We moved home recently. My workstation was absolutely fine and could connect to the internet until we moved. It took us a few months to sort out the new house. But,it does not connect by wired or wireless. We have done all trouble shooting including driver update, network card configuration, etc. I have a super slow mobile modem, which connects the internet on the workstation. I tried a couple of wireless cards, which they dont work on this machine, while working on other notebooks.
I suspect the motherboard is probably damaged on the move. But I want to check for any malware.
**********************
Rogue Killer
****************
RogueKiller V10.5.8.0 [Mar 30 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : SUNDARS PC [Administrator]
Started from : D:\DownloadSW\Utility\Utility Tools\RogueKiller.exe
Mode : Delete -- Date : 04/03/2015 15:58:07
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 4 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
¤¤¤ Web browsers : 4 ¤¤¤
[FIREFX:Addon] tc02jb7q.default-1409742926604 : Mozilla Firefox hotfix [[email protected]] -> Deleted
[FIREFX:Addon] tc02jb7q.default-1409742926604 : [[email protected]] -> Deleted
[FIREFX:Addon] tc02jb7q.default-1409742926604 : [[email protected]] -> Deleted
[FIREFX:Addon] tc02jb7q.default-1409742926604 : [[email protected]] -> Deleted
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000AAKS-00A7B2 +++++
--- User ---
[MBR] 54c9ceed20e71e84d8aed651e3b87eaa
[BSP] 8f4f837cf063111c987661cb4b876d36 : Windows Vista/7/8 MBR Code
Partition table:
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: Volume0 +++++
--- User ---
[MBR] 7cfbe8da5b34b1df1fbe4479ed8b308d
[BSP] 3f324703398cc0971d7e50c4043ad58c : Unknown MBR Code
Partition table:
User = LL1 ... OK
Error reading LL2 MBR! ([57] The parameter is incorrect. )
+++++ PhysicalDrive2: Seagate Backup+ BL USB Device +++++
--- User ---
[MBR] eb74973ed0f09dff85091c646a19f0c8
[BSP] 7fc993aeb7489dfc16ccadb5352df364 : Empty MBR Code
Partition table:
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
============================================
RKreport_SCN_04032015_155704.log
*****************
TDS KILLER
***************
15:49:44.0822 0x16d4 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:49:47.0536 0x16d4 ============================================================
15:49:47.0536 0x16d4 Current date / time: 2015/04/03 15:49:47.0536
15:49:47.0536 0x16d4 SystemInfo:
15:49:47.0536 0x16d4
15:49:47.0536 0x16d4 OS Version: 6.1.7601 ServicePack: 1.0
15:49:47.0536 0x16d4 Product type: Workstation
15:49:47.0536 0x16d4 ComputerName: SUNDARSPC-PC
15:49:47.0536 0x16d4 UserName: SUNDARS PC
15:49:47.0536 0x16d4 Windows directory: C:\Windows
15:49:47.0536 0x16d4 System windows directory: C:\Windows
15:49:47.0536 0x16d4 Running under WOW64
15:49:47.0536 0x16d4 Processor architecture: Intel x64
15:49:47.0536 0x16d4 Number of processors: 4
15:49:47.0536 0x16d4 Page size: 0x1000
15:49:47.0536 0x16d4 Boot type: Normal boot
15:49:47.0536 0x16d4 ============================================================
15:49:49.0174 0x16d4 KLMD registered as C:\Windows\system32\drivers\44387259.sys
15:49:49.0673 0x16d4 System UUID: {B349395A-79C5-9C41-A26E-DD75BB06B92F}
15:49:50.0422 0x16d4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:50.0422 0x16d4 Drive \Device\Harddisk1\DR1 - Size: 0x15D51C00000 ( 1397.28 Gb ), SectorSize: 0x200, Cylinders: 0x2C882, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:50.0438 0x16d4 Drive \Device\Harddisk2\DR3 - Size: 0xE8E0DB5E00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:49:50.0812 0x16d4 ============================================================
15:49:50.0812 0x16d4 \Device\Harddisk0\DR0:
15:49:50.0812 0x16d4 MBR partitions:
15:49:50.0812 0x16d4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:49:50.0812 0x16d4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
15:49:50.0812 0x16d4 \Device\Harddisk1\DR1:
15:49:50.0812 0x16d4 MBR partitions:
15:49:50.0812 0x16d4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA8A5C3
15:49:50.0812 0x16d4 \Device\Harddisk2\DR3:
15:49:50.0812 0x16d4 MBR partitions:
15:49:50.0812 0x16d4 \Device\Harddisk2\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
15:49:50.0812 0x16d4 ============================================================
15:49:50.0828 0x16d4 C: <-> \Device\Harddisk0\DR0\Partition2
15:49:50.0843 0x16d4 D: <-> \Device\Harddisk1\DR1\Partition1
15:49:50.0906 0x16d4 G: <-> \Device\Harddisk2\DR3\Partition1
15:49:50.0906 0x16d4 ============================================================
15:49:50.0906 0x16d4 Initialize success
15:49:50.0906 0x16d4 ============================================================
15:50:13.0666 0x0464 ============================================================
15:50:13.0666 0x0464 Scan started
15:50:13.0666 0x0464 Mode: Manual;
15:50:13.0666 0x0464 ============================================================
15:50:13.0666 0x0464 KSN ping started
15:50:13.0697 0x0464 KSN ping finished: false
15:50:15.0975 0x0464 ================ Scan system memory ========================
