\Tasks\Microsoft\Windows\Maintenance\Update IC => %LOCALAPPDATA%\64185805-74C2-FD44-B6DC-2FC9F631D24D\Runner.exe
Task: {7EBE938E-4203-4EDC-8D1D-DCFB34B931F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8DE6A022-D385-4BEB-B492-EEDAFBC4C19D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-346444361-470292555-3986792257-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {B233BE14-AB31-4C74-876D-62549F817FC3} - System32\Tasks\avaxvyyvyf => C:\Users\Chris\AppData\Local\avaxvyyvyf\avaxvyyvyf.exe <==== ATTENTION
Task: {B5E6F3A2-A25E-4AAE-9C1D-ADDA804DCA15} - System32\Tasks\avaxvyyvyd => C:\Users\Chris\AppData\Local\avaxvyyvyd\avaxvyyvyd.exe <==== ATTENTION
Task: {C406DEE8-C5AD-4757-BD7A-7A813C706928} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D6114708-D4C1-4BD9-9D00-2837DE241712} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {D77D7246-5CF3-4C05-9F47-18760CD13DA8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2011-05-17] () <==== ATTENTION
Task: {E4D066FF-472C-447A-8B58-FC77AF84EEA7} - System32\Tasks\Symantec\Symantec Error Processor 17.9.0.12 => C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\SymErr.exe [2011-09-19] (Symantec Corporation)
Task: C:\windows\Tasks\53491cbe-765c-47c6-8c10-8f39da469456-1.job => C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-codedownloader.exe÷/LXGOVx /gxvgp=task /varXeEF='Plus-HD-9.3' /PIElTSfTy=53098 /FWFoJ='001263' /MOFVpqob='0' /NRvLRj='0' /lmDnh=9B5E66FE030D4D45B52620CBD5F2372AIE /qbiQLmJI=4aca28a808182f26e0ad73f36c4a713a /WdpIIVR=1_34_05_04 /hfRKuKJ=1.34.5.4 /aiWiYF=1399779555 /ttQgBkm=http:/stats.clientstaticserv.com /XwyJPS=http:/errors.clientstaticserv.com /QYtjI=http:/js.clientstaticserv.com /BSReB=ie /DggCarN /UgcJbSN='http:/update.clientstaticserv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-07-30 02:17 - 2014-07-30 02:17 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-07-30 05:04 - 2014-07-30 05:04 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-12-18 16:21 - 2014-12-18 16:21 - 02757456 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareShellExtension.dll
2014-12-18 16:21 - 2014-12-18 16:21 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\RCF.dll
2014-12-18 16:22 - 2014-12-18 16:22 - 00125792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_filesystem-vc100-mt-1_57.dll
2014-12-18 16:22 - 2014-12-18 16:22 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_system-vc100-mt-1_57.dll
2014-12-18 16:21 - 2014-12-18 16:21 - 08947008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe
2014-12-18 16:22 - 2014-12-18 16:22 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_date_time-vc100-mt-1_57.dll
2014-12-18 16:22 - 2014-12-18 16:22 - 00107352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_thread-vc100-mt-1_57.dll
2014-12-18 16:22 - 2014-12-18 16:22 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_chrono-vc100-mt-1_57.dll
2014-12-18 16:22 - 2014-12-18 16:22 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_locale-vc100-mt-1_57.dll
2014-12-18 16:21 - 2014-12-18 16:21 - 02130752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\HtmlFramework.dll
2014-12-18 16:21 - 2014-12-18 16:21 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\DllStorage.dll
2014-12-18 16:21 - 2014-12-18 16:21 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTrayDefaultSkin.dll
2014-12-18 16:21 - 2014-12-18 16:21 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\Localization.dll
2015-01-23 13:09 - 2015-01-23 13:09 - 00392792 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Runner.exe
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-16 16:37 - 2015-02-16 16:37 - 00086528 _____ () C:\Program Files (x86)\Jelbrus Secure Web\mgwz.dll
2014-08-14 05:24 - 2014-08-14 05:24 - 00864856 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Plugins\cldplin.dll
2014-10-16 03:50 - 2014-10-16 03:50 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-08-18 13:17 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00750080 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-23 03:35 - 2015-03-23 03:35 - 00043008 _____ () c:\users\chris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkos9wk.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00047616 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:08 - 2015-03-04 17:08 - 00865280 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:07 - 2015-03-04 17:07 - 00200704 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-08-14 05:24 - 2014-08-14 05:24 - 00573528 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
2015-01-23 13:11 - 2015-01-23 13:11 - 00101464 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Modules\ManXec.dll
2015-01-23 13:10 - 2015-01-23 13:10 - 00078424 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Modules\CmdProc.dll
2015-01-23 13:11 - 2015-01-23 13:11 - 00122456 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Modules\WblSupp.dll
2015-01-23 13:11 - 2015-01-23 13:11 - 00044632 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Modules\PrfIns.dll
2015-01-23 13:11 - 2015-01-23 13:11 - 00054872 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Modules\WbSes.dll
2015-01-23 13:12 - 2015-01-23 13:12 - 00116824 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Modules\WdcMan.dll
2015-01-23 13:10 - 2015-01-23 13:10 - 00101976 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Modules\CmnUtls.dll
2015-02-01 16:43 - 2014-10-23 03:14 - 01091584 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Chrome-bin\libglesv2.dll
2015-02-01 16:43 - 2014-10-23 03:19 - 00167936 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Chrome-bin\libEGL.dll
2015-02-01 16:43 - 2014-10-23 03:26 - 08569856 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Chrome-bin\pdf.dll
2015-02-01 16:43 - 2014-10-23 03:20 - 00324608 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Chrome-bin\ppGoogleNaClPluginChrome.dll
2015-02-01 16:43 - 2014-10-23 03:23 - 00880128 _____ () C:\Users\Chris\AppData\Local\64185805-74C2-FD44-B6DC-2FC9F631D24D\Chrome-bin\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-346444361-470292555-3986792257-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BringMeSports Search Scope Monitor => "C:\PROGRA~2\BRINGM~2\bar\1.bin\1csrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: PhotoJoy => C:\Program Files (x86)\PhotoJoy\bin\PhotoJoy.exe /c
MSCONFIG\startupreg: PhotoSync => C:\Program Files (x86)\PhotoSync\PhotoSync.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

==================== Accounts: =============================

Administrator (S-1-5-21-346444361-470292555-3986792257-500 - Administrator - Disabled)
Chris (S-1-5-21-346444361-470292555-3986792257-1000 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-346444361-470292555-3986792257-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-346444361-470292555-3986792257-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/23/2015 00:25:18 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (03/23/2015 00:24:15 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (03/23/2015 00:24:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/22/2015 01:25:36 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (03/22/2015 01:24:58 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (03/22/2015 01:24:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/21/2015 10:42:53 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (03/21/2015 10:37:19 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (03/21/2015 10:37:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/21/2015 06:39:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Runner.exe, version: 0.0.0.0, time stamp: 0x54c28a7f
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc00000fd
Fault offset: 0x00033917
Faulting process id: 0x1178
Faulting application start time: 0xRunner.exe0
Faulting application path: Runner.exe1
Faulting module path: Runner.exe2
Report Id: Runner.exe3

System errors:
=============
Error: (03/23/2015 11:45:59 PM) (Source: DCOM) (EventID: 10016) (User: ChrisB)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}{69AD4AEE-51BE-439B-A92C-86AE490E8B30}ChrisBChrisS-1-5-21-346444361-470292555-3986792257-1000LocalHost (Using LRPC)

Error: (03/23/2015 08:16:27 PM) (Source: DCOM) (EventID: 10016) (User: ChrisB)
Description: application-specificLocalActivation{4991D34B-80A1-4291-83B6-3328366B9097}{69AD4AEE-51BE-439B-A92C-86AE490E8B30}ChrisBChrisS-1-5-21-346444361-470292555-3986792257-1000LocalHost (Using LRPC)

Error: (03/23/2015 03:47:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80004005: Security Update for Windows 7 for x64-based Systems (KB3033929).

Error: (03/23/2015 03:36:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (03/23/2015 03:33:27 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.

Error: (03/23/2015 03:32:54 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.

Error: (03/23/2015 03:31:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (03/23/2015 03:30:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/23/2015 03:28:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (03/23/2015 03:26:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Defender service terminated with the following error:
%%-2147023781

Microsoft Office Sessions:
=========================
Error: (08/10/2011 03:43:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 1085 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (06/20/2011 03:29:37 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 76 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/20/2011 03:18:23 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 77 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (06/13/2011 02:55:02 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 19 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/13/2011 02:54:18 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 3917 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/23/2011 04:10:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 37 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/23/2011 04:09:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 292 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (04/22/2011 07:33:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 46 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/22/2011 07:32:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 238 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (04/22/2011 07:16:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 25 seconds with 0 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2012-09-21 15:20:27.187
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-21 15:20:26.937
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 4078.07 MB
Available physical RAM: 1336.64 MB
Total Pagefile: 8154.32 MB
Available Pagefile: 4444.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:274.6 GB) (Free:2.41 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:183.06 GB) (Free:137.54 GB) NTFS
Drive e: (2015-03-02 1818) (CDROM) (Total:0.17 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B92924ED)
Partition 1: (Not Active) - (Size=8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=274.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=183.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#5
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

TDSSKiller Log

 