15:50:15.0975 0x0464 System memory - ok
15:50:15.0975 0x0464 ================ Scan services =============================
15:50:16.0100 0x0464 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:50:16.0100 0x0464 1394ohci - ok
15:50:16.0225 0x0464 [ 76C0D63592621EB5E844D3B438AD4C4E, BD622A3804FC5CE6485EB1476F13D42F27BDADF65C1BDB67EC0B24FA49E8379C ] A6210 C:\Windows\system32\DRIVERS\A6210.sys
15:50:16.0271 0x0464 A6210 - ok
15:50:16.0318 0x0464 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:50:16.0318 0x0464 ACPI - ok
15:50:16.0349 0x0464 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:50:16.0349 0x0464 AcpiPmi - ok
15:50:16.0443 0x0464 [ 05A14823307ACBBB549CC8EA9C54143E, 0244B0628B86DFBCD30B0B961C7E2BFFDCEABCB57C5DEB25A701832A97786004 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
15:50:16.0459 0x0464 AcrSch2Svc - ok
15:50:16.0521 0x0464 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:50:16.0521 0x0464 AdobeARMservice - ok
15:50:16.0615 0x0464 [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:50:16.0615 0x0464 AdobeFlashPlayerUpdateSvc - ok
15:50:16.0661 0x0464 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:50:16.0677 0x0464 adp94xx - ok
15:50:16.0708 0x0464 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:50:16.0724 0x0464 adpahci - ok
15:50:16.0739 0x0464 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:50:16.0739 0x0464 adpu320 - ok
15:50:16.0771 0x0464 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:50:16.0771 0x0464 AeLookupSvc - ok
15:50:16.0802 0x0464 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
15:50:16.0802 0x0464 afcdp - ok
15:50:16.0911 0x0464 [ 587062408B495CFE12A4BBC6284F19D9, 5E78B8165BBA2BF82F2F1E66E95C4B354F2CF16A8DB6C933FA86A056B8439137 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
15:50:16.0958 0x0464 afcdpsrv - ok
15:50:17.0020 0x0464 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:50:17.0036 0x0464 AFD - ok
15:50:17.0067 0x0464 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:50:17.0067 0x0464 agp440 - ok
15:50:17.0098 0x0464 [ 913C625EB03E0F917BF934734369EC54, DF69D59B2570DAEBB39C217B59B713D5726AB32174FD01C83210A20255842365 ] ALCATELUSB C:\Windows\system32\Drivers\AlcatelUsb.sys
15:50:17.0098 0x0464 ALCATELUSB - ok
15:50:17.0114 0x0464 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:50:17.0114 0x0464 ALG - ok
15:50:17.0129 0x0464 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:50:17.0129 0x0464 aliide - ok
15:50:17.0145 0x0464 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:50:17.0145 0x0464 amdide - ok
15:50:17.0176 0x0464 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:50:17.0176 0x0464 AmdK8 - ok
15:50:17.0176 0x0464 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:50:17.0176 0x0464 AmdPPM - ok
15:50:17.0207 0x0464 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:50:17.0207 0x0464 amdsata - ok
15:50:17.0239 0x0464 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:50:17.0239 0x0464 amdsbs - ok
15:50:17.0254 0x0464 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:50:17.0254 0x0464 amdxata - ok
15:50:17.0270 0x0464 ANIWConnService - ok
15:50:17.0317 0x0464 [ 4CCF421E6C4B2A4CBCE000715911F7CC, DD544BDAA4D948495D690B0AE031AA8A25563F0E0A64B467E5081F5C207A3596 ] anodlwf C:\Windows\system32\DRIVERS\anodlwfx.sys
15:50:17.0317 0x0464 anodlwf - ok
15:50:17.0348 0x0464 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
15:50:17.0348 0x0464 AppID - ok
15:50:17.0348 0x0464 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:50:17.0363 0x0464 AppIDSvc - ok
15:50:17.0379 0x0464 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
15:50:17.0379 0x0464 Appinfo - ok
15:50:17.0473 0x0464 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:50:17.0473 0x0464 Apple Mobile Device - ok
15:50:17.0504 0x0464 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:50:17.0504 0x0464 AppMgmt - ok
15:50:17.0519 0x0464 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:50:17.0519 0x0464 arc - ok
15:50:17.0535 0x0464 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:50:17.0535 0x0464 arcsas - ok
15:50:17.0629 0x0464 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:50:17.0629 0x0464 aspnet_state - ok
15:50:17.0644 0x0464 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:50:17.0644 0x0464 AsyncMac - ok
15:50:17.0675 0x0464 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:50:17.0675 0x0464 atapi - ok
15:50:17.0707 0x0464 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:50:17.0722 0x0464 AudioEndpointBuilder - ok
15:50:17.0753 0x0464 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:50:17.0769 0x0464 AudioSrv - ok
15:50:17.0816 0x0464 [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
15:50:17.0816 0x0464 AVP - ok
15:50:17.0847 0x0464 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:50:17.0847 0x0464 AxInstSV - ok
15:50:17.0894 0x0464 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:50:17.0909 0x0464 b06bdrv - ok