23:59:43.0559 0x3ed4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
23:59:49.0968 0x3ed4  ============================================================
23:59:49.0968 0x3ed4  Current date / time: 2015/03/23 23:59:49.0968
23:59:49.0968 0x3ed4  SystemInfo:
23:59:49.0968 0x3ed4 
23:59:49.0968 0x3ed4  OS Version: 6.1.7601 ServicePack: 1.0
23:59:49.0968 0x3ed4  Product type: Workstation
23:59:49.0968 0x3ed4  ComputerName: CHRISB
23:59:49.0968 0x3ed4  UserName: Chris
23:59:49.0968 0x3ed4  Windows directory: C:\windows
23:59:49.0968 0x3ed4  System windows directory: C:\windows
23:59:49.0968 0x3ed4  Running under WOW64
23:59:49.0968 0x3ed4  Processor architecture: Intel x64
23:59:49.0968 0x3ed4  Number of processors: 8
23:59:49.0968 0x3ed4  Page size: 0x1000
23:59:49.0968 0x3ed4  Boot type: Normal boot
23:59:49.0968 0x3ed4  ============================================================
23:59:50.0200 0x3ed4  KLMD registered as C:\windows\system32\drivers\26834146.sys
23:59:50.0690 0x3ed4  System UUID: {ABA1CD8A-B705-EB88-6C61-E7939C7E1828}
23:59:51.0287 0x3ed4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:59:51.0296 0x3ed4  ============================================================
23:59:51.0296 0x3ed4  \Device\Harddisk0\DR0:
23:59:51.0296 0x3ed4  MBR partitions:
23:59:51.0296 0x3ed4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1032800, BlocksNum 0x22532000
23:59:51.0296 0x3ed4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23564800, BlocksNum 0x16E21000
23:59:51.0297 0x3ed4  ============================================================
23:59:51.0329 0x3ed4  C: <-> \Device\Harddisk0\DR0\Partition1
23:59:51.0371 0x3ed4  D: <-> \Device\Harddisk0\DR0\Partition2
23:59:51.0371 0x3ed4  ============================================================
23:59:51.0372 0x3ed4  Initialize success
23:59:51.0372 0x3ed4  ============================================================
00:00:16.0980 0x3f30  ============================================================
00:00:16.0981 0x3f30  Scan started
00:00:16.0981 0x3f30  Mode: Manual; SigCheck; TDLFS;
00:00:16.0981 0x3f30  ============================================================
00:00:16.0981 0x3f30  KSN ping started
00:00:19.0561 0x3f30  KSN ping finished: true
00:00:21.0781 0x3f30  ================ Scan system memory ========================
00:00:21.0781 0x3f30  System memory - ok
00:00:21.0781 0x3f30  ================ Scan services =============================
00:00:22.0058 0x3f30  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
00:00:22.0169 0x3f30  1394ohci - ok
00:00:22.0294 0x3f30  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
00:00:22.0342 0x3f30  ACDaemon - ok
00:00:22.0419 0x3f30  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
00:00:22.0443 0x3f30  ACPI - ok
00:00:22.0515 0x3f30  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
00:00:22.0561 0x3f30  AcpiPmi - ok
00:00:22.0611 0x3f30  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\windows\system32\drivers\adfs.sys
00:00:22.0628 0x3f30  adfs - ok
00:00:22.0799 0x3f30  [ 57A3B9A69F14414ACE12AFD6BA701773, E17FD004315B666E3A880C987A83A2B6C6156C3D6E9550AAC6F686348F7CE7AC ] Adobe Version Cue CS4 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
00:00:22.0819 0x3f30  Adobe Version Cue CS4 - ok
00:00:23.0029 0x3f30  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:00:23.0051 0x3f30  AdobeFlashPlayerUpdateSvc - ok
00:00:23.0134 0x3f30  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
00:00:23.0162 0x3f30  adp94xx - ok
00:00:23.0211 0x3f30  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
00:00:23.0237 0x3f30  adpahci - ok
00:00:23.0272 0x3f30  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
00:00:23.0294 0x3f30  adpu320 - ok
00:00:23.0329 0x3f30  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
00:00:23.0370 0x3f30  AeLookupSvc - ok
00:00:23.0461 0x3f30  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
00:00:23.0495 0x3f30  AFD - ok
00:00:23.0553 0x3f30  [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
00:00:23.0571 0x3f30  AgereModemAudio - ok
00:00:23.0673 0x3f30  [ AF4748EF93416159459769A24A0053AF, AE1C4E67E7555066436112C5A090DC5B49B264E3BA3ECF4CE2F1E9B799089B7D ] AgereSoftModem  C:\windows\system32\DRIVERS\agrsm64.sys
00:00:23.0723 0x3f30  AgereSoftModem - ok
00:00:23.0806 0x3f30  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
00:00:23.0823 0x3f30  agp440 - ok
00:00:23.0879 0x3f30  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
00:00:23.0899 0x3f30  ALG - ok
00:00:23.0974 0x3f30  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
00:00:23.0990 0x3f30  aliide - ok
00:00:24.0017 0x3f30  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
00:00:24.0032 0x3f30  amdide - ok
00:00:24.0080 0x3f30  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
00:00:24.0098 0x3f30  AmdK8 - ok
00:00:24.0125 0x3f30  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
00:00:24.0144 0x3f30  AmdPPM - ok
00:00:24.0254 0x3f30  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
00:00:24.0272 0x3f30  amdsata - ok
00:00:24.0309 0x3f30  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
00:00:24.0330 0x3f30  amdsbs - ok
00:00:24.0374 0x3f30  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
00:00:24.0390 0x3f30  amdxata - ok
00:00:24.0481 0x3f30  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys
00:00:24.0519 0x3f30  AppID - ok
00:00:24.0571 0x3f30  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll
00:00:24.0609 0x3f30  AppIDSvc - ok
00:00:24.0716 0x3f30  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
00:00:24.0736 0x3f30  Appinfo - ok
00:00:24.0923 0x3f30  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:00:25.0045 0x3f30  Apple Mobile Device - ok
00:00:25.0086 0x3f30  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
00:00:25.0103 0x3f30  arc - ok
00:00:25.0121 0x3f30  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
00:00:25.0139 0x3f30  arcsas - ok
00:00:25.0176 0x3f30  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
00:00:25.0747 0x3f30  ArcSoftKsUFilter - ok
00:00:25.0971 0x3f30  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:00:26.0049 0x3f30  aspnet_state - ok
00:00:26.0095 0x3f30  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
00:00:26.0210 0x3f30  AsyncMac - ok
00:00:26.0297 0x3f30  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
00:00:26.0313 0x3f30  atapi - ok
00:00:26.0647 0x3f30  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
00:00:26.0919 0x3f30  AudioEndpointBuilder - ok
00:00:27.0026 0x3f30  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\windows\System32\Audiosrv.dll
00:00:27.0081 0x3f30  AudioSrv - ok
00:00:27.0239 0x3f30  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
00:00:27.0349 0x3f30  AxInstSV - ok
00:00:27.0432 0x3f30  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
00:00:27.0481 0x3f30  b06bdrv - ok
00:00:27.0515 0x3f30  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
00:00:27.0625 0x3f30  b57nd60a - ok
00:00:27.0795 0x3f30  [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
00:00:27.0817 0x3f30  BBSvc - ok
00:00:27.0883 0x3f30  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
00:00:27.0906 0x3f30  BBUpdate - ok
00:00:27.0975 0x3f30  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
00:00:27.0996 0x3f30  BDESVC - ok
00:00:28.0075 0x3f30  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
00:00:28.0115 0x3f30  Beep - ok
00:00:28.0223 0x3f30  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
00:00:28.0267 0x3f30  BFE - ok
00:00:28.0374 0x3f30  [ 446B2C459A7D11CD71350235D6977E2A, C19405925EC02A108A1F2C52036FAC64A2ED3FCEF0F29547DBAED25E196F0557 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20110114.001\BHDrvx64.sys
00:00:28.0413 0x3f30  BHDrvx64 - ok
00:00:28.0527 0x3f30  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
00:00:28.0589 0x3f30  BITS - ok
00:00:28.0615 0x3f30  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
00:00:28.0636 0x3f30  blbdrive - ok
00:00:28.0861 0x3f30  [ 07371255761B8DB27D21674AEB180653, 0D53602545E4B19EBC1228A6965512601F6B0D314C66D1CE04F821A9BCD694E7 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
00:00:29.0062 0x3f30  Bluetooth Device Manager - ok
00:00:29.0170 0x3f30  [ B25F9A8735DE26FB263FEA34F2CC8260, EC771D8A22B629D0186E8C72D87D9994BC9F5B21BB599FE407D2717363ABFD12 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
00:00:29.0243 0x3f30  Bluetooth Media Service - ok
00:00:29.0287 0x3f30  [ EAF83BAB909ABC3F05BF2C2897B57282, 094492621F30ADA395ECE9C995041583CF56D3561EDB20AAC59691605FAFBEB1 ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
00:00:29.0335 0x3f30  Bluetooth OBEX Service - ok
00:00:29.0420 0x3f30  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:00:29.0447 0x3f30  Bonjour Service - ok
00:00:29.0527 0x3f30  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
00:00:29.0557 0x3f30  bowser - ok
00:00:29.0597 0x3f30  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
00:00:29.0626 0x3f30  BrFiltLo - ok
00:00:29.0644 0x3f30  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
00:00:29.0665 0x3f30  BrFiltUp - ok
00:00:29.0735 0x3f30  [ 622FCF264119F7DF127BE353F796B319, 6689D8F62F860178685496EF45520967AFAEFF94CFBCC64CF77074F21577E0A2 ] BringMeSports_1cService C:\PROGRA~2\BRINGM~2\bar\1.bin\1cbarsvc.exe
00:00:29.0750 0x3f30  BringMeSports_1cService - ok
00:00:29.0829 0x3f30  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
00:00:29.0852 0x3f30  Browser - ok
00:00:29.0886 0x3f30  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
00:00:29.0913 0x3f30  Brserid - ok
00:00:29.0933 0x3f30  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
00:00:29.0954 0x3f30  BrSerWdm - ok
00:00:29.0972 0x3f30  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
00:00:29.0993 0x3f30  BrUsbMdm - ok
00:00:30.0023 0x3f30  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
00:00:30.0042 0x3f30  BrUsbSer - ok
00:00:30.0103 0x3f30  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
00:00:30.0129 0x3f30  BthEnum - ok
00:00:30.0149 0x3f30  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
00:00:30.0171 0x3f30  BTHMODEM - ok
00:00:30.0178 0x3f30  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
00:00:30.0201 0x3f30  BthPan - ok
00:00:30.0337 0x3f30  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
00:00:30.0396 0x3f30  BTHPORT - ok
00:00:30.0429 0x3f30  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
00:00:30.0471 0x3f30  bthserv - ok
00:00:30.0521 0x3f30  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
00:00:30.0551 0x3f30  BTHUSB - ok
00:00:30.0600 0x3f30  [ BB95F4F2C1ADA589E97C8598E14E1C74, AB81F48AC5177BD5AF5A9455A1A5B20C4FA34A9C8289486858E7493DDD90D428 ] BTMCOM          C:\windows\System32\Drivers\btmcom.sys
00:00:30.0630 0x3f30  BTMCOM - ok
00:00:30.0660 0x3f30  [ A505E3D17B12113D947A85BAA3070691, 1B68AE249C1009DDCC01565DF8CFD0A451E56025140DC917D1BB56D41CDC0D15 ] BTMHID          C:\windows\system32\DRIVERS\btmhid.sys
00:00:30.0691 0x3f30  BTMHID - ok
00:00:30.0728 0x3f30  [ 09B5A74916FA3417186C8F494AE6C9FE, 1C8B69BD064657C42619351D8BE802FF4E3FB2CF18298310F23F8A17F093AD53 ] BTMUSB          C:\windows\system32\Drivers\btmusb.sys
00:00:30.0800 0x3f30  BTMUSB - ok
00:00:31.0077 0x3f30  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
00:00:31.0143 0x3f30  c2cautoupdatesvc - ok
00:00:31.0399 0x3f30  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
00:00:31.0515 0x3f30  c2cpnrsvc - ok
00:00:31.0654 0x3f30  [ 37F1BAEC39B505B3B51893A35C8337EA, C202362CD313B457937A3134463AC8143A19D1024EA6A3192D648DCE46D40AD3 ] ccHP            C:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
00:00:31.0703 0x3f30  ccHP - ok
00:00:31.0721 0x3f30  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
00:00:31.0772 0x3f30  cdfs - ok
00:00:31.0837 0x3f30  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
00:00:31.0859 0x3f30  cdrom - ok
00:00:31.0911 0x3f30  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
00:00:31.0952 0x3f30  CertPropSvc - ok
00:00:31.0992 0x3f30  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
00:00:32.0015 0x3f30  circlass - ok
00:00:32.0067 0x3f30  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
00:00:32.0094 0x3f30  CLFS - ok
00:00:32.0185 0x3f30  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:00:32.0204 0x3f30  clr_optimization_v2.0.50727_32 - ok
00:00:32.0264 0x3f30  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:00:32.0284 0x3f30  clr_optimization_v2.0.50727_64 - ok
00:00:32.0395 0x3f30  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:00:32.0495 0x3f30  clr_optimization_v4.0.30319_32 - ok
00:00:32.0561 0x3f30  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:00:32.0624 0x3f30  clr_optimization_v4.0.30319_64 - ok
00:00:32.0666 0x3f30  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
00:00:32.0685 0x3f30  CmBatt - ok
00:00:32.0740 0x3f30  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
00:00:32.0757 0x3f30  cmdide - ok
00:00:32.0826 0x3f30  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
00:00:32.0901 0x3f30  CNG - ok
00:00:32.0934 0x3f30  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
00:00:32.0951 0x3f30  Compbatt - ok
00:00:33.0035 0x3f30  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
00:00:33.0056 0x3f30  CompositeBus - ok
00:00:33.0082 0x3f30  COMSysApp - ok
00:00:33.0100 0x3f30  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
00:00:33.0117 0x3f30  crcdisk - ok
00:00:33.0337 0x3f30  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\windows\system32\cryptsvc.dll
00:00:33.0361 0x3f30  CryptSvc - ok
00:00:33.0456 0x3f30  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
00:00:33.0511 0x3f30  DcomLaunch - ok
00:00:33.0567 0x3f30  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
00:00:33.0617 0x3f30  defragsvc - ok
00:00:33.0666 0x3f30  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
00:00:33.0707 0x3f30  DfsC - ok
00:00:33.0801 0x3f30  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
00:00:33.0837 0x3f30  Dhcp - ok
00:00:33.0862 0x3f30  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
00:00:33.0902 0x3f30  discache - ok
00:00:33.0986 0x3f30  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
00:00:34.0005 0x3f30  Disk - ok
00:00:34.0105 0x3f30  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
00:00:34.0128 0x3f30  Dnscache - ok
00:00:34.0191 0x3f30  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
00:00:34.0240 0x3f30  dot3svc - ok
00:00:34.0303 0x3f30  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
00:00:34.0348 0x3f30  DPS - ok
00:00:34.0407 0x3f30  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
00:00:34.0425 0x3f30  drmkaud - ok
00:00:34.0519 0x3f30  [ FB9BEF3401EE5ECC2603311B9C64F44A, 33F8B6C9593677A360F580554D4F95B9F580C4E28F8187FBB27D96AFBFA8C7C1 ] dtsoftbus01     C:\windows\system32\DRIVERS\dtsoftbus01.sys
00:00:34.0546 0x3f30  dtsoftbus01 - ok
00:00:34.0629 0x3f30  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
00:00:34.0703 0x3f30  DXGKrnl - ok
00:00:34.0758 0x3f30  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
00:00:34.0802 0x3f30  EapHost - ok
00:00:35.0613 0x3f30  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
00:00:35.0794 0x3f30  ebdrv - ok
00:00:35.0877 0x3f30  [ 066108AE4C35835081598827A1A7D08D, DB32304EBD63E6D71F4B500A4BCB566D2CC6E9D9115D1FB9DA816C4BA8C6F65E ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:00:35.0910 0x3f30  eeCtrl - ok
00:00:35.0962 0x3f30  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\windows\System32\lsass.exe
00:00:35.0994 0x3f30  EFS - ok
00:00:36.0096 0x3f30  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
00:00:36.0161 0x3f30  ehRecvr - ok
00:00:36.0184 0x3f30  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
00:00:36.0206 0x3f30  ehSched - ok
00:00:36.0255 0x3f30  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
00:00:36.0305 0x3f30  elxstor - ok
00:00:36.0345 0x3f30  [ A9EC08727C64D985678F5B64C03823F0, 00F4856BF61068716EE9FDD9020B90AE4489F4DA6C5822F5AA0326CD7610F6A6 ] enecir          C:\windows\system32\DRIVERS\enecir.sys
00:00:36.0372 0x3f30  enecir - ok
00:00:36.0405 0x3f30  [ E17EB95358F396E27D573A1B20F891F8, 23D12C2AC2CF7D3441632F1BAF43E9C7554DD9A85F2B08253710DE3C7555B540 ] enecirhid       C:\windows\system32\DRIVERS\enecirhid.sys
00:00:36.0419 0x3f30  enecirhid - ok
00:00:36.0435 0x3f30  [ 8492D808C79BD6FE439F77BE84956CDF, 8B2D14C5A7FFA72144E1113B4DDAD7F1258F707442EDE0E4EF3CBB72886EFE8E ] enecirhidma     C:\windows\system32\DRIVERS\enecirhidma.sys
00:00:36.0452 0x3f30  enecirhidma - ok
00:00:36.0521 0x3f30  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
00:00:36.0539 0x3f30  ErrDev - ok
00:00:36.0607 0x3f30  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
00:00:36.0659 0x3f30  EventSystem - ok
00:00:36.0689 0x3f30  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
00:00:36.0734 0x3f30  exfat - ok
00:00:36.0764 0x3f30  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
00:00:36.0816 0x3f30  fastfat - ok
00:00:37.0046 0x3f30  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
00:00:37.0085 0x3f30  Fax - ok
00:00:37.0120 0x3f30  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
00:00:37.0139 0x3f30  fdc - ok
00:00:37.0191 0x3f30  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
00:00:37.0231 0x3f30  fdPHost - ok
00:00:37.0283 0x3f30  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
00:00:37.0323 0x3f30  FDResPub - ok
00:00:37.0366 0x3f30  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
00:00:37.0384 0x3f30  FileInfo - ok
00:00:37.0392 0x3f30  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
00:00:37.0446 0x3f30  Filetrace - ok
00:00:37.0589 0x3f30  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:00:37.0623 0x3f30  FLEXnet Licensing Service - ok
00:00:37.0702 0x3f30  [ 1C3FB052A0BB72EDAED90785C34D6EED, 5300A82D1A79EBA1768F545E73974E3B8CE189AB39CDF905BF42AFA2E497186B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
00:00:37.0766 0x3f30  FLEXnet Licensing Service 64 - ok
00:00:37.0797 0x3f30  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
00:00:37.0815 0x3f30  flpydisk - ok
00:00:37.0872 0x3f30  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
00:00:37.0896 0x3f30  FltMgr - ok
00:00:38.0108 0x3f30  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
00:00:38.0208 0x3f30  FontCache - ok
00:00:38.0262 0x3f30  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:00:38.0277 0x3f30  FontCache3.0.0.0 - ok
00:00:38.0304 0x3f30  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
00:00:38.0322 0x3f30  FsDepends - ok
00:00:38.0427 0x3f30  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
00:00:38.0443 0x3f30  Fs_Rec - ok
00:00:38.0539 0x3f30  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
00:00:38.0566 0x3f30  fvevol - ok
00:00:38.0633 0x3f30  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
00:00:38.0652 0x3f30  gagp30kx - ok
00:00:38.0714 0x3f30  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
00:00:38.0747 0x3f30  GEARAspiWDM - ok
00:00:38.0864 0x3f30  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
00:00:38.0927 0x3f30  gpsvc - ok
00:00:39.0002 0x3f30  gupdate - ok
00:00:39.0017 0x3f30  gupdatem - ok
00:00:39.0072 0x3f30  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:00:39.0093 0x3f30  gusvc - ok
00:00:39.0251 0x3f30  [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt           C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys
00:00:39.0271 0x3f30  gzflt - ok
00:00:39.0344 0x3f30  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
00:00:39.0363 0x3f30  hcw85cir - ok
00:00:39.0509 0x3f30  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
00:00:39.0540 0x3f30  HdAudAddService - ok
00:00:39.0576 0x3f30  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
00:00:39.0600 0x3f30  HDAudBus - ok
00:00:39.0641 0x3f30  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
00:00:39.0660 0x3f30  HidBatt - ok
00:00:39.0709 0x3f30  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
00:00:39.0732 0x3f30  HidBth - ok
00:00:39.0768 0x3f30  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
00:00:39.0791 0x3f30  HidIr - ok
00:00:39.0814 0x3f30  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
00:00:39.0859 0x3f30  hidserv - ok
00:00:39.0926 0x3f30  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
00:00:39.0966 0x3f30  HidUsb - ok
00:00:40.0011 0x3f30  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
00:00:40.0053 0x3f30  hkmsvc - ok
00:00:40.0128 0x3f30  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
00:00:40.0165 0x3f30  HomeGroupListener - ok
00:00:40.0221 0x3f30  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
00:00:40.0247 0x3f30  HomeGroupProvider - ok
00:00:40.0318 0x3f30  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
00:00:40.0337 0x3f30  HpSAMD - ok
00:00:40.0448 0x3f30  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
00:00:40.0572 0x3f30  HTTP - ok
00:00:40.0640 0x3f30  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
00:00:40.0656 0x3f30  hwpolicy - ok
00:00:40.0716 0x3f30  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
00:00:40.0737 0x3f30  i8042prt - ok
00:00:40.0803 0x3f30  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
00:00:40.0831 0x3f30  iaStor - ok
00:00:40.0881 0x3f30  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:00:40.0894 0x3f30  IAStorDataMgrSvc - ok
00:00:40.0952 0x3f30  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
00:00:40.0981 0x3f30  iaStorV - ok
00:00:41.0139 0x3f30  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:00:41.0206 0x3f30  idsvc - ok
00:00:41.0331 0x3f30  [ 6F9B281BC4AFFF5FE784D7DA699D347F, B4EC8DF0160980BE4E4D4E81E84736D9BFFF6531CDD5C9B2D1147F61F3719D62 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20110221.001\IDSvia64.sys
00:00:41.0359 0x3f30  IDSVia64 - ok
00:00:41.0388 0x3f30  IEEtwCollectorService - ok
00:00:41.0434 0x3f30  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
00:00:41.0454 0x3f30  iirsp - ok
00:00:41.0564 0x3f30  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
00:00:41.0741 0x3f30  IKEEXT - ok
00:00:41.0846 0x3f30  [ 2A7CF87BE453241FE0BAA1C8651E7AA4, 05B065C71F2788891F848E740737E6125BA083CC1828B7E0C1F6A3692F0ABB27 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
00:00:42.0134 0x3f30  IntcAzAudAddService - ok
00:00:42.0174 0x3f30  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
00:00:42.0190 0x3f30  intelide - ok
00:00:42.0242 0x3f30  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
00:00:42.0262 0x3f30  intelppm - ok
00:00:42.0305 0x3f30  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
00:00:42.0348 0x3f30  IPBusEnum - ok
00:00:42.0417 0x3f30  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
00:00:42.0483 0x3f30  IpFilterDriver - ok
00:00:42.0555 0x3f30  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
00:00:42.0620 0x3f30  iphlpsvc - ok
00:00:42.0698 0x3f30  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
00:00:42.0719 0x3f30  IPMIDRV - ok
00:00:42.0773 0x3f30  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
00:00:42.0815 0x3f30  IPNAT - ok
00:00:42.0923 0x3f30  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:00:42.0973 0x3f30  iPod Service - ok
00:00:43.0022 0x3f30  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
00:00:43.0044 0x3f30  IRENUM - ok
00:00:43.0085 0x3f30  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
00:00:43.0101 0x3f30  isapnp - ok
00:00:43.0174 0x3f30  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
00:00:43.0199 0x3f30  iScsiPrt - ok
00:00:43.0265 0x3f30  [ 02BD12C2EE52F0849A5D6F9A2FA67B4E, 4CD6EDC8CCD7D4B429845AD1EEF1B8510C98F8B8F51723B41F8954B089FA15FC ] JMCR            C:\windows\system32\DRIVERS\jmcr.sys
00:00:43.0329 0x3f30  JMCR - ok
00:00:43.0344 0x3f30  [ E662CB468A1CFF3A57E120A212FADD57, 7DAF0780C1F73C73F942F478B1210F9881DB32BBAABD46D4814D15F0AAF581E9 ] johci           C:\windows\system32\DRIVERS\johci.sys
00:00:43.0376 0x3f30  johci - ok
00:00:43.0388 0x3f30  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
00:00:43.0405 0x3f30  kbdclass - ok
00:00:43.0465 0x3f30  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
00:00:43.0484 0x3f30  kbdhid - ok
00:00:43.0507 0x3f30  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\windows\system32\lsass.exe
00:00:43.0525 0x3f30  KeyIso - ok
00:00:43.0575 0x3f30  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
00:00:43.0594 0x3f30  KSecDD - ok
00:00:43.0615 0x3f30  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
00:00:43.0635 0x3f30  KSecPkg - ok
00:00:43.0666 0x3f30  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
00:00:43.0704 0x3f30  ksthunk - ok
00:00:43.0753 0x3f30  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
00:00:43.0806 0x3f30  KtmRm - ok
00:00:43.0878 0x3f30  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
00:00:43.0923 0x3f30  LanmanServer - ok
00:00:43.0983 0x3f30  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
00:00:44.0026 0x3f30  LanmanWorkstation - ok
00:00:44.0160 0x3f30  [ 51A4E3A3BB4F7549602AF6883EB5D62E, BB7D427D87F365F7743882C94F258F9E8C4DEF7A7654ECC8968B0EC5E80C84FD ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe
00:00:44.0195 0x3f30  LavasoftAdAwareService11 - ok
00:00:44.0219 0x3f30  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
00:00:44.0260 0x3f30  lltdio - ok
00:00:44.0313 0x3f30  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
00:00:44.0363 0x3f30  lltdsvc - ok
00:00:44.0381 0x3f30  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
00:00:44.0424 0x3f30  lmhosts - ok
00:00:44.0479 0x3f30  LMIInfo - ok
00:00:44.0530 0x3f30  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\windows\system32\DRIVERS\lmimirr.sys
00:00:44.0545 0x3f30  lmimirr - ok
00:00:44.0559 0x3f30  LMIRfsClientNP - ok
00:00:44.0576 0x3f30  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\windows\system32\drivers\LMIRfsDriver.sys
00:00:44.0591 0x3f30  LMIRfsDriver - ok
00:00:44.0640 0x3f30  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
00:00:44.0659 0x3f30  LSI_FC - ok
00:00:44.0675 0x3f30  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
00:00:44.0694 0x3f30  LSI_SAS - ok
00:00:44.0727 0x3f30  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
00:00:44.0746 0x3f30  LSI_SAS2 - ok
00:00:44.0762 0x3f30  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
00:00:44.0781 0x3f30  LSI_SCSI - ok
00:00:44.0826 0x3f30  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
00:00:44.0870 0x3f30  luafv - ok
00:00:44.0937 0x3f30  [ D33E2B74CF8B3A652BF0A9FBD068E87A, 46465387D04C2E5648D1CBD415E5D8757944A3C987A2497450F82D153BF7E868 ] ManyCam         C:\windows\system32\DRIVERS\ManyCam_x64.sys
00:00:44.0975 0x3f30  ManyCam - ok
00:00:45.0105 0x3f30  [ 066991E50A5CBBEEFB2EC6880069CDB5, 3543D1E24E01A6CE3955BF68C8DC62DAA38518A45AA1C94861D284D56671A8FE ] MAUSBFASTTRACKPRO C:\windows\system32\DRIVERS\MAudioFastTrackPro.sys
00:00:45.0125 0x3f30  MAUSBFASTTRACKPRO - ok
00:00:45.0210 0x3f30  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
00:00:45.0231 0x3f30  Mcx2Svc - ok
00:00:45.0257 0x3f30  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
00:00:45.0274 0x3f30  megasas - ok
00:00:45.0316 0x3f30  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
00:00:45.0339 0x3f30  MegaSR - ok
00:00:45.0409 0x3f30  MGHwCtrl - ok
00:00:45.0496 0x3f30  [ 71C6748EE8DE938532057EF10B4B7E44, 455175332156939B3CDA4511A2A6C213ABBFDB85EEECA98B6AB014C994F532C4 ] Micro Star SCM  C:\Program Files (x86)\System Control Manager\MSIService.exe
00:00:45.0507 0x3f30  Micro Star SCM - detected UnsignedFile.Multi.Generic ( 1 )
00:00:48.0116 0x3f30  Detect skipped due to KSN trusted
00:00:48.0116 0x3f30  Micro Star SCM - ok
00:00:48.0144 0x3f30  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
00:00:48.0188 0x3f30  MMCSS - ok
00:00:48.0204 0x3f30  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
00:00:48.0245 0x3f30  Modem - ok
00:00:48.0277 0x3f30  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
00:00:48.0299 0x3f30  monitor - ok
00:00:48.0379 0x3f30  [ AB2ED99FCF8C69917DE6CF8742178B26, 52D7EB367F9BC132A9D38C13084609BFF6CD10D5F1F8776FD0888E24BABD356E ] MOTU_ZeroConf   C:\Program Files (x86)\MOTU\motuDNSResponder.exe
00:00:48.0406 0x3f30  MOTU_ZeroConf - ok
00:00:48.0455 0x3f30  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
00:00:48.0474 0x3f30  mouclass - ok
00:00:48.0516 0x3f30  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
00:00:48.0534 0x3f30  mouhid - ok
00:00:48.0597 0x3f30  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
00:00:48.0616 0x3f30  mountmgr - ok
00:00:48.0665 0x3f30  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
00:00:48.0686 0x3f30  mpio - ok
00:00:48.0734 0x3f30  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
00:00:48.0777 0x3f30  mpsdrv - ok
00:00:48.0838 0x3f30  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
00:00:48.0913 0x3f30  MpsSvc - ok
00:00:48.0967 0x3f30  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
00:00:49.0003 0x3f30  MRxDAV - ok
00:00:49.0054 0x3f30  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
00:00:49.0083 0x3f30  mrxsmb - ok
00:00:49.0130 0x3f30  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
00:00:49.0156 0x3f30  mrxsmb10 - ok
00:00:49.0200 0x3f30  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
00:00:49.0221 0x3f30  mrxsmb20 - ok
00:00:49.0322 0x3f30  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
00:00:49.0339 0x3f30  msahci - ok
00:00:49.0372 0x3f30  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
00:00:49.0392 0x3f30  msdsm - ok
00:00:49.0421 0x3f30  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
00:00:49.0443 0x3f30  MSDTC - ok
00:00:49.0492 0x3f30  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
00:00:49.0532 0x3f30  Msfs - ok
00:00:49.0540 0x3f30  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
00:00:49.0581 0x3f30  mshidkmdf - ok
00:00:49.0637 0x3f30  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
00:00:49.0653 0x3f30  msisadrv - ok
00:00:49.0684 0x3f30  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
00:00:49.0728 0x3f30  MSiSCSI - ok
00:00:49.0732 0x3f30  msiserver - ok
00:00:49.0776 0x3f30  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
00:00:49.0815 0x3f30  MSKSSRV - ok
00:00:49.0839 0x3f30  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
00:00:49.0951 0x3f30  MSPCLOCK - ok
00:00:49.0961 0x3f30  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
00:00:50.0002 0x3f30  MSPQM - ok
00:00:50.0068 0x3f30  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
00:00:50.0095 0x3f30  MsRPC - ok
00:00:50.0149 0x3f30  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
00:00:50.0166 0x3f30  mssmbios - ok
00:00:50.0186 0x3f30  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
00:00:50.0263 0x3f30  MSTEE - ok
00:00:50.0278 0x3f30  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
00:00:50.0296 0x3f30  MTConfig - ok
00:00:50.0307 0x3f30  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
00:00:50.0325 0x3f30  Mup - ok
00:00:50.0402 0x3f30  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
00:00:50.0468 0x3f30  napagent - ok
00:00:50.0533 0x3f30  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
00:00:50.0565 0x3f30  NativeWifiP - ok
00:00:50.0690 0x3f30  [ 0A053F378B53E2A467A852119F91ABE1, 74EC3FDCBAFC27DC6C5E71A5C4C5016A9BDDBAF60BA1440F41A20704526EA48B ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
00:00:50.0738 0x3f30  NAUpdate - ok
00:00:50.0826 0x3f30  NAVENG - ok
00:00:50.0829 0x3f30  NAVEX15 - ok
00:00:50.0935 0x3f30  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
00:00:51.0015 0x3f30  NDIS - ok
00:00:51.0047 0x3f30  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
00:00:51.0117 0x3f30  NdisCap - ok
00:00:51.0173 0x3f30  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
00:00:51.0212 0x3f30  NdisTapi - ok
00:00:51.0242 0x3f30  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
00:00:51.0283 0x3f30  Ndisuio - ok
00:00:51.0321 0x3f30  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
00:00:51.0386 0x3f30  NdisWan - ok
00:00:51.0441 0x3f30  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
00:00:51.0481 0x3f30  NDProxy - ok
00:00:51.0542 0x3f30  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\windows\system32\DRIVERS\netaapl64.sys
00:00:51.0548 0x3f30  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
00:00:54.0144 0x3f30  Detect skipped due to KSN trusted
00:00:54.0144 0x3f30  Netaapl - ok
00:00:54.0187 0x3f30  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
00:00:54.0231 0x3f30  NetBIOS - ok
00:00:54.0293 0x3f30  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
00:00:54.0340 0x3f30  NetBT - ok
00:00:54.0384 0x3f30  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\windows\system32\lsass.exe
00:00:54.0402 0x3f30  Netlogon - ok
00:00:54.0433 0x3f30  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
00:00:54.0483 0x3f30  Netman - ok
00:00:54.0542 0x3f30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:00:54.0621 0x3f30  NetMsmqActivator - ok
00:00:54.0636 0x3f30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:00:54.0657 0x3f30  NetPipeActivator - ok
00:00:54.0699 0x3f30  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
00:00:54.0753 0x3f30  netprofm - ok
00:00:54.0812 0x3f30  [ B6E1BF8DBFF4B18F1A2D65DA6E40BC7C, D2865740FBEF9CD2E81A8A405E048297934FD920279E7DD92C715BB8A37764D2 ] netr28x         C:\windows\system32\DRIVERS\netr28x.sys
00:00:54.0860 0x3f30  netr28x - ok
00:00:54.0899 0x3f30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:00:54.0920 0x3f30  NetTcpActivator - ok
00:00:54.0944 0x3f30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:00:54.0969 0x3f30  NetTcpPortSharing - ok
00:00:55.0266 0x3f30  [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64        C:\windows\system32\DRIVERS\NETw5s64.sys
00:00:56.0125 0x3f30  NETw5s64 - ok
00:00:56.0187 0x3f30  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
00:00:56.0205 0x3f30  nfrd960 - ok
00:00:56.0595 0x3f30  [ 503C365AA11A0E42A110A6C20632A1E8, 9D9677ED2CD2985EB8436790A25A68338E2CA5F5D0BD9FB43CC5DF5B66DE9CB7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
00:00:56.0814 0x3f30  NIHardwareService - detected UnsignedFile.Multi.Generic ( 1 )
00:00:59.0388 0x3f30  Detect skipped due to KSN trusted
00:00:59.0389 0x3f30  NIHardwareService - ok
00:00:59.0524 0x3f30  [ B4187346F54E362DAFFE647B25A58D50, 5890D3B7ED2E15CAC4E1F7EC1B47D48579C8DAE3EEFAC9B29476B0FC48D726DB ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