15:50:17.0956 0x0464 [ A0D92A8E192C8D602E1F700A1E27CA11, D59AB96B23D5099B7A9126BA440AAD2BA547C0983DC30BFB8F10FDBD6202E8F0 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:50:17.0972 0x0464 b57nd60a - ok
15:50:18.0003 0x0464 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:50:18.0003 0x0464 BDESVC - ok
15:50:18.0003 0x0464 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:50:18.0003 0x0464 Beep - ok
15:50:18.0050 0x0464 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:50:18.0050 0x0464 BFE - ok
15:50:18.0112 0x0464 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:50:18.0112 0x0464 BITS - ok
15:50:18.0206 0x0464 [ 6E984D17526995C8FA9B65FFCE324A63, AFAB5004C333F90AC13769701D253F65EAE23D5B277DAD9C6EA8AF658374B48D ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
15:50:18.0221 0x0464 BlackBerry Device Manager - ok
15:50:18.0237 0x0464 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:50:18.0237 0x0464 blbdrive - ok
15:50:18.0315 0x0464 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:50:18.0315 0x0464 Bonjour Service - ok
15:50:18.0362 0x0464 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:50:18.0362 0x0464 bowser - ok
15:50:18.0377 0x0464 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:50:18.0377 0x0464 BrFiltLo - ok
15:50:18.0393 0x0464 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:50:18.0393 0x0464 BrFiltUp - ok
15:50:18.0424 0x0464 [ 42DDA1AF011996BC7091F0C99B3564A9, 02F8158AE7DE0A96D751698674E31E99CDBF3062710F8126E3D737B188EAD57D ] BrnFileLock c:\windows\system32\drivers\brnfilelock.sys
15:50:18.0424 0x0464 BrnFileLock - ok
15:50:18.0471 0x0464 [ DD8055DA488A87C6BBB8A8671EA2E01C, A1664170A9F97CD178BF2FF6A9B4BF687E52845801FEC989D2AC9023097AB243 ] BRN_APPGUARD_SERVICE C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe
15:50:18.0487 0x0464 BRN_APPGUARD_SERVICE - ok
15:50:18.0502 0x0464 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:50:18.0502 0x0464 Browser - ok
15:50:18.0533 0x0464 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:50:18.0533 0x0464 Brserid - ok
15:50:18.0549 0x0464 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:50:18.0549 0x0464 BrSerWdm - ok
15:50:18.0565 0x0464 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:50:18.0565 0x0464 BrUsbMdm - ok
15:50:18.0565 0x0464 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:50:18.0565 0x0464 BrUsbSer - ok
15:50:18.0580 0x0464 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:50:18.0596 0x0464 BTHMODEM - ok
15:50:18.0627 0x0464 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:50:18.0627 0x0464 bthserv - ok
15:50:18.0658 0x0464 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:50:18.0658 0x0464 cdfs - ok
15:50:18.0689 0x0464 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:50:18.0705 0x0464 cdrom - ok
15:50:18.0721 0x0464 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:50:18.0721 0x0464 CertPropSvc - ok
15:50:18.0736 0x0464 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:50:18.0736 0x0464 circlass - ok
15:50:18.0767 0x0464 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
15:50:18.0783 0x0464 CLFS - ok
15:50:18.0830 0x0464 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:50:18.0830 0x0464 clr_optimization_v2.0.50727_32 - ok
15:50:18.0861 0x0464 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:50:18.0877 0x0464 clr_optimization_v2.0.50727_64 - ok
15:50:18.0923 0x0464 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 c:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:50:18.0923 0x0464 clr_optimization_v4.0.30319_32 - ok
15:50:18.0939 0x0464 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 c:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:50:18.0939 0x0464 clr_optimization_v4.0.30319_64 - ok
15:50:18.0955 0x0464 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:50:18.0955 0x0464 CmBatt - ok
15:50:18.0970 0x0464 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:50:18.0970 0x0464 cmdide - ok
15:50:19.0017 0x0464 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
15:50:19.0033 0x0464 CNG - ok
15:50:19.0064 0x0464 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:50:19.0064 0x0464 Compbatt - ok
15:50:19.0079 0x0464 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:50:19.0079 0x0464 CompositeBus - ok
15:50:19.0095 0x0464 COMSysApp - ok
15:50:19.0095 0x0464 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:50:19.0095 0x0464 crcdisk - ok
15:50:19.0126 0x0464 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:50:19.0126 0x0464 CryptSvc - ok
15:50:19.0157 0x0464 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
15:50:19.0173 0x0464 CSC - ok
15:50:19.0204 0x0464 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
15:50:19.0220 0x0464 CscService - ok
15:50:19.0251 0x0464 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:50:19.0267 0x0464 DcomLaunch - ok
15:50:19.0298 0x0464 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:50:19.0313 0x0464 defragsvc - ok
15:50:19.0329 0x0464 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:50:19.0329 0x0464 DfsC - ok
15:50:19.0360 0x0464 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:50:19.0360 0x0464 Dhcp - ok
15:50:19.0376 0x0464 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:50:19.0376 0x0464 discache - ok
15:50:19.0391 0x0464 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:50:19.0391 0x0464 Disk - ok
15:50:19.0423 0x0464 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:50:19.0423 0x0464 Dnscache - ok
15:50:19.0485 0x0464 [ ECBFD9B64DD8EF5EA1B82FE49C71DC91, 4C47FD4E0989258230B6DA2004AA00CEF2A3559C90AA2679B715D62AF56A050B ] dnscrypt-proxy C:\DNSCRYPT\dnscrypt-proxy.exe
15:50:19.0485 0x0464 dnscrypt-proxy - ok
15:50:19.0516 0x0464 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:50:19.0516 0x0464 dot3svc - ok
15:50:19.0532 0x0464 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:50:19.0532 0x0464 DPS - ok
15:50:19.0563 0x0464 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:50:19.0563 0x0464 drmkaud - ok
15:50:19.0610 0x0464 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:50:19.0625 0x0464 DXGKrnl - ok
15:50:19.0657 0x0464 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:50:19.0657 0x0464 EapHost - ok
15:50:19.0766 0x0464 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:50:19.0844 0x0464 ebdrv - ok
15:50:19.0906 0x0464 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
15:50:19.0906 0x0464 EFS - ok
15:50:19.0937 0x0464 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:50:19.0969 0x0464 ehRecvr - ok
15:50:19.0984 0x0464 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:50:20.0000 0x0464 ehSched - ok
15:50:20.0031 0x0464 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:50:20.0047 0x0464 elxstor - ok
15:50:20.0062 0x0464 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:50:20.0062 0x0464 ErrDev - ok
15:50:20.0093 0x0464 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:50:20.0109 0x0464 EventSystem - ok
15:50:20.0125 0x0464 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:50:20.0125 0x0464 exfat - ok
15:50:20.0140 0x0464 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:50:20.0140 0x0464 fastfat - ok
15:50:20.0187 0x0464 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:50:20.0203 0x0464 Fax - ok
15:50:20.0203 0x0464 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:50:20.0203 0x0464 fdc - ok
15:50:20.0218 0x0464 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:50:20.0218 0x0464 fdPHost - ok
15:50:20.0234 0x0464 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:50:20.0234 0x0464 FDResPub - ok
15:50:20.0234 0x0464 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:50:20.0249 0x0464 FileInfo - ok
15:50:20.0249 0x0464 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:50:20.0249 0x0464 Filetrace - ok
15:50:20.0265 0x0464 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:50:20.0265 0x0464 flpydisk - ok
15:50:20.0359 0x0464 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:50:20.0390 0x0464 FltMgr - ok
15:50:20.0483 0x0464 [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
15:50:20.0515 0x0464 fltsrv - ok
15:50:20.0561 0x0464 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
15:50:20.0577 0x0464 FontCache - ok
15:50:20.0639 0x0464 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:50:20.0639 0x0464 FontCache3.0.0.0 - ok
15:50:20.0639 0x0464 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:50:20.0639 0x0464 FsDepends - ok
15:50:20.0655 0x0464 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:50:20.0655 0x0464 Fs_Rec - ok
15:50:20.0671 0x0464 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:50:20.0686 0x0464 fvevol - ok
15:50:20.0702 0x0464 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:50:20.0702 0x0464 gagp30kx - ok
15:50:20.0733 0x0464 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:50:20.0733 0x0464 GEARAspiWDM - ok
15:50:20.0764 0x0464 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:50:20.0764 0x0464 gpsvc - ok
15:50:20.0827 0x0464 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:50:20.0842 0x0464 gupdate - ok
15:50:20.0842 0x0464 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:50:20.0842 0x0464 gupdatem - ok
15:50:20.0873 0x0464 [ 57EE8E7C2487E4EA69276A305102EAA1, F0947C2AE77D600E8632BEB25F09BF3F231EA35AE27CDE7FB9640EC4350452D7 ] hcmon C:\Windows\system32\drivers\hcmon.sys
15:50:20.0873 0x0464 hcmon - ok
15:50:20.0889 0x0464 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:50:20.0889 0x0464 hcw85cir - ok
15:50:20.0936 0x0464 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:50:20.0951 0x0464 HdAudAddService - ok
15:50:20.0983 0x0464 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:50:20.0983 0x0464 HDAudBus - ok
15:50:20.0983 0x0464 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:50:20.0983 0x0464 HidBatt - ok
15:50:20.0998 0x0464 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:50:21.0014 0x0464 HidBth - ok
15:50:21.0014 0x0464 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:50:21.0014 0x0464 HidIr - ok
15:50:21.0029 0x0464 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:50:21.0029 0x0464 hidserv - ok