00:00:59.0542 0x3f30  NIS - ok
00:00:59.0607 0x3f30  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
00:00:59.0641 0x3f30  NlaSvc - ok
00:00:59.0668 0x3f30  NOBU - ok
00:00:59.0679 0x3f30  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
00:00:59.0726 0x3f30  Npfs - ok
00:00:59.0746 0x3f30  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
00:00:59.0794 0x3f30  nsi - ok
00:00:59.0815 0x3f30  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
00:00:59.0861 0x3f30  nsiproxy - ok
00:00:59.0973 0x3f30  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
00:01:00.0101 0x3f30  Ntfs - ok
00:01:00.0130 0x3f30  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
00:01:00.0172 0x3f30  Null - ok
00:01:00.0220 0x3f30  [ 8D4AAC74B571FC356560E5B308955E93, C7F74F40D708D590EDB5D2ED064CF9C279FB1EBE33EDED073391E4D5E1CEE046 ] NVHDA           C:\windows\system32\drivers\nvhda64v.sys
00:01:00.0241 0x3f30  NVHDA - ok
00:01:00.0823 0x3f30  [ 0EB204639119370F5F8F2871FBF4E14B, B83540AA66FD7558B9397C8FF2E939D281FFCCD23DE7AA73679883D3D2A76366 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
00:01:01.0441 0x3f30  nvlddmkm - ok
00:01:01.0529 0x3f30  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
00:01:01.0552 0x3f30  nvraid - ok
00:01:01.0581 0x3f30  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
00:01:01.0603 0x3f30  nvstor - ok
00:01:01.0696 0x3f30  [ 32FF8EE6DCEE5C0CB91FF892FB1CA364, 4C6FABC2B026558C8C654FAB01C3966ABF3A46E77BA13ADB1FD3E77032D6A4DF ] nvsvc           C:\windows\system32\nvvsvc.exe
00:01:01.0746 0x3f30  nvsvc - ok
00:01:01.0815 0x3f30  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
00:01:01.0835 0x3f30  nv_agp - ok
00:01:01.0920 0x3f30  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:01:01.0955 0x3f30  odserv - ok
00:01:02.0012 0x3f30  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
00:01:02.0031 0x3f30  ohci1394 - ok
00:01:02.0069 0x3f30  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:01:02.0088 0x3f30  ose - ok
00:01:02.0133 0x3f30  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
00:01:02.0194 0x3f30  p2pimsvc - ok
00:01:02.0222 0x3f30  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
00:01:02.0259 0x3f30  p2psvc - ok
00:01:02.0311 0x3f30  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
00:01:02.0333 0x3f30  Parport - ok
00:01:02.0390 0x3f30  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
00:01:02.0409 0x3f30  partmgr - ok
00:01:02.0625 0x3f30  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll
00:01:02.0653 0x3f30  PcaSvc - ok
00:01:02.0767 0x3f30  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
00:01:02.0789 0x3f30  pci - ok
00:01:02.0843 0x3f30  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
00:01:02.0860 0x3f30  pciide - ok
00:01:02.0940 0x3f30  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
00:01:02.0968 0x3f30  pcmcia - ok
00:01:02.0991 0x3f30  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
00:01:03.0012 0x3f30  pcw - ok
00:01:03.0202 0x3f30  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
00:01:03.0265 0x3f30  PEAUTH - ok
00:01:04.0443 0x3f30  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
00:01:04.0461 0x3f30  PerfHost - ok
00:01:04.0897 0x3f30  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
00:01:05.0021 0x3f30  pla - ok
00:01:05.0206 0x3f30  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
00:01:05.0237 0x3f30  PlugPlay - ok
00:01:05.0289 0x3f30  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
00:01:05.0338 0x3f30  PNRPAutoReg - ok
00:01:05.0442 0x3f30  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
00:01:05.0470 0x3f30  PNRPsvc - ok
00:01:05.0811 0x3f30  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
00:01:05.0903 0x3f30  PolicyAgent - ok
00:01:06.0015 0x3f30  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
00:01:06.0062 0x3f30  Power - ok
00:01:06.0187 0x3f30  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
00:01:06.0230 0x3f30  PptpMiniport - ok
00:01:06.0372 0x3f30  [ 35B25F79F6C6F1C6D45BC34F07726E92, BF19B36DB622C052E9526BD90A24E101F7806135EB8F9157123391F21E5F06AA ] PrivoxyService  C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe
00:01:06.0389 0x3f30  PrivoxyService - detected UnsignedFile.Multi.Generic ( 1 )
00:01:09.0106 0x3f30  PrivoxyService ( UnsignedFile.Multi.Generic ) - warning
00:01:11.0682 0x3f30  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
00:01:11.0701 0x3f30  Processor - ok
00:01:11.0795 0x3f30  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
00:01:11.0825 0x3f30  ProfSvc - ok
00:01:11.0840 0x3f30  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\windows\system32\lsass.exe
00:01:11.0858 0x3f30  ProtectedStorage - ok
00:01:11.0924 0x3f30  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
00:01:11.0966 0x3f30  Psched - ok
00:01:12.0014 0x3f30  [ 901DBA98359966A62A6548596988E931, 01EB45DC6B382A8F45BB2F4ECA8F89263CEE4BE1C412C94FFF706544942A74A8 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
00:01:12.0029 0x3f30  PxHlpa64 - ok
00:01:12.0146 0x3f30  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
00:01:12.0210 0x3f30  ql2300 - ok
00:01:12.0270 0x3f30  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
00:01:12.0292 0x3f30  ql40xx - ok
00:01:12.0328 0x3f30  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
00:01:12.0358 0x3f30  QWAVE - ok
00:01:12.0414 0x3f30  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
00:01:12.0436 0x3f30  QWAVEdrv - ok
00:01:12.0464 0x3f30  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
00:01:12.0505 0x3f30  RasAcd - ok
00:01:12.0547 0x3f30  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
00:01:12.0589 0x3f30  RasAgileVpn - ok
00:01:12.0610 0x3f30  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
00:01:12.0656 0x3f30  RasAuto - ok
00:01:12.0705 0x3f30  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
00:01:12.0748 0x3f30  Rasl2tp - ok
00:01:12.0815 0x3f30  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
00:01:12.0864 0x3f30  RasMan - ok
00:01:12.0895 0x3f30  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
00:01:12.0937 0x3f30  RasPppoe - ok
00:01:12.0950 0x3f30  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
00:01:12.0994 0x3f30  RasSstp - ok
00:01:13.0053 0x3f30  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
00:01:13.0101 0x3f30  rdbss - ok
00:01:13.0115 0x3f30  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
00:01:13.0139 0x3f30  rdpbus - ok
00:01:13.0170 0x3f30  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
00:01:13.0215 0x3f30  RDPCDD - ok
00:01:13.0228 0x3f30  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
00:01:13.0275 0x3f30  RDPENCDD - ok
00:01:13.0293 0x3f30  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
00:01:13.0338 0x3f30  RDPREFMP - ok
00:01:13.0398 0x3f30  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
00:01:13.0438 0x3f30  RDPWD - ok
00:01:13.0501 0x3f30  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
00:01:13.0525 0x3f30  rdyboost - ok
00:01:13.0669 0x3f30  [ 67AABA0E9372C9CD340C719D33F20EB4, AAC2722CD20FDDA21D1C6FDA6E47AC191ACFBDC1D282AE7013243D037001BA08 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
00:01:13.0684 0x3f30  RealNetworks Downloader Resolver Service - ok
00:01:13.0917 0x3f30  [ DF23E379C825484CA5472F94D3A761C5, 08016AE72B26ECCB64E5AAD3CA022EDF7CB3F89F29AA8319DA2F0EE5E1ABC7EC ] RealPlayer Cloud Service C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
00:01:13.0976 0x3f30  RealPlayer Cloud Service - ok
00:01:14.0033 0x3f30  [ 72989631E59FC624C360A30DB31AC22A, D542BF647A46635EA9E9DAB643C030A6F061B70CD88C90DB32326CDC2DF1AA46 ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
00:01:14.0038 0x3f30  RealPlayerUpdateSvc - detected UnsignedFile.Multi.Generic ( 1 )
00:01:16.0606 0x3f30  RealPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
00:01:19.0114 0x3f30  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
00:01:19.0158 0x3f30  RemoteAccess - ok
00:01:19.0195 0x3f30  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
00:01:19.0238 0x3f30  RemoteRegistry - ok
00:01:19.0299 0x3f30  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
00:01:19.0328 0x3f30  RFCOMM - ok
00:01:19.0347 0x3f30  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
00:01:19.0396 0x3f30  RpcEptMapper - ok
00:01:19.0422 0x3f30  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
00:01:19.0443 0x3f30  RpcLocator - ok
00:01:19.0513 0x3f30  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
00:01:19.0570 0x3f30  RpcSs - ok
00:01:19.0611 0x3f30  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
00:01:19.0653 0x3f30  rspndr - ok
00:01:19.0688 0x3f30  [ B49DC435AE3695BAC5623DD94B05732D, D63160B09385ED31C2A479ADC5AFCA483906F38598874972025D680BDB45ECA0 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
00:01:19.0724 0x3f30  RTL8167 - ok
00:01:19.0741 0x3f30  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\windows\system32\lsass.exe
00:01:19.0759 0x3f30  SamSs - ok
00:01:19.0877 0x3f30  [ 6D561BC83F41E12C703417E20E5E1F44, ADCDF17F19262B97905A42AC2DF86C0BEAF9F1D9F17889DC2BFFE2FA6A77439D ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
00:01:19.0898 0x3f30  SbieDrv - ok
00:01:19.0938 0x3f30  [ 611E1D63E72AD628EC582D420B4C4D38, 61CE48DD2C0D2A2BCB5ED014084998FE13C84132C0EC1C0670406B4368AC83A7 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
00:01:19.0956 0x3f30  SbieSvc - ok
00:01:20.0001 0x3f30  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
00:01:20.0020 0x3f30  sbp2port - ok
00:01:20.0057 0x3f30  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
00:01:20.0160 0x3f30  SCardSvr - ok
00:01:20.0210 0x3f30  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
00:01:20.0251 0x3f30  scfilter - ok
00:01:20.0418 0x3f30  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
00:01:20.0543 0x3f30  Schedule - ok
00:01:20.0611 0x3f30  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
00:01:20.0654 0x3f30  SCPolicySvc - ok
00:01:20.0741 0x3f30  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\windows\system32\drivers\sdbus.sys
00:01:20.0763 0x3f30  sdbus - ok
00:01:20.0833 0x3f30  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
00:01:20.0856 0x3f30  SDRSVC - ok
00:01:20.0920 0x3f30  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
00:01:20.0962 0x3f30  secdrv - ok
00:01:21.0019 0x3f30  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
00:01:21.0070 0x3f30  seclogon - ok
00:01:21.0152 0x3f30  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
00:01:21.0205 0x3f30  SENS - ok
00:01:21.0279 0x3f30  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
00:01:21.0298 0x3f30  SensrSvc - ok
00:01:21.0361 0x3f30  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
00:01:21.0380 0x3f30  Serenum - ok
00:01:21.0438 0x3f30  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
00:01:21.0457 0x3f30  Serial - ok
00:01:21.0528 0x3f30  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
00:01:21.0546 0x3f30  sermouse - ok
00:01:21.0608 0x3f30  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
00:01:21.0651 0x3f30  SessionEnv - ok
00:01:21.0697 0x3f30  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
00:01:21.0729 0x3f30  sffdisk - ok
00:01:21.0739 0x3f30  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
00:01:21.0757 0x3f30  sffp_mmc - ok
00:01:21.0801 0x3f30  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
00:01:21.0821 0x3f30  sffp_sd - ok
00:01:21.0860 0x3f30  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
00:01:21.0878 0x3f30  sfloppy - ok
00:01:21.0935 0x3f30  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
00:01:21.0986 0x3f30  SharedAccess - ok
00:01:22.0039 0x3f30  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
00:01:22.0089 0x3f30  ShellHWDetection - ok
00:01:22.0126 0x3f30  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
00:01:22.0144 0x3f30  SiSRaid2 - ok
00:01:22.0165 0x3f30  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
00:01:22.0184 0x3f30  SiSRaid4 - ok
00:01:22.0285 0x3f30  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
00:01:22.0308 0x3f30  SkypeUpdate - ok
00:01:22.0342 0x3f30  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
00:01:22.0384 0x3f30  Smb - ok
00:01:22.0453 0x3f30  [ 7AE8BCA90539ECBDE87AC45BA1436BE3, E599200C44ECA5EB06475F90F67A58723B30C3C2887BD12ED7C31FF1042382EA ] smserial        C:\windows\system32\DRIVERS\SmSerl64.sys
00:01:22.0538 0x3f30  smserial - ok
00:01:22.0602 0x3f30  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
00:01:22.0621 0x3f30  SNMPTRAP - ok
00:01:22.0637 0x3f30  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
00:01:22.0653 0x3f30  spldr - ok
00:01:22.0718 0x3f30  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
00:01:22.0774 0x3f30  Spooler - ok
00:01:22.0977 0x3f30  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
00:01:23.0189 0x3f30  sppsvc - ok
00:01:23.0222 0x3f30  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
00:01:23.0265 0x3f30  sppuinotify - ok
00:01:23.0371 0x3f30  [ 96BABC4906ECDB1C69D1176F8647AD8E, DFBA5D62A9454E713BF9653B8D7F986F4318A2BB7985F3D93851D15453FE10A1 ] SRTSP           C:\windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
00:01:23.0405 0x3f30  SRTSP - ok
00:01:23.0419 0x3f30  [ C7F491A290E0E4222F5CDCD50EEB8167, C168EA224269A30C7A1AE14C2CDE6FEFBCB2DCB32927CB386DF7C35F51BB2BAD ] SRTSPX          C:\windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
00:01:23.0434 0x3f30  SRTSPX - ok
00:01:23.0504 0x3f30  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
00:01:23.0554 0x3f30  srv - ok
00:01:23.0612 0x3f30  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
00:01:23.0642 0x3f30  srv2 - ok
00:01:23.0664 0x3f30  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
00:01:23.0687 0x3f30  srvnet - ok
00:01:23.0720 0x3f30  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
00:01:23.0767 0x3f30  SSDPSRV - ok
00:01:23.0779 0x3f30  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
00:01:23.0822 0x3f30  SstpSvc - ok
00:01:23.0842 0x3f30  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
00:01:23.0860 0x3f30  stexstor - ok
00:01:23.0946 0x3f30  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
00:01:23.0989 0x3f30  stisvc - ok
00:01:24.0032 0x3f30  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
00:01:24.0049 0x3f30  swenum - ok
00:01:24.0100 0x3f30  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
00:01:24.0173 0x3f30  swprv - ok
00:01:24.0241 0x3f30  [ 659B227A72B76115975A6A9491B2FE1F, 29DA3CD37BDBF2690B3C84233FC594A060EFB3B0D3C43B704CE9D8BE29943AD8 ] SymDS           C:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
00:01:24.0282 0x3f30  SymDS - ok
00:01:24.0330 0x3f30  [ 9F5783A4A03D0091CDBDAA858B566926, A30DED5DCD3B18214B86A08B88D0E98005E66A1C73AC000E24545CE88C9CC99B ] SymEFA          C:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
00:01:24.0353 0x3f30  SymEFA - ok
00:01:24.0422 0x3f30  [ 3F9D5FE52585E2653E59FDBFDF09A94C, 9BF7EAAEC513C61E2EF717A766932A678A135B0BA547E69771E5FCFBF080D004 ] SymEvent        C:\windows\system32\Drivers\SYMEVENT64x86.SYS
00:01:24.0440 0x3f30  SymEvent - ok
00:01:24.0507 0x3f30  [ F57588546E738DB1583981D8F44E9BC2, 843F111D820633505D6F6ED553B1F6AB1CAD82606CD3CDB14804AA7C8983CAF6 ] SymIRON         C:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
00:01:24.0525 0x3f30  SymIRON - ok
00:01:24.0565 0x3f30  [ 3ADFB72F0797AE3832509FE030755E21, 03BBAAB27ADCE2EE6A7F22734BEFC34D296DE6E5ECBEEEDD2B332E247543D2B2 ] SYMTDIv         C:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
00:01:24.0596 0x3f30  SYMTDIv - ok
00:01:24.0711 0x3f30  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
00:01:24.0851 0x3f30  SysMain - ok
00:01:24.0913 0x3f30  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
00:01:25.0043 0x3f30  TabletInputService - ok
00:01:25.0090 0x3f30  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
00:01:25.0143 0x3f30  TapiSrv - ok
00:01:25.0191 0x3f30  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
00:01:25.0237 0x3f30  TBS - ok
00:01:25.0403 0x3f30  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
00:01:25.0505 0x3f30  Tcpip - ok
00:01:25.0826 0x3f30  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
00:01:25.0914 0x3f30  TCPIP6 - ok
00:01:25.0968 0x3f30  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
00:01:25.0987 0x3f30  tcpipreg - ok
00:01:26.0009 0x3f30  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
00:01:26.0147 0x3f30  TDPIPE - ok
00:01:26.0188 0x3f30  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
00:01:26.0206 0x3f30  TDTCP - ok
00:01:26.0265 0x3f30  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\windows\system32\DRIVERS\tdx.sys
00:01:26.0319 0x3f30  tdx - ok
00:01:26.0393 0x3f30  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
00:01:26.0412 0x3f30  TermDD - ok
00:01:26.0478 0x3f30  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
00:01:26.0519 0x3f30  TermService - ok
00:01:26.0627 0x3f30  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
00:01:26.0652 0x3f30  Themes - ok
00:01:26.0677 0x3f30  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
00:01:26.0724 0x3f30  THREADORDER - ok
00:01:26.0777 0x3f30  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