15:50:21.0061 0x0464 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:50:21.0061 0x0464 HidUsb - ok
15:50:21.0076 0x0464 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:50:21.0092 0x0464 hkmsvc - ok
15:50:21.0107 0x0464 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:50:21.0107 0x0464 HomeGroupListener - ok
15:50:21.0139 0x0464 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:50:21.0139 0x0464 HomeGroupProvider - ok
15:50:21.0154 0x0464 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:50:21.0170 0x0464 HpSAMD - ok
15:50:21.0201 0x0464 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:50:21.0232 0x0464 HTTP - ok
15:50:21.0248 0x0464 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:50:21.0248 0x0464 hwpolicy - ok
15:50:21.0263 0x0464 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:50:21.0279 0x0464 i8042prt - ok
15:50:21.0295 0x0464 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:50:21.0310 0x0464 iaStorV - ok
15:50:21.0357 0x0464 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:50:21.0388 0x0464 idsvc - ok
15:50:21.0404 0x0464 IEEtwCollectorService - ok
15:50:21.0435 0x0464 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:50:21.0435 0x0464 iirsp - ok
15:50:21.0497 0x0464 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:50:21.0513 0x0464 IKEEXT - ok
15:50:21.0529 0x0464 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:50:21.0544 0x0464 intelide - ok
15:50:21.0560 0x0464 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:50:21.0560 0x0464 intelppm - ok
15:50:21.0591 0x0464 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:50:21.0591 0x0464 IPBusEnum - ok
15:50:21.0607 0x0464 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:50:21.0607 0x0464 IpFilterDriver - ok
15:50:21.0638 0x0464 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:50:21.0653 0x0464 iphlpsvc - ok
15:50:21.0669 0x0464 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:50:21.0669 0x0464 IPMIDRV - ok
15:50:21.0685 0x0464 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:50:21.0685 0x0464 IPNAT - ok
15:50:21.0731 0x0464 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:50:21.0747 0x0464 iPod Service - ok
15:50:21.0763 0x0464 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:50:21.0763 0x0464 IRENUM - ok
15:50:21.0778 0x0464 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:50:21.0778 0x0464 isapnp - ok
15:50:21.0794 0x0464 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:50:21.0809 0x0464 iScsiPrt - ok
15:50:21.0841 0x0464 [ 7F928D5A5D1D843AAECE688E96963575, 2DF0C012A016A3E3BA92493B948C32F692AB571504DDB5385B9FDADD21A10565 ] jrdusbser C:\Windows\system32\DRIVERS\jrdusbser.sys
15:50:21.0841 0x0464 jrdusbser - ok
15:50:21.0872 0x0464 [ F1C98C1CAD82638DBDFA482BD64DD62C, 0BA847FB6ADCE92EDA4680EEAF3D14F1E4627BC6E3E34D7DC263B9E30A3E0DF7 ] JRDusbwwan C:\Windows\system32\DRIVERS\AlcatelUsbWwan.sys
15:50:21.0887 0x0464 JRDusbwwan - ok
15:50:21.0903 0x0464 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:50:21.0903 0x0464 kbdclass - ok
15:50:21.0934 0x0464 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:50:21.0934 0x0464 kbdhid - ok
15:50:21.0934 0x0464 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
15:50:21.0934 0x0464 KeyIso - ok
15:50:21.0997 0x0464 [ 783BEB99743BACB9586CCB70356449C5, CEE63FC2E7937B181743D4CFE837FFB29E3BF94BBA5394A3B5FFAF5142EF0D48 ] KeyScrambler C:\Windows\system32\drivers\keyscrambler.sys
15:50:21.0997 0x0464 KeyScrambler - ok
15:50:22.0028 0x0464 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
15:50:22.0043 0x0464 kl1 - ok
15:50:22.0075 0x0464 [ FEA38D7024CD9C27D58A862A19DCFA14, 522A15963A105AD551ED45E7BA2AFA7A90408FE7D349307A17F12FE761AFB903 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
15:50:22.0090 0x0464 KLIF - ok
15:50:22.0106 0x0464 [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
15:50:22.0106 0x0464 KLIM6 - ok
15:50:22.0121 0x0464 [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
15:50:22.0121 0x0464 klkbdflt - ok
15:50:22.0137 0x0464 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
15:50:22.0137 0x0464 klmouflt - ok
15:50:22.0153 0x0464 [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
15:50:22.0153 0x0464 kltdi - ok
15:50:22.0168 0x0464 [ 0E71FAED99892750DFE1C5237A6F8FE6, 786FEEEF637BC89FDED3DDEA2563144C7128E7C9582261B23F16B98D69149088 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
15:50:22.0168 0x0464 kneps - ok
15:50:22.0184 0x0464 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:50:22.0184 0x0464 KSecDD - ok
15:50:22.0215 0x0464 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:50:22.0215 0x0464 KSecPkg - ok
15:50:22.0246 0x0464 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:50:22.0246 0x0464 ksthunk - ok
15:50:22.0277 0x0464 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:50:22.0293 0x0464 KtmRm - ok
15:50:22.0324 0x0464 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:50:22.0324 0x0464 LanmanServer - ok
15:50:22.0355 0x0464 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:50:22.0371 0x0464 LanmanWorkstation - ok
15:50:22.0387 0x0464 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:50:22.0387 0x0464 lltdio - ok
15:50:22.0418 0x0464 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:50:22.0433 0x0464 lltdsvc - ok
15:50:22.0449 0x0464 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:50:22.0449 0x0464 lmhosts - ok
15:50:22.0465 0x0464 lmimirr - ok
15:50:22.0480 0x0464 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:50:22.0480 0x0464 LSI_FC - ok
15:50:22.0496 0x0464 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:50:22.0496 0x0464 LSI_SAS - ok
15:50:22.0511 0x0464 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:50:22.0511 0x0464 LSI_SAS2 - ok
15:50:22.0527 0x0464 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:50:22.0527 0x0464 LSI_SCSI - ok
15:50:22.0558 0x0464 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:50:22.0558 0x0464 luafv - ok
15:50:22.0574 0x0464 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:50:22.0589 0x0464 MBAMProtector - ok
15:50:22.0667 0x0464 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
15:50:22.0683 0x0464 MBAMScheduler - ok
15:50:22.0745 0x0464 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
15:50:22.0761 0x0464 MBAMService - ok
15:50:22.0808 0x0464 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:50:22.0808 0x0464 MBAMSwissArmy - ok
15:50:22.0870 0x0464 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:50:22.0886 0x0464 MBAMWebAccessControl - ok
15:50:22.0917 0x0464 [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
15:50:22.0933 0x0464 McComponentHostService - ok
15:50:22.0964 0x0464 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:50:22.0964 0x0464 Mcx2Svc - ok
15:50:22.0979 0x0464 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:50:22.0979 0x0464 megasas - ok
15:50:22.0995 0x0464 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:50:23.0011 0x0464 MegaSR - ok
15:50:23.0042 0x0464 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:50:23.0042 0x0464 MMCSS - ok
15:50:23.0057 0x0464 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:50:23.0057 0x0464 Modem - ok
15:50:23.0073 0x0464 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:50:23.0073 0x0464 monitor - ok
15:50:23.0104 0x0464 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:50:23.0104 0x0464 mouclass - ok
15:50:23.0135 0x0464 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:50:23.0135 0x0464 mouhid - ok
15:50:23.0151 0x0464 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:50:23.0151 0x0464 mountmgr - ok
15:50:23.0198 0x0464 [ 9038C370DA9764A8209415596A2A59B5, C8ED73BF1E24DF76BC54E2A56F77827397AD6E83D131D0AFC5B1E7D2C8EE8EBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:50:23.0198 0x0464 MozillaMaintenance - ok
15:50:23.0229 0x0464 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:50:23.0229 0x0464 mpio - ok
15:50:23.0260 0x0464 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:50:23.0260 0x0464 mpsdrv - ok
15:50:23.0291 0x0464 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:50:23.0307 0x0464 MpsSvc - ok
15:50:23.0338 0x0464 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:50:23.0338 0x0464 MRxDAV - ok
15:50:23.0354 0x0464 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:50:23.0369 0x0464 mrxsmb - ok
15:50:23.0385 0x0464 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:50:23.0385 0x0464 mrxsmb10 - ok
15:50:23.0401 0x0464 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:50:23.0401 0x0464 mrxsmb20 - ok
15:50:23.0432 0x0464 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:50:23.0432 0x0464 msahci - ok
15:50:23.0447 0x0464 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:50:23.0463 0x0464 msdsm - ok
15:50:23.0479 0x0464 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:50:23.0479 0x0464 MSDTC - ok
15:50:23.0494 0x0464 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:50:23.0494 0x0464 Msfs - ok
15:50:23.0510 0x0464 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:50:23.0510 0x0464 mshidkmdf - ok
15:50:23.0541 0x0464 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:50:23.0541 0x0464 msisadrv - ok
15:50:23.0572 0x0464 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:50:23.0572 0x0464 MSiSCSI - ok
15:50:23.0572 0x0464 msiserver - ok
15:50:23.0603 0x0464 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:50:23.0603 0x0464 MSKSSRV - ok
15:50:23.0603 0x0464 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:50:23.0603 0x0464 MSPCLOCK - ok
15:50:23.0619 0x0464 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:50:23.0619 0x0464 MSPQM - ok
15:50:23.0650 0x0464 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:50:23.0666 0x0464 MsRPC - ok
15:50:23.0681 0x0464 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:50:23.0681 0x0464 mssmbios - ok
15:50:23.0697 0x0464 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:50:23.0697 0x0464 MSTEE - ok
15:50:23.0713 0x0464 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:50:23.0713 0x0464 MTConfig - ok
15:50:23.0728 0x0464 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:50:23.0728 0x0464 Mup - ok