00:01:26.0824 0x3f30  TrkWks - ok
00:01:26.0985 0x3f30  [ 325A512F98BEB97B1FFBE88927B8090D, 2A0C10516E3506D63290345DFAC98D5A623584767E034EBF652B9DBE6CF70547 ] Trufos          C:\windows\system32\DRIVERS\Trufos.sys
00:01:27.0016 0x3f30  Trufos - ok
00:01:27.0081 0x3f30  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
00:01:27.0126 0x3f30  TrustedInstaller - ok
00:01:27.0179 0x3f30  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
00:01:27.0198 0x3f30  tssecsrv - ok
00:01:27.0268 0x3f30  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
00:01:27.0310 0x3f30  TsUsbFlt - ok
00:01:27.0383 0x3f30  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
00:01:27.0427 0x3f30  tunnel - ok
00:01:27.0486 0x3f30  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
00:01:27.0505 0x3f30  uagp35 - ok
00:01:27.0569 0x3f30  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
00:01:27.0659 0x3f30  udfs - ok
00:01:27.0688 0x3f30  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
00:01:27.0709 0x3f30  UI0Detect - ok
00:01:27.0772 0x3f30  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
00:01:27.0790 0x3f30  uliagpkx - ok
00:01:27.0894 0x3f30  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
00:01:27.0913 0x3f30  umbus - ok
00:01:27.0981 0x3f30  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
00:01:27.0999 0x3f30  UmPass - ok
00:01:28.0140 0x3f30  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
00:01:28.0192 0x3f30  upnphost - ok
00:01:28.0277 0x3f30  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
00:01:28.0310 0x3f30  USBAAPL64 - ok
00:01:28.0371 0x3f30  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
00:01:28.0428 0x3f30  usbaudio - ok
00:01:28.0483 0x3f30  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
00:01:28.0510 0x3f30  usbccgp - ok
00:01:28.0574 0x3f30  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
00:01:28.0607 0x3f30  usbcir - ok
00:01:28.0655 0x3f30  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
00:01:28.0708 0x3f30  usbehci - ok
00:01:28.0762 0x3f30  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
00:01:28.0790 0x3f30  usbhub - ok
00:01:28.0857 0x3f30  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
00:01:28.0874 0x3f30  usbohci - ok
00:01:28.0905 0x3f30  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
00:01:28.0925 0x3f30  usbprint - ok
00:01:29.0013 0x3f30  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
00:01:29.0033 0x3f30  USBSTOR - ok
00:01:29.0088 0x3f30  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
00:01:29.0107 0x3f30  usbuhci - ok
00:01:29.0210 0x3f30  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
00:01:29.0234 0x3f30  usbvideo - ok
00:01:29.0273 0x3f30  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
00:01:29.0320 0x3f30  UxSms - ok
00:01:29.0340 0x3f30  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\windows\system32\lsass.exe
00:01:29.0357 0x3f30  VaultSvc - ok
00:01:29.0396 0x3f30  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
00:01:29.0416 0x3f30  vdrvroot - ok
00:01:29.0497 0x3f30  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
00:01:29.0632 0x3f30  vds - ok
00:01:29.0670 0x3f30  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
00:01:29.0692 0x3f30  vga - ok
00:01:29.0716 0x3f30  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
00:01:29.0762 0x3f30  VgaSave - ok
00:01:29.0825 0x3f30  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
00:01:29.0850 0x3f30  vhdmp - ok
00:01:29.0905 0x3f30  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
00:01:29.0947 0x3f30  viaide - ok
00:01:29.0968 0x3f30  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
00:01:30.0067 0x3f30  volmgr - ok
00:01:30.0137 0x3f30  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
00:01:30.0163 0x3f30  volmgrx - ok
00:01:30.0235 0x3f30  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
00:01:30.0261 0x3f30  volsnap - ok
00:01:30.0307 0x3f30  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
00:01:30.0327 0x3f30  vsmraid - ok
00:01:30.0519 0x3f30  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
00:01:30.0657 0x3f30  VSS - ok
00:01:30.0686 0x3f30  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
00:01:30.0711 0x3f30  vwifibus - ok
00:01:30.0761 0x3f30  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
00:01:30.0785 0x3f30  vwififlt - ok
00:01:30.0830 0x3f30  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
00:01:30.0851 0x3f30  vwifimp - ok
00:01:30.0911 0x3f30  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
00:01:30.0962 0x3f30  W32Time - ok
00:01:31.0038 0x3f30  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
00:01:31.0054 0x3f30  WacomPen - ok
00:01:31.0143 0x3f30  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
00:01:31.0178 0x3f30  WANARP - ok
00:01:31.0231 0x3f30  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
00:01:31.0267 0x3f30  Wanarpv6 - ok
00:01:31.0640 0x3f30  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
00:01:31.0755 0x3f30  WatAdminSvc - ok
00:01:31.0925 0x3f30  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
00:01:31.0993 0x3f30  wbengine - ok
00:01:32.0068 0x3f30  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
00:01:32.0097 0x3f30  WbioSrvc - ok
00:01:32.0202 0x3f30  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
00:01:32.0241 0x3f30  wcncsvc - ok
00:01:32.0299 0x3f30  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
00:01:32.0339 0x3f30  WcsPlugInService - ok
00:01:32.0371 0x3f30  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
00:01:32.0386 0x3f30  Wd - ok
00:01:32.0446 0x3f30  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\windows\system32\DRIVERS\wdcsam64.sys
00:01:32.0476 0x3f30  WDC_SAM - ok
00:01:32.0573 0x3f30  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
00:01:32.0623 0x3f30  Wdf01000 - ok
00:01:32.0713 0x3f30  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
00:01:32.0748 0x3f30  WdiServiceHost - ok
00:01:32.0754 0x3f30  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
00:01:32.0796 0x3f30  WdiSystemHost - ok
00:01:32.0882 0x3f30  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
00:01:32.0941 0x3f30  WebClient - ok
00:01:32.0963 0x3f30  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
00:01:33.0007 0x3f30  Wecsvc - ok
00:01:33.0051 0x3f30  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
00:01:33.0091 0x3f30  wercplsupport - ok
00:01:33.0132 0x3f30  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
00:01:33.0171 0x3f30  WerSvc - ok
00:01:33.0225 0x3f30  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
00:01:33.0261 0x3f30  WfpLwf - ok
00:01:33.0299 0x3f30  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
00:01:33.0314 0x3f30  WIMMount - ok
00:01:33.0347 0x3f30  WinDefend - ok
00:01:33.0365 0x3f30  WinHttpAutoProxySvc - ok
00:01:33.0452 0x3f30  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
00:01:33.0502 0x3f30  Winmgmt - ok
00:01:33.0621 0x3f30  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll
00:01:33.0773 0x3f30  WinRM - ok
00:01:33.0925 0x3f30  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
00:01:33.0946 0x3f30  WinUsb - ok
00:01:34.0093 0x3f30  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
00:01:34.0162 0x3f30  Wlansvc - ok
00:01:34.0248 0x3f30  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
00:01:34.0266 0x3f30  WmiAcpi - ok
00:01:34.0366 0x3f30  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
00:01:34.0387 0x3f30  wmiApSrv - ok
00:01:34.0424 0x3f30  WMPNetworkSvc - ok
00:01:34.0472 0x3f30  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
00:01:34.0507 0x3f30  WPCSvc - ok
00:01:34.0556 0x3f30  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
00:01:34.0580 0x3f30  WPDBusEnum - ok
00:01:34.0647 0x3f30  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
00:01:34.0686 0x3f30  ws2ifsl - ok
00:01:34.0748 0x3f30  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
00:01:34.0774 0x3f30  wscsvc - ok
00:01:34.0862 0x3f30  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys
00:01:34.0882 0x3f30  WSDPrintDevice - ok
00:01:34.0945 0x3f30  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\windows\system32\DRIVERS\WSDScan.sys
00:01:34.0980 0x3f30  WSDScan - ok
00:01:34.0983 0x3f30  WSearch - ok
00:01:35.0131 0x3f30  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\windows\system32\wuaueng.dll
00:01:35.0278 0x3f30  wuauserv - ok
00:01:35.0358 0x3f30  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
00:01:35.0411 0x3f30  WudfPf - ok
00:01:35.0444 0x3f30  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
00:01:35.0467 0x3f30  WUDFRd - ok
00:01:35.0521 0x3f30  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
00:01:35.0541 0x3f30  wudfsvc - ok
00:01:35.0615 0x3f30  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
00:01:35.0646 0x3f30  WwanSvc - ok
00:01:35.0695 0x3f30  ================ Scan global ===============================
00:01:35.0716 0x3f30  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
00:01:35.0780 0x3f30  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
00:01:35.0802 0x3f30  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
00:01:35.0883 0x3f30  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
00:01:35.0927 0x3f30  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
00:01:35.0938 0x3f30  [ Global ] - ok
00:01:35.0939 0x3f30  ================ Scan MBR ==================================
00:01:35.0988 0x3f30  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:01:36.0703 0x3f30  \Device\Harddisk0\DR0 - ok
00:01:36.0704 0x3f30  ================ Scan VBR ==================================
00:01:36.0722 0x3f30  [ 833B18B50F23D48101956149AF0FD26B ] \Device\Harddisk0\DR0\Partition1
00:01:36.0724 0x3f30  \Device\Harddisk0\DR0\Partition1 - ok
00:01:36.0751 0x3f30  [ 84E076F89DF66D1C895F7F64271719AC ] \Device\Harddisk0\DR0\Partition2
00:01:36.0753 0x3f30  \Device\Harddisk0\DR0\Partition2 - ok
00:01:36.0753 0x3f30  ================ Scan generic autorun ======================
00:01:37.0215 0x3f30  [ 1DB925810BA7020112D734248A01028D, 68C2A7948BA4DF917CACBCEE83C2DE3D3A2F791162B9730D312FEA4A7893CBEA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
00:01:37.0602 0x3f30  RtHDVCpl - ok
00:01:37.0612 0x3f30  BTMTrayAgent - ok
00:01:37.0798 0x3f30  [ 447F584F7702E1A94153FBBD5D5E6DA8, 2755D35E763D57E2809DE3FE29C2EE730D4904DC9561ADA97CD7AAB56915EE3E ] C:\windows\system32\M-AudioTaskBarIcon.exe
00:01:37.0848 0x3f30  M-Audio Taskbar Icon - ok
00:01:37.0891 0x3f30  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
00:01:37.0911 0x3f30  Logitech Download Assistant - ok
00:01:38.0056 0x3f30  [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
00:01:38.0078 0x3f30  IAStorIcon - ok
00:01:38.0376 0x3f30  [ A3A9163E10B5EF0B9D8573FF25EBBACB, BFF021122873455A16001A1D96C04A779365417110FCB4619CCDE17C62348D7C ] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
00:01:38.0512 0x3f30  MGSysCtrl - detected UnsignedFile.Multi.Generic ( 1 )
00:01:41.0086 0x3f30  Detect skipped due to KSN trusted
00:01:41.0086 0x3f30  MGSysCtrl - ok
00:01:41.0201 0x3f30  [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
00:01:41.0221 0x3f30  ArcSoft Connection Service - ok
00:01:41.0289 0x3f30  [ B52DB388BA6A1C7F5F4D64E5F32295BA, 042BCEAC7339A40AF6C2A9D56838B931020020EC355B57FD0493AD81439AE728 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
00:01:41.0372 0x3f30  NortonOnlineBackup - ok
00:01:41.0517 0x3f30  [ 452FA961163EF4AEE4815796A13AB2CF, 14DC422082F96F5C21C41A5E5F6E8445547CC4B02B18F0A86A34669CA2CE18A7 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
00:01:41.0531 0x3f30  Adobe Reader Speed Launcher - ok
00:01:41.0677 0x3f30  [ 8B718E2C3AE1EA0B90BFA793F7B558A7, 0912235AFEE8F4B2A8BB157A8E4FEC6244A3D24EFEF62C91A2DED32E1C79F224 ] C:\Program Files (x86)\Ask.com\Updater\Updater.exe
00:01:41.0702 0x3f30  ApnUpdater - ok
00:01:41.0800 0x3f30  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:01:41.0815 0x3f30  APSDaemon - ok
00:01:41.0882 0x3f30  [ 35D6CAAA9E4D82974A74DBDB53801F98, 5418B7BB40B097DA6370ADA1194F8B2D2D3EEFA3CA36A6EB31D39DF7791A25A3 ] C:\PROGRA~2\BRINGM~2\bar\1.bin\1cbrmon.exe
00:01:41.0895 0x3f30  BringMeSports_1c Browser Plugin Loader - ok
00:01:42.0054 0x3f30  [ 0EFC1601D502D20E42E577E979A22D4B, 4CA07B9FE0C9B409587C632A74F14370624FD1B03820EF93E496BA08964F0996 ] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
00:01:42.0074 0x3f30  TkBellExe - ok
00:01:42.0217 0x3f30  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
00:01:42.0234 0x3f30  iTunesHelper - ok
00:01:42.0329 0x3f30  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
00:01:42.0348 0x3f30  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
00:01:44.0919 0x3f30  Detect skipped due to KSN trusted
00:01:44.0919 0x3f30  QuickTime Task - ok
00:01:45.0009 0x3f30  [ 9153F2335BCDB87F41559CF066223BF9, C0F89F9A63B1F49F007A971F5180128EC0AFBBBF7CFA82CA1FA44CB9DB5F8BB3 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:01:45.0062 0x3f30  SunJavaUpdateSched - ok
00:01:45.0249 0x3f30  [ E43A851F7B12DE589424D6C656155CFC, FD42172921C18D1BBDFC0C5CFFFD6D0534764D770E210CA3E1DF61A66A99BE62 ] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
00:01:45.0282 0x3f30  AdobeCS4ServiceManager - ok
00:01:45.0475 0x3f30  [ 35FD33EAE23AF69715EE3231A9F15B82, C7351F3537F4B938E4E8A8A8DD59039298F9B09678A4BC09B2A362DC4B25E2C0 ] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
00:01:45.0487 0x3f30  Adobe Acrobat Speed Launcher - ok
00:01:45.0676 0x3f30  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:01:45.0799 0x3f30  Sidebar - ok
00:01:45.0830 0x3f30  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:01:45.0855 0x3f30  mctadmin - ok
00:01:45.0891 0x3f30  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:01:45.0941 0x3f30  Sidebar - ok
00:01:45.0948 0x3f30  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:01:45.0972 0x3f30  mctadmin - ok
00:01:46.0036 0x3f30  [ F520895C844EE48A678E23AF81823E62, 298BCE91552162774559DC98E0D50FE7145F4C154B4BC92BAD2F6636DDEF092E ] C:\Program Files\Sandboxie\SbieCtrl.exe
00:01:46.0085 0x3f30  SandboxieControl - ok
00:01:46.0320 0x3f30  [ D39DA5B7139B4B5147B3C6A94978B5AA, 7C1D918C9A4768C8776F02FAC61F7252BCD1055BD4BC741A432A1D703514103E ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
00:01:46.0528 0x3f30  msnmsgr - ok
00:01:46.0712 0x3f30  [ A07E8935CC8DCE6DB787DC99129CA17C, D432E0414E2B59B90A8826984F4649AF810E8385C7CCEDF646B99C027113301A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
00:01:46.0813 0x3f30  DAEMON Tools Lite - ok
00:01:47.0015 0x3f30  [ B9D6D7E6E5C4FCD8DD7F88EC9D563085, C99B96924C8F2E24C39557E527E7F9E3C385A48D808EC343FB3368CEA92B3EAF ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
00:01:47.0064 0x3f30  GoogleChromeAutoLaunch_4E6299B33FA0592A57BB7C6E94F010D2 - ok
00:01:47.0180 0x3f30  [ EC58C1A9A3281CE0C8FCC05BDBFECB37, 3738BBC112346B32F686F1CB4B4AAD89B06AA1F8FB2D333BC2D2F554212A0A59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
00:01:47.0196 0x3f30  iCloudServices - ok
00:01:47.0262 0x3f30  [ 2D29BAC8469818E04AA9AA1CBB5D6FED, 5239A6238A442B4799B8266F45DE2A85902D85505AAE6FA864367335813F0342 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
00:01:47.0278 0x3f30  ApplePhotoStreams - ok
00:01:47.0360 0x3f30  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
00:01:47.0373 0x3f30  swg - ok
00:01:47.0532 0x3f30  [ D03CD0F53324567E108B3915478247A8, 9F03504978FA23F1606B02BFB1A8F1C94D7BF42CEDB05ECB643287AEFC039227 ] C:\windows\system32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
00:01:47.0581 0x3f30  FlashPlayerUpdate - ok
00:01:48.0288 0x3f30  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:01:48.0407 0x3f30  Sidebar - ok
00:01:48.0465 0x3f30  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:01:48.0527 0x3f30  mctadmin - ok
00:01:48.0528 0x3f30  Waiting for KSN requests completion. In queue: 25
00:01:49.0528 0x3f30  Waiting for KSN requests completion. In queue: 25
00:01:50.0528 0x3f30  Waiting for KSN requests completion. In queue: 25
00:01:51.0672 0x3f30  AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareSecurityCenter.exe ( 11.5.202.7299 ), 0x40010 ( disabled : outofdate )
00:01:51.0693 0x3f30  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\WSCStub.exe ( 17.9.0.0 ), 0x50010 ( disabled : outofdate )
00:01:51.0695 0x3f30  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\WSCStub.exe ( 17.9.0.0 ), 0x50010 ( disabled )
00:01:51.0696 0x3f30  FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareSecurityCenter.exe ( 11.5.202.7299 ), 0x40010 ( disabled )
00:01:51.0721 0x3f30  Win FW state via NFP2: enabled
00:01:54.0277 0x3f30  ============================================================
00:01:54.0277 0x3f30  Scan finished
00:01:54.0277 0x3f30  ============================================================
00:01:54.0286 0x3644  Detected object count: 2
00:01:54.0286 0x3644  Actual detected object count: 2
00:05:39.0920 0x3644  PrivoxyService ( UnsignedFile.Multi.Generic ) - skipped by user
00:05:39.0920 0x3644  PrivoxyService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:05:39.0921 0x3644  RealPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:05:39.0921 0x3644  RealPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
 