15:50:23.0759 0x0464 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:50:23.0759 0x0464 napagent - ok
15:50:23.0791 0x0464 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:50:23.0806 0x0464 NativeWifiP - ok
15:50:23.0869 0x0464 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:50:23.0884 0x0464 NDIS - ok
15:50:23.0900 0x0464 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:50:23.0900 0x0464 NdisCap - ok
15:50:23.0931 0x0464 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:50:23.0931 0x0464 NdisTapi - ok
15:50:23.0947 0x0464 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:50:23.0947 0x0464 Ndisuio - ok
15:50:23.0962 0x0464 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:50:23.0978 0x0464 NdisWan - ok
15:50:23.0993 0x0464 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:50:23.0993 0x0464 NDProxy - ok
15:50:24.0025 0x0464 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
15:50:24.0025 0x0464 Netaapl - ok
15:50:24.0040 0x0464 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:50:24.0040 0x0464 NetBIOS - ok
15:50:24.0071 0x0464 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:50:24.0087 0x0464 NetBT - ok
15:50:24.0149 0x0464 [ 6D5405A8DB7E14034BB1FCD5AE0E7C8C, A3BF30B279054E73C773CB6996E897799664CB017E9C11C36410487F100F8BA6 ] NetgearSwitchUSB C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe
15:50:24.0165 0x0464 NetgearSwitchUSB - ok
15:50:24.0181 0x0464 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
15:50:24.0181 0x0464 Netlogon - ok
15:50:24.0196 0x0464 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:50:24.0212 0x0464 Netman - ok
15:50:24.0243 0x0464 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:24.0243 0x0464 NetMsmqActivator - ok
15:50:24.0259 0x0464 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:24.0259 0x0464 NetPipeActivator - ok
15:50:24.0305 0x0464 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:50:24.0321 0x0464 netprofm - ok
15:50:24.0383 0x0464 [ A12AF861C33A1D00CD66B8A325314A38, CF48458F92968E69C489D16E17DEB6C7309C8C67723AC27FC87D9329E5893B26 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
15:50:24.0415 0x0464 netr28ux - ok
15:50:24.0415 0x0464 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:24.0415 0x0464 NetTcpActivator - ok
15:50:24.0430 0x0464 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:24.0430 0x0464 NetTcpPortSharing - ok
15:50:24.0446 0x0464 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:50:24.0446 0x0464 nfrd960 - ok
15:50:24.0493 0x0464 [ F76EFDDBEB1F07F37917CA07965B2903, 65FF7239D770B7C158D7B92A9C267CA9DFCFF6F36BB0617FE1C35D442A49E335 ] NitroDriverReadSpool9 C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
15:50:24.0508 0x0464 NitroDriverReadSpool9 - ok
15:50:24.0524 0x0464 [ 00A7C3AF3EDD4F5F2B2B1CE7D7FDD674, 88633C3D4628AF3F9438C16738640B4CD68B83CD9407C94D8EA8C2AAAA8D023F ] NitroUpdateService C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
15:50:24.0539 0x0464 NitroUpdateService - ok
15:50:24.0571 0x0464 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:50:24.0571 0x0464 NlaSvc - ok
15:50:24.0617 0x0464 [ C2AACB686395B90E856B2AF85A5F1DA2, D9D80EB6E18D021CE3BDF1B70A6A3AE3E126C9561C168150CF0D5445B45E41B3 ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
15:50:24.0617 0x0464 nlsX86cc - ok
15:50:24.0649 0x0464 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Windows\SysWOW64\NMSAccessU.exe
15:50:24.0649 0x0464 NMSAccess - ok
15:50:24.0695 0x0464 [ 109338286793775088CB5A3A13C874DB, BAB7187980B7783618CBE721F71052C1A1C70DC7ADCF126ACDBE480D75393648 ] NPF C:\Windows\syswow64\drivers\aztech_npf64.sys
15:50:24.0695 0x0464 NPF - ok
15:50:24.0711 0x0464 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:50:24.0711 0x0464 Npfs - ok
15:50:24.0727 0x0464 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:50:24.0727 0x0464 nsi - ok
15:50:24.0742 0x0464 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:50:24.0742 0x0464 nsiproxy - ok
15:50:24.0805 0x0464 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:50:24.0851 0x0464 Ntfs - ok
15:50:24.0867 0x0464 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:50:24.0867 0x0464 Null - ok
15:50:25.0226 0x0464 [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:50:25.0397 0x0464 nvlddmkm - ok
15:50:25.0444 0x0464 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:50:25.0444 0x0464 nvraid - ok
15:50:25.0491 0x0464 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:50:25.0491 0x0464 nvstor - ok
15:50:25.0585 0x0464 [ EFA53C374227431FBB686622003145BB, 45FC7B3AF13E99832B6A50DDC5B1B446DBB782E8C68A3C927AA82E802ECA2C74 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:50:25.0600 0x0464 nvsvc - ok
15:50:25.0631 0x0464 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:50:25.0663 0x0464 nv_agp - ok
15:50:25.0756 0x0464 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:50:25.0772 0x0464 odserv - ok
15:50:25.0787 0x0464 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:50:25.0803 0x0464 ohci1394 - ok