  • 0

#6
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

I am not getting help on any other forums.



Thanks for your response and help!


Hello :)

You're quite welcome. :thumbsup:

I see a large amount of these in your downloads folder. Some of them have company names, but some are definitely malware related. Do you recognize these? If not, I will remove them in my fix. Please let me know. I'm currently preparing your fix. :)

C:\Users\Chris\Downloads\Unconfirmed 62263.crdownload
  • 0

#7
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I don't recognize it.
  • 0

#8
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

I don't recognize it.


Ok, thank you, let's get started. :) There is a lot listed here, so please take your time and read through each step. There's no hurry, as we do this on the pace that works best for you.

At the conclusion of these steps, please let me know how the machine is running. We will have more to do, but this will give me an idea of how things are progressing. :thumbsup:

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Warnings and Program Uninstalls


The Dangers of P2P Programs

I noticed that you have a P2P file sharing program on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

There are also new infections out there such as CryptoWall 3.0 and CryptoLocker. When infected with these, all of your personal files on any drive connected to your computer will be affected. These infections copy all your files, encrypt them, and then delete the originals, leaving you with the encrypted copies. You are then presented with a screen telling you you have a certain amount of time to pay the ransom for the decryption code to decrypt your files. Even if you pay the ransom, there decryption process usually results in corrupt and unusable files.

There is nothing we can do to decrypt the files, as they use very sophisticated encryption techniques. Please consider this when using P2P programs. Malware and ransomware writers use P2P to spread their infections.


Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams

USA Today Artticle on P2P Programs

File Sharing Infects 500,000 Computers

I very much recommend you uninstall this program from your machine. If not, I can guarantee you will be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.


Multiple Anti-Virus Programs Installed


Your log indicates you have 2 or more anti-virus programs installed on your machine. They are "Ad-Aware Anti-Virus" and "Norton Internet Security". They are both currently out of date as well.
  • Research shows that having multiple anti-virus programs installed is not a good idea. This is a case of more is not better. They will often conflict with each, provide false positives, and additional problems.
  • We need to remove one or more of these from your system. Do you have a preference as to which one? If you have paid for one, I would recommend you keep that one and uninstall the other.
Program Uninstalls and Chrome Extension Removals

Please uninstall the following programs from your machine as they are adware/malware related or in the case of Daemon Tools, will interfere with the fixes:
  • Daemon Tools Lite
  • BringMeSportsbar toolbar
  • Ask Toolbar
  • Conduit Engine
  • Idle Crawler
  • uTorrentBar Toolbar
Remove Chrome Extensions

There are some extensions in Chrome that need to be removed, please follow the instructions below to remove them.

Start Chrome and type this into the address bar: chrome:extensions

This will display a page of all the installed extensions. Please remove the extensions listed below by clicking the trash can icon.

If one of the extensions I've asked you to remove is not listed, don't worry about it. Just move on to the next one in the list. :)
  • HWvidPv1.12
  • Rr Savings
  • PricePeep
Step 2: Fix with FRST
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
CreateRestorePoint:
CloseProcesses:
(COMPANYVERS_NAME) C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbarsvc.exe
C:\Program Files (x86)\BringMeSports_1c
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Ask.com
(VER_COMPANY_NAME) C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbrmon.exe
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [395144 2011-05-17] (Ask)
HKLM-x32\...\Run: [BringMeSports_1c Browser Plugin Loader] => C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbrmon.exe [30096 2012-12-09] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\MountPoints2: {42b37c81-8660-11e0-a613-406186b4c408} - F:\Autorun.exe
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\MountPoints2: {60ede31e-a5e8-11e4-b1de-406186b4c408} - G:\Setup.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62213;https=127.0.0.1:62213
ProxyServer: [S-1-5-21-346444361-470292555-3986792257-1000] => 127.0.0.1:8118
URLSearchHook: HKLM-x32 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {f2c43291-151e-499c-98a7-923c120b88fa} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {06b5b051-1d05-443d-822f-39ab0d05f018} - C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cSrcAs.dll (MindSpark)
SearchScopes: HKLM-x32 -> {8c9ef753-beb6-4582-b653-93ac59274437} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT3074349
BHO-x32: Search Assistant BHO -> {002d1ba6-4766-4d7d-82b8-f49439c66f97} -> C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cSrcAs.dll [2012-12-09] (MindSpark)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17] (Ask)
BHO-x32: Toolbar BHO -> {f653d037-97fa-4755-98c1-7f382eeb59a7} -> C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbar.dll [2012-12-09] (MindSpark)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17] (Ask)
Toolbar: HKLM-x32 - BringMeSports - {cc53bd19-7b23-43b0-ab7c-0e06c708cced} - C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbar.dll [2012-12-09] (MindSpark)
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {F2C43291-151E-499C-98A7-923C120B88FA} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {CC53BD19-7B23-43B0-AB7C-0E06C708CCED} - No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Extension: ArcadeParlor - C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} [2014-04-28]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=M6B691981-25AB-4032-A8BB-9F2A0CF70104&SearchSource=55&CUI=&UM=8&UP=SP76EEA3FA-1DB6-445B-A55B-A793EC901AAE&SSPV=SP22030TA_sp_ch
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=M35D8DE5C-EF21-42CD-B7F3-2B009843728F&SearchSource=55&CUI=&UM=8&UP=SPAC345DF8-D122-46F3-86FC-20CD4250A967&SSPV=SP22030TA_sp_ch"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com...SP22030TA_sp_ch
CHR DefaultSuggestURL: Default -> http://suggest.secci...x={searchTerms}
C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak
C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe
C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
R2 BringMeSports_1cService; C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbarsvc.exe [42504 2012-12-09] (COMPANYVERS_NAME)
S4 LMIRfsClientNP; No ImagePath
2015-03-20 05:19 - 2014-11-18 16:36 - 00000000 ____D () C:\Program Files (x86)\Jelbrus Secure Web
2015-03-12 15:38 - 2014-11-18 16:36 - 00003274 _____ () C:\windows\System32\Tasks\Jelbrus Secure Web Task
Task: {0A29426E-BF9A-48C7-BFE0-8D5A6FEF6229} - System32\Tasks\Jelbrus Secure Web Task => C:\Program Files (x86)\Jelbrus Secure Web\jswtask.exe <==== ATTENTION
Task: {0DEB2100-97FF-4F15-B8D0-67586B31D126} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {1428C219-7744-4990-9881-0609F50F2794} - System32\Tasks\GPUP => C:\Program Files (x86)\GetPrivate\gpup.exe <==== ATTENTION
C:\Program Files (x86)\Jelbrus Secure Web
C:\Program Files (x86)\AnyProtectEx
C:\Program Files (x86)\GetPrivate
Task: {47042731-2F6B-4FBF-B70D-14A6223088FA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B233BE14-AB31-4C74-876D-62549F817FC3} - System32\Tasks\avaxvyyvyf => C:\Users\Chris\AppData\Local\avaxvyyvyf\avaxvyyvyf.exe <==== ATTENTION
Task: {B5E6F3A2-A25E-4AAE-9C1D-ADDA804DCA15} - System32\Tasks\avaxvyyvyd => C:\Users\Chris\AppData\Local\avaxvyyvyd\avaxvyyvyd.exe <==== ATTENTION
C:\Users\Chris\AppData\Local\avaxvyyvyd
C:\Users\Chris\AppData\Local\avaxvyyvyf
Task: {D6114708-D4C1-4BD9-9D00-2837DE241712} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {D77D7246-5CF3-4C05-9F47-18760CD13DA8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2011-05-17] () <==== ATTENTION
C:\Program Files (x86)\Ask.com
Task: C:\windows\Tasks\53491cbe-765c-47c6-8c10-8f39da469456-1.job => C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-codedownloader.exe÷/LXGOVx /gxvgp=task /varXeEF='Plus-HD-9.3' /PIElTSfTy=53098 /FWFoJ='001263' /MOFVpqob='0' /NRvLRj='0' /lmDnh=9B5E66FE030D4D45B52620CBD5F2372AIE /qbiQLmJI=4aca28a808182f26e0ad73f36c4a713a /WdpIIVR=1_34_05_04 /hfRKuKJ=1.34.5.4 /aiWiYF=1399779555 /ttQgBkm=http:/stats.clientstaticserv.com /XwyJPS=http:/errors.clientstaticserv.com /QYtjI=http:/js.clientstaticserv.com /BSReB=ie /DggCarN /UgcJbSN='http:/update.clientstaticserv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
C:\Users\Chris\Downloads\Unconfirmed*.crdownload
Removeproxy:
cmd: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: Junkware Removal Tool


thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleaner2_zps680e0e15.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Cleaning button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Step 5: Fresh FRST Scan
  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce one log this time. Please post it in your next reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

Fresh FRST.txt Log

  • 0

#9
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Ok, I went to start uninstalling the things that you mentioned before I went on to any other steps and everything uninstalled fine, except for:

 

Conduit Engine: I right click, then click uninstall/change and nothing happens.  Restarted my computer for the other installs to finish and tried again with the same result.  I performed a search and no results came up other than the log files from the previous steps.

 

uTorrentBar Toolbar - Right clicked and then clicked Uninstall/Change and a box popped up that says: Could not open INSTALL.LOG file.

 

Should I go ahead and move forward with the next steps? Or what should I do about these two?


  • 0

#10
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

This may be relevant for the uTorrentBar.  I had already uninstalled uTorrent on your recommendation to get rid of P2P programs.  I wonder if that's why the tool bar won't install.


  • 0

Advertisements


#11
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Should I go ahead and move forward with the next steps? Or what should I do about these two?


Yes, proceed with the remaining steps. Those two programs will be eliminated in the fixes I have provided. Also, that is definitely a possibility why it won't uninstall. :)
  • 0

#12
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Here is the fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Chris at 2015-03-26 22:10:53 Run:1
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available profiles: Chris)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CreateRestorePoint:
CloseProcesses:
(COMPANYVERS_NAME) C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbarsvc.exe
C:\Program Files (x86)\BringMeSports_1c
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Ask.com
(VER_COMPANY_NAME) C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbrmon.exe
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [395144 2011-05-17] (Ask)
HKLM-x32\...\Run: [BringMeSports_1c Browser Plugin Loader] => C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbrmon.exe [30096 2012-12-09] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\MountPoints2: {42b37c81-8660-11e0-a613-406186b4c408} - F:\Autorun.exe
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\MountPoints2: {60ede31e-a5e8-11e4-b1de-406186b4c408} - G:\Setup.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62213;https=127.0.0.1:62213
ProxyServer: [S-1-5-21-346444361-470292555-3986792257-1000] => 127.0.0.1:8118
URLSearchHook: HKLM-x32 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {f2c43291-151e-499c-98a7-923c120b88fa} - No File
URLSearchHook: HKU\S-1-5-21-346444361-470292555-3986792257-1000 - (No Name) - {06b5b051-1d05-443d-822f-39ab0d05f018} - C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cSrcAs.dll (MindSpark)
SearchScopes: HKLM-x32 -> {8c9ef753-beb6-4582-b653-93ac59274437} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT3074349
BHO-x32: Search Assistant BHO -> {002d1ba6-4766-4d7d-82b8-f49439c66f97} -> C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cSrcAs.dll [2012-12-09] (MindSpark)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17] (Ask)
BHO-x32: Toolbar BHO -> {f653d037-97fa-4755-98c1-7f382eeb59a7} -> C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbar.dll [2012-12-09] (MindSpark)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-05-17] (Ask)
Toolbar: HKLM-x32 - BringMeSports - {cc53bd19-7b23-43b0-ab7c-0e06c708cced} - C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbar.dll [2012-12-09] (MindSpark)
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {F2C43291-151E-499C-98A7-923C120B88FA} - No File
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> No Name - {CC53BD19-7B23-43B0-AB7C-0E06C708CCED} - No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Extension: ArcadeParlor - C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} [2014-04-28]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=M6B691981-25AB-4032-A8BB-9F2A0CF70104&SearchSource=55&CUI=&UM=8&UP=SP76EEA3FA-1DB6-445B-A55B-A793EC901AAE&SSPV=SP22030TA_sp_ch
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=M35D8DE5C-EF21-42CD-B7F3-2B009843728F&SearchSource=55&CUI=&UM=8&UP=SPAC345DF8-D122-46F3-86FC-20CD4250A967&SSPV=SP22030TA_sp_ch"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> http://www.trovi.com...SP22030TA_sp_ch
CHR DefaultSuggestURL: Default -> http://suggest.secci...x={searchTerms}
C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak
C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe
C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
R2 BringMeSports_1cService; C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbarsvc.exe [42504 2012-12-09] (COMPANYVERS_NAME)
S4 LMIRfsClientNP; No ImagePath
2015-03-20 05:19 - 2014-11-18 16:36 - 00000000 ____D () C:\Program Files (x86)\Jelbrus Secure Web
2015-03-12 15:38 - 2014-11-18 16:36 - 00003274 _____ () C:\windows\System32\Tasks\Jelbrus Secure Web Task
Task: {0A29426E-BF9A-48C7-BFE0-8D5A6FEF6229} - System32\Tasks\Jelbrus Secure Web Task => C:\Program Files (x86)\Jelbrus Secure Web\jswtask.exe <==== ATTENTION
Task: {0DEB2100-97FF-4F15-B8D0-67586B31D126} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {1428C219-7744-4990-9881-0609F50F2794} - System32\Tasks\GPUP => C:\Program Files (x86)\GetPrivate\gpup.exe <==== ATTENTION
C:\Program Files (x86)\Jelbrus Secure Web
C:\Program Files (x86)\AnyProtectEx
C:\Program Files (x86)\GetPrivate
Task: {47042731-2F6B-4FBF-B70D-14A6223088FA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {B233BE14-AB31-4C74-876D-62549F817FC3} - System32\Tasks\avaxvyyvyf => C:\Users\Chris\AppData\Local\avaxvyyvyf\avaxvyyvyf.exe <==== ATTENTION
Task: {B5E6F3A2-A25E-4AAE-9C1D-ADDA804DCA15} - System32\Tasks\avaxvyyvyd => C:\Users\Chris\AppData\Local\avaxvyyvyd\avaxvyyvyd.exe <==== ATTENTION
C:\Users\Chris\AppData\Local\avaxvyyvyd
C:\Users\Chris\AppData\Local\avaxvyyvyf
Task: {D6114708-D4C1-4BD9-9D00-2837DE241712} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {D77D7246-5CF3-4C05-9F47-18760CD13DA8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2011-05-17] () <==== ATTENTION
C:\Program Files (x86)\Ask.com
Task: C:\windows\Tasks\53491cbe-765c-47c6-8c10-8f39da469456-1.job => C:\Program Files (x86)\Plus-HD-9.3\Plus-HD-9.3-codedownloader.exe÷/LXGOVx /gxvgp=task /varXeEF='Plus-HD-9.3' /PIElTSfTy=53098 /FWFoJ='001263' /MOFVpqob='0' /NRvLRj='0' /lmDnh=9B5E66FE030D4D45B52620CBD5F2372AIE /qbiQLmJI=4aca28a808182f26e0ad73f36c4a713a /WdpIIVR=1_34_05_04 /hfRKuKJ=1.34.5.4 /aiWiYF=1399779555 /ttQgBkm=http:/stats.clientstaticserv.com /XwyJPS=http:/errors.clientstaticserv.com /QYtjI=http:/js.clientstaticserv.com /BSReB=ie /DggCarN /UgcJbSN='http:/update.clientstaticserv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
C:\Users\Chris\Downloads\Unconfirmed*.crdownload
Removeproxy:
cmd: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End

*****************

Restore point was successfully created.
Processes closed successfully.
C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbarsvc.exe => No running process found
"C:\Program Files (x86)\BringMeSports_1c" => File/Directory not found.
C:\Program Files (x86)\Ask.com\Updater\Updater.exe => No running process found
"C:\Program Files (x86)\Ask.com" => File/Directory not found.
C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbrmon.exe => No running process found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BringMeSports_1c Browser Plugin Loader => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
"HKU\S-1-5-21-346444361-470292555-3986792257-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42b37c81-8660-11e0-a613-406186b4c408}" => Key deleted successfully.
HKCR\CLSID\{42b37c81-8660-11e0-a613-406186b4c408} => Key not found.
"HKU\S-1-5-21-346444361-470292555-3986792257-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60ede31e-a5e8-11e4-b1de-406186b4c408}" => Key deleted successfully.
HKCR\CLSID\{60ede31e-a5e8-11e4-b1de-406186b4c408} => Key not found.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => value deleted successfully.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => value deleted successfully.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f2c43291-151e-499c-98a7-923c120b88fa} => value deleted successfully.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{06b5b051-1d05-443d-822f-39ab0d05f018} => Value not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{8c9ef753-beb6-4582-b653-93ac59274437}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8c9ef753-beb6-4582-b653-93ac59274437} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{002d1ba6-4766-4d7d-82b8-f49439c66f97} => Key not found.
HKCR\Wow6432Node\CLSID\{002d1ba6-4766-4d7d-82b8-f49439c66f97} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f653d037-97fa-4755-98c1-7f382eeb59a7} => Key not found.
HKCR\Wow6432Node\CLSID\{f653d037-97fa-4755-98c1-7f382eeb59a7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value not found.
HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{cc53bd19-7b23-43b0-ab7c-0e06c708cced} => Value not found.
HKCR\Wow6432Node\CLSID\{cc53bd19-7b23-43b0-ab7c-0e06c708cced} => Key not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value not found.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => value deleted successfully.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} => value deleted successfully.
HKCR\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} => Key not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F2C43291-151E-499C-98A7-923C120B88FA} => value deleted successfully.
HKCR\CLSID\{F2C43291-151E-499C-98A7-923C120B88FA} => Key not found.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CC53BD19-7B23-43B0-AB7C-0E06C708CCED} => Value not found.
HKCR\CLSID\{CC53BD19-7B23-43B0-AB7C-0E06C708CCED} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer" => Key deleted successfully.
C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404} => Moved successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
"C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngfnjclpjflgomhidfecidndbfaniak" => File/Directory not found.
"C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe" => File/Directory not found.
"C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb" => File/Directory not found.
BringMeSports_1cService => Service not found.
LMIRfsClientNP => Service deleted successfully.
C:\Program Files (x86)\Jelbrus Secure Web => Moved successfully.
C:\windows\System32\Tasks\Jelbrus Secure Web Task => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A29426E-BF9A-48C7-BFE0-8D5A6FEF6229}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A29426E-BF9A-48C7-BFE0-8D5A6FEF6229}" => Key deleted successfully.
C:\Windows\System32\Tasks\Jelbrus Secure Web Task not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jelbrus Secure Web Task" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DEB2100-97FF-4F15-B8D0-67586B31D126}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DEB2100-97FF-4F15-B8D0-67586B31D126}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1428C219-7744-4990-9881-0609F50F2794}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1428C219-7744-4990-9881-0609F50F2794}" => Key deleted successfully.
C:\Windows\System32\Tasks\GPUP => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUP" => Key deleted successfully.
"C:\Program Files (x86)\Jelbrus Secure Web" => File/Directory not found.
"C:\Program Files (x86)\AnyProtectEx" => File/Directory not found.
C:\Program Files (x86)\GetPrivate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47042731-2F6B-4FBF-B70D-14A6223088FA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47042731-2F6B-4FBF-B70D-14A6223088FA}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B233BE14-AB31-4C74-876D-62549F817FC3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B233BE14-AB31-4C74-876D-62549F817FC3}" => Key deleted successfully.
C:\Windows\System32\Tasks\avaxvyyvyf => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avaxvyyvyf" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5E6F3A2-A25E-4AAE-9C1D-ADDA804DCA15}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5E6F3A2-A25E-4AAE-9C1D-ADDA804DCA15}" => Key deleted successfully.
C:\Windows\System32\Tasks\avaxvyyvyd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avaxvyyvyd" => Key deleted successfully.
C:\Users\Chris\AppData\Local\avaxvyyvyd => Moved successfully.
C:\Users\Chris\AppData\Local\avaxvyyvyf => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6114708-D4C1-4BD9-9D00-2837DE241712}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6114708-D4C1-4BD9-9D00-2837DE241712}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D77D7246-5CF3-4C05-9F47-18760CD13DA8} => Key not found.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key not found.
"C:\Program Files (x86)\Ask.com" => File/Directory not found.
C:\windows\Tasks\53491cbe-765c-47c6-8c10-8f39da469456-1.job => Moved successfully.
C:\windows\Tasks\APSnotifierPP1.job => Moved successfully.
C:\windows\Tasks\APSnotifierPP2.job => Moved successfully.
C:\windows\Tasks\APSnotifierPP3.job => Moved successfully.
C:\Users\Chris\Downloads\Unconfirmed*.crdownload => Moved successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-346444361-470292555-3986792257-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.

========= End of RemoveProxy: =========

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

=========  netsh advfirewall reset =========

Ok.

========= End of CMD: =========

=========  netsh advfirewall set allprofiles state on =========

Ok.

========= End of CMD: =========

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 10.3 GB temporary data.

The system needed a reboot.

==== End of Fixlog 22:18:44 ====


  • 0

#13
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 7 Home Premium x64
Ran by Chris on Thu 03/26/2015 at 22:29:59.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT3074349
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3074349
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateDolphinDeals_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateDolphinDeals_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateDolphinDeals_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateDolphinDeals_RASMANCS