15:50:25.0834 0x0464 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:50:25.0834 0x0464 ose - ok
15:50:25.0850 0x0464 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:50:25.0865 0x0464 p2pimsvc - ok
15:50:25.0912 0x0464 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:50:25.0928 0x0464 p2psvc - ok
15:50:25.0943 0x0464 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:50:25.0943 0x0464 Parport - ok
15:50:25.0959 0x0464 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:50:25.0959 0x0464 partmgr - ok
15:50:26.0006 0x0464 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:50:26.0006 0x0464 PcaSvc - ok
15:50:26.0021 0x0464 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:50:26.0021 0x0464 pci - ok
15:50:26.0037 0x0464 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:50:26.0037 0x0464 pciide - ok
15:50:26.0053 0x0464 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:50:26.0068 0x0464 pcmcia - ok
15:50:26.0068 0x0464 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:50:26.0068 0x0464 pcw - ok
15:50:26.0099 0x0464 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:50:26.0131 0x0464 PEAUTH - ok
15:50:26.0177 0x0464 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:50:26.0209 0x0464 PeerDistSvc - ok
15:50:26.0224 0x0464 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:50:26.0224 0x0464 PerfHost - ok
15:50:26.0287 0x0464 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:50:26.0333 0x0464 pla - ok
15:50:26.0365 0x0464 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:50:26.0365 0x0464 PlugPlay - ok
15:50:26.0380 0x0464 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:50:26.0380 0x0464 PNRPAutoReg - ok
15:50:26.0396 0x0464 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:50:26.0396 0x0464 PNRPsvc - ok
15:50:26.0427 0x0464 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:50:26.0458 0x0464 PolicyAgent - ok
15:50:26.0474 0x0464 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:50:26.0474 0x0464 Power - ok
15:50:26.0505 0x0464 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:50:26.0505 0x0464 PptpMiniport - ok
15:50:26.0536 0x0464 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:50:26.0536 0x0464 Processor - ok
15:50:26.0567 0x0464 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:50:26.0583 0x0464 ProfSvc - ok
15:50:26.0583 0x0464 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:50:26.0599 0x0464 ProtectedStorage - ok
15:50:26.0614 0x0464 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:50:26.0630 0x0464 Psched - ok
15:50:26.0677 0x0464 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
15:50:26.0677 0x0464 PSI - ok
15:50:26.0723 0x0464 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:50:26.0770 0x0464 ql2300 - ok
15:50:26.0786 0x0464 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:50:26.0786 0x0464 ql40xx - ok
15:50:26.0817 0x0464 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:50:26.0833 0x0464 QWAVE - ok
15:50:26.0833 0x0464 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:50:26.0833 0x0464 QWAVEdrv - ok
15:50:26.0848 0x0464 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:50:26.0848 0x0464 RasAcd - ok
15:50:26.0879 0x0464 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:50:26.0879 0x0464 RasAgileVpn - ok
15:50:26.0879 0x0464 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:50:26.0895 0x0464 RasAuto - ok
15:50:26.0911 0x0464 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:50:26.0926 0x0464 Rasl2tp - ok
15:50:26.0958 0x0464 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:50:26.0958 0x0464 RasMan - ok
15:50:26.0973 0x0464 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:50:26.0973 0x0464 RasPppoe - ok
15:50:26.0989 0x0464 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:50:26.0989 0x0464 RasSstp - ok
15:50:27.0004 0x0464 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:50:27.0020 0x0464 rdbss - ok
15:50:27.0020 0x0464 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:50:27.0020 0x0464 rdpbus - ok
15:50:27.0036 0x0464 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:50:27.0036 0x0464 RDPCDD - ok
15:50:27.0067 0x0464 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:50:27.0067 0x0464 RDPDR - ok
15:50:27.0082 0x0464 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:50:27.0082 0x0464 RDPENCDD - ok
15:50:27.0098 0x0464 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:50:27.0098 0x0464 RDPREFMP - ok
15:50:27.0145 0x0464 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:50:27.0160 0x0464 RdpVideoMiniport - ok
15:50:27.0176 0x0464 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:50:27.0192 0x0464 RDPWD - ok
15:50:27.0207 0x0464 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:50:27.0223 0x0464 rdyboost - ok
15:50:27.0238 0x0464 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:50:27.0238 0x0464 RemoteAccess - ok
15:50:27.0270 0x0464 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:50:27.0270 0x0464 RemoteRegistry - ok
15:50:27.0301 0x0464 [ 010C9C26AF2464023D1F084975E69F80, 52404C1FA02CDBD5787C