 

~~~ Files

Successfully deleted: [File] C:\windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf
Successfully deleted: [File] C:\windows\prefetch\GOOGLETOOLBARUSER_32.EXE-66EEE4D2.pf

 

~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\flexnet"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\local\browsersafeguard"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\local\visualbeeclient"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\local\visualbeeexe"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\local\weatheralerts"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\locallow\conduitengine"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Chris\appdata\locallow\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\browsersafeguard"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduitengine"
Successfully deleted: [Folder] "C:\Program Files (x86)\consumer input"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed maximizer"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentbar"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc optimizer pro"
Successfully deleted: [Folder] "C:\Users\Chris\AppData\Roaming\microsoft\windows\start menu\programs\arcadeparlor"
Successfully deleted: [Folder] "C:\Users\Chris\AppData\Roaming\microsoft\windows\start menu\programs\weather alerts"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/26/2015 at 22:34:49.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

#14
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

# AdwCleaner v4.113 - Logfile created 26/03/2015 at 22:40:23
# Updated 22/03/2015 by Xplode
# Database : 2015-03-26.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Chris - CHRISB
# Running from : C:\Users\Chris\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : PrivoxyService

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Rr Savings
Folder Deleted : C:\Program Files\PC Optimizer Pro
Folder Deleted : C:\Program Files\pcreg
Folder Deleted : C:\Program Files\RrFilter
Folder Deleted : C:\Program Files\RrSavings
Folder Deleted : C:\Users\Chris\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\Chris\AppData\Roaming\AnyProtectEx
Folder Deleted : C:\Users\Chris\AppData\Roaming\GetPrivate
Folder Deleted : C:\Users\Chris\AppData\Roaming\InetStat
Folder Deleted : C:\Users\Chris\Desktop\Ignite
File Deleted : C:\Users\Chris\Desktop\Continue Live Installation.lnk

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2F4D7835-42B0-4BA7-9587-1B01393F78EE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82C7004A-078E-468C-9C0F-2243618FF7CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC61CA7A-6B81-47EC-B62D-AE1A236CADB9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2F4D7835-42B0-4BA7-9587-1B01393F78EE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{30CBDB40-5B21-481B-A09B-F87CEF73F020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3436BC13-C898-4775-B1EA-BA224587010D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{89B7AE32-9C52-41D6-A64D-14D7BDEC9C58}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{952EEDFD-A98B-4670-9BDD-3634C8846FC1}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InetStat
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKLM\SOFTWARE\AdvertisingSupport
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\ImInstaller
Key Deleted : HKLM\SOFTWARE\Browser Warden
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetwater.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovi.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wajam.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweetwater.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.trovi.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.wajam.com

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

-\\ Google Chrome v41.0.2272.101

[C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3332200&octid=EB_ORIGINAL_CTID&ISID=M35D8DE5C-EF21-42CD-B7F3-2B009843728F&SearchSource=58&CUI=&UM=8&UP=SPAC345DF8-D122-46F3-86FC-20CD4250A967&q={searchTerms}&SSPV=SP22030TA_sp_ch

*************************

AdwCleaner[R0].txt - [5768 bytes] - [26/03/2015 22:37:57]
AdwCleaner[S0].txt - [5466 bytes] - [26/03/2015 22:40:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5525  bytes] ##########


  • 0

#15
Acousticcountry

Acousticcountry

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Chris (administrator) on CHRISB on 26-03-2015 22:48:12
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available profiles: Chris)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(MOTU Inc.) C:\Program Files (x86)\MOTU\motuDNSResponder.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [M-Audio Taskbar Icon] => C:\windows\system32\M-AudioTaskBarIcon.exe [798728 2010-12-07] (Avid Technology, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe [8947008 2014-12-18] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2396160 2010-01-08] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520 2014-08-14] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [590056 2010-10-17] (SANDBOXIE L.T.D)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [GoogleChromeAutoLaunch_4E6299B33FA0592A57BB7C6E94F010D2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-02-02] (Google Inc.)
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\PHOTOJ~1.SCR
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-346444361-470292555-3986792257-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {789F9CCE-188C-46E2-A713-18E5A6B68305} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {85A78607-08E6-45B2-B40E-CB2746BDD490} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> {85A78607-08E6-45B2-B40E-CB2746BDD490} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2014-07-30] (RealDownloader)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-26] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-07-30] (RealDownloader)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-26] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-26] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-346444361-470292555-3986792257-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-26] (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @emusic.com/dlm-plugin -> C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll [2010-01-20] (eMusic.com)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-07-30] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-08-14] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-26] (Google Inc.)
FF Plugin HKU\S-1-5-21-346444361-470292555-3986792257-1000: @emusic.com/dlm-plugin -> C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll [2010-01-20] (eMusic.com)
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe [713568 2014-12-18] ()
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MOTU_ZeroConf; C:\Program Files (x86)\MOTU\motuDNSResponder.exe [390544 2014-08-27] (MOTU Inc.)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4948992 2009-07-17] (Native Instruments GmbH) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-14] (RealNetworks, Inc.)
S2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [99048 2010-10-17] (SANDBOXIE L.T.D)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-10-09] (BitDefender LLC)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-09-20] (JMicron )
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [187912 2010-12-07] (Avid Technology, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [145512 2010-10-17] (SANDBOXIE L.T.D)
S3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-10-09] (BitDefender S.R.L.)
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-26 22:37 - 2015-03-26 22:40 - 00000000 ____D () C:\AdwCleaner
2015-03-26 22:36 - 2015-03-26 22:36 - 02168320 _____ () C:\Users\Chris\Desktop\AdwCleaner.exe
2015-03-26 22:34 - 2015-03-26 22:34 - 00004613 _____ () C:\Users\Chris\Desktop\JRT.txt
2015-03-26 22:29 - 2015-03-26 22:29 - 01388782 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe
2015-03-26 13:46 - 2015-03-26 22:43 - 00003358 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-346444361-470292555-3986792257-1000
2015-03-26 13:46 - 2015-03-26 22:43 - 00003224 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-346444361-470292555-3986792257-1000
2015-03-25 01:13 - 2015-03-25 01:13 - 00003134 _____ () C:\windows\System32\Tasks\{2A1D7673-8371-4150-9A35-843CAAB7457F}
2015-03-24 16:09 - 2015-03-10 23:06 - 00943616 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-24 16:09 - 2015-03-10 23:06 - 00760832 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-24 16:09 - 2015-03-10 23:06 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-24 16:09 - 2015-03-10 23:06 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-24 16:09 - 2015-03-10 23:05 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-24 16:09 - 2015-03-10 23:05 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-24 16:09 - 2015-03-10 23:05 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-03-24 16:09 - 2015-03-10 23:02 - 01107456 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-23 23:51 - 2015-03-23 23:51 - 00060635 _____ () C:\Users\Chris\Desktop\Addition.txt
2015-03-23 23:49 - 2015-03-26 22:48 - 00022927 _____ () C:\Users\Chris\Desktop\FRST.txt
2015-03-23 23:49 - 2015-03-26 22:48 - 00000000 ____D () C:\FRST
2015-03-23 23:47 - 2015-03-23 23:47 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Desktop\tdsskiller.exe
2015-03-23 23:44 - 2015-03-23 23:44 - 02095616 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2015-03-21 17:49 - 2015-03-21 18:38 - 00503305 _____ () C:\Users\Chris\AppData\Local\census.cache
2015-03-21 17:48 - 2015-03-21 18:38 - 00223573 _____ () C:\Users\Chris\AppData\Local\ars.cache
2015-03-21 17:38 - 2015-03-21 18:28 - 00000010 _____ () C:\Users\Chris\AppData\Local\sponge.last.runtime.cache
2015-03-21 17:21 - 2015-03-21 17:21 - 00000036 _____ () C:\Users\Chris\AppData\Local\housecall.guid.cache
2015-03-15 05:48 - 2015-03-15 05:49 - 10294272 _____ () C:\Users\Chris\Downloads\101857102.xls
2015-03-13 05:21 - 2015-03-13 05:21 - 00000538 _____ () C:\Users\Chris\Downloads\Setup                         .website
2015-03-10 21:34 - 2015-03-10 21:35 - 00001051 _____ () C:\Users\Chris\Downloads\Download-setup (1).website
2015-03-10 16:41 - 2015-02-19 23:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-10 16:41 - 2015-02-19 23:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-10 16:41 - 2015-02-19 23:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-10 16:41 - 2015-02-19 23:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-10 16:41 - 2015-02-19 23:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-10 16:41 - 2015-02-19 23:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-10 16:41 - 2015-02-19 23:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-10 16:41 - 2015-02-19 23:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-10 16:41 - 2015-02-19 22:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-10 16:41 - 2015-02-19 22:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-10 16:41 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-10 16:41 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-10 16:40 - 2015-01-28 22:23 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-10 16:40 - 2015-01-28 22:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-10 16:40 - 2015-01-28 22:19 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-10 16:40 - 2015-01-28 22:19 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-10 16:40 - 2015-01-28 22:18 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-10 16:40 - 2015-01-28 22:18 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-10 16:40 - 2015-01-28 22:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-10 16:40 - 2015-01-28 22:05 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-10 16:40 - 2015-01-28 22:05 - 03917752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-10 16:40 - 2015-01-28 22:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-10 16:40 - 2015-01-28 21:57 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-10 16:39 - 2015-03-06 00:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-10 16:39 - 2015-03-06 00:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-10 16:39 - 2015-03-06 00:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-10 16:39 - 2015-03-06 00:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-10 16:39 - 2015-03-06 00:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-10 16:39 - 2015-03-06 00:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-10 16:39 - 2015-03-06 00:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-10 16:39 - 2015-03-06 00:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-10 16:39 - 2015-03-06 00:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-10 16:39 - 2015-03-06 00:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-10 16:39 - 2015-03-06 00:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-10 16:39 - 2015-03-06 00:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-10 16:39 - 2015-03-06 00:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-10 16:39 - 2015-03-06 00:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-10 16:39 - 2015-03-06 00:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-10 16:39 - 2015-02-13 00:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-10 16:39 - 2015-02-13 00:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-10 16:39 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-10 16:39 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-10 16:39 - 2015-01-30 18:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-10 16:38 - 2015-02-25 22:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-10 16:38 - 2015-02-23 22:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-10 16:38 - 2015-02-23 21:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-10 16:38 - 2015-02-20 20:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-10 16:38 - 2015-02-20 19:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-10 16:38 - 2015-02-20 19:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-10 16:38 - 2015-02-20 19:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-10 16:38 - 2015-02-20 19:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-10 16:38 - 2015-02-20 18:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-10 16:38 - 2015-02-20 18:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-10 16:38 - 2015-02-19 22:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-10 16:38 - 2015-02-19 22:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-10 16:38 - 2015-02-19 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-10 16:38 - 2015-02-19 21:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-10 16:38 - 2015-02-19 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-10 16:38 - 2015-02-19 21:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-10 16:38 - 2015-02-19 21:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-10 16:38 - 2015-02-19 21:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-10 16:38 - 2015-02-19 21:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-10 16:38 - 2015-02-19 21:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-10 16:38 - 2015-02-19 21:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-10 16:38 - 2015-02-19 21:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-10 16:38 - 2015-02-19 21:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-10 16:38 - 2015-02-19 21:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-10 16:38 - 2015-02-19 21:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-10 16:38 - 2015-02-19 21:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-10 16:38 - 2015-02-19 21:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-10 16:38 - 2015-02-19 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 16:38 - 2015-02-19 21:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-10 16:38 - 2015-02-19 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-10 16:38 - 2015-02-19 21:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-10 16:38 - 2015-02-19 21:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-10 16:38 - 2015-02-19 21:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-10 16:38 - 2015-02-19 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-10 16:38 - 2015-02-19 21:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-10 16:38 - 2015-02-19 21:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-10 16:38 - 2015-02-19 21:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-10 16:38 - 2015-02-19 20:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-10 16:38 - 2015-02-19 20:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-10 16:38 - 2015-02-19 20:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-10 16:38 - 2015-02-19 20:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-10 16:38 - 2015-02-19 20:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-10 16:38 - 2015-02-19 20:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-10 16:38 - 2015-02-19 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-10 16:38 - 2015-02-19 20:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-10 16:38 - 2015-02-19 20:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-10 16:38 - 2015-02-19 20:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-10 16:38 - 2015-02-19 20:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-10 16:38 - 2015-02-19 20:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-10 16:38 - 2015-02-19 20:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-10 16:38 - 2015-02-19 20:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-10 16:38 - 2015-02-19 20:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-10 16:38 - 2015-02-19 20:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-10 16:38 - 2015-02-19 20:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-10 16:38 - 2015-02-19 20:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-10 16:38 - 2015-02-19 19:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-10 16:38 - 2015-02-19 19:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-10 16:38 - 2015-02-02 22:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-10 16:38 - 2015-02-02 22:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-10 16:38 - 2015-01-16 21:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-10 16:38 - 2015-01-16 21:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-09 15:55 - 2015-03-09 15:55 - 00001051 _____ () C:\Users\Chris\Downloads\Download-setup.website
2015-03-07 03:38 - 2015-03-07 03:38 - 00012161 _____ () C:\Users\Chris\Downloads\DKSalaries.csv
2015-03-03 14:41 - 2015-01-08 22:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-03-03 14:41 - 2015-01-08 22:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-03-03 14:41 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-03-03 14:41 - 2015-01-08 21:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-02-28 08:27 - 2015-02-28 08:27 - 00103880 _____ () C:\Users\Chris\Downloads\PopcornTime - Movies (2).zip
2015-02-28 08:27 - 2015-02-28 08:27 - 00103880 _____ () C:\Users\Chris\Downloads\PopcornTime - Movies (1).zip
2015-02-28 08:26 - 2015-02-28 08:27 - 00103880 _____ () C:\Users\Chris\Downloads\PopcornTime - Movies.zip
2015-02-26 04:01 - 2015-01-08 18:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-26 04:01 - 2015-01-08 18:43 - 00419936 _____ () C:\windows\system32\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-26 22:52 - 2009-07-13 23:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-26 22:52 - 2009-07-13 23:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-26 22:45 - 2015-02-19 13:47 - 00002331 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-03-26 22:45 - 2011-07-14 14:15 - 00000000 ___RD () C:\Users\Chris\Dropbox
2015-03-26 22:45 - 2011-07-14 14:14 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Dropbox
2015-03-26 22:44 - 2011-05-23 02:46 - 00000000 ____D () C:\Users\Chris\Tracing
2015-03-26 22:43 - 2011-02-02 19:11 - 00000892 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-26 22:43 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-26 22:43 - 2009-07-13 23:51 - 00080083 _____ () C:\windows\setupact.log
2015-03-26 22:42 - 2010-09-14 21:08 - 01747892 _____ () C:\windows\WindowsUpdate.log
2015-03-26 22:42 - 2010-08-18 12:58 - 00533524 _____ () C:\windows\PFRO.log
2015-03-26 22:31 - 2010-08-18 13:02 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-03-26 22:28 - 2013-08-11 03:25 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-26 22:23 - 2011-02-02 19:11 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google
2015-03-26 22:20 - 2014-11-17 16:35 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-03-26 22:11 - 2011-02-02 19:11 - 00000896 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-26 22:11 - 2009-07-13 22:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-03-26 22:08 - 2012-06-08 04:41 - 00002265 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-26 22:08 - 2012-06-08 04:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-26 22:07 - 2011-07-14 13:22 - 00000000 ____D () C:\Users\Chris\AppData\Local\Deployment
2015-03-26 22:06 - 2011-02-02 19:11 - 00003892 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-26 22:06 - 2011-02-02 19:11 - 00003640 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-26 22:06 - 2011-02-02 19:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-26 13:35 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2015-03-26 04:17 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2015-03-26 03:23 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-26 03:23 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-25 03:29 - 2014-12-10 04:20 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-25 03:29 - 2014-05-10 22:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-25 01:15 - 2010-08-18 13:22 - 00000000 ____D () C:\ProgramData\Norton
2015-03-25 00:55 - 2014-05-07 03:39 - 00000000 ____D () C:\Users\Chris\Desktop\Cbb Promo
2015-03-23 20:08 - 2009-07-14 00:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-21 18:39 - 2011-02-14 01:14 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2015-03-18 03:59 - 2015-01-29 16:36 - 00000000 ____D () C:\Program Files\ChromeEnhancer
2015-03-18 03:38 - 2015-01-29 16:36 - 00000726 _____ () C:\CE.txt
2015-03-11 04:20 - 2011-07-14 14:15 - 00001027 _____ () C:\Users\Chris\Desktop\Dropbox.lnk
2015-03-11 04:20 - 2011-07-14 14:14 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-11 04:11 - 2009-07-13 23:45 - 02945664 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-11 03:14 - 2010-08-18 13:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-04 04:19 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\tracing
2015-02-24 04:17 - 2011-03-07 02:11 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-03-21 17:48 - 2015-03-21 18:38 - 0223573 _____ () C:\Users\Chris\AppData\Local\ars.cache
2015-03-21 17:49 - 2015-03-21 18:38 - 0503305 _____ () C:\Users\Chris\AppData\Local\census.cache
2015-03-21 17:21 - 2015-03-21 17:21 - 0000036 _____ () C:\Users\Chris\AppData\Local\housecall.guid.cache
2015-02-17 17:50 - 2015-02-17 17:50 - 0628496 _____ (CMI Limited) C:\Users\Chris\AppData\Local\nsd6F9C.tmp
2014-11-17 16:35 - 2014-11-17 16:46 - 0000003 _____ () C:\Users\Chris\AppData\Local\proxy.log
2015-03-21 17:38 - 2015-03-21 18:28 - 0000010 _____ () C:\Users\Chris\AppData\Local\sponge.last.runtime.cache
2011-06-29 03:15 - 2011-06-29 03:15 - 0000000 _____ () C:\Users\Chris\AppData\Local\{226C4828-1DB1-41BF-B2AF-1862F7258298}
2012-01-22 04:11 - 2012-01-22 04:11 - 0000000 _____ () C:\Users\Chris\AppData\Local\{46DC16C0-8B3B-4B41-9589-8CD543D50D1E}
2011-12-25 13:52 - 2011-12-25 13:52 - 0000000 _____ () C:\Users\Chris\AppData\Local\{BBDEBA31-547D-4CAE-9B5A-BF291D06745C}

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqgsuwe.dll
C:\Users\Chris\AppData\Local\Temp\Quarantine.exe
C:\Users\Chris\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-25 12:26

==================== End Of Log ============================


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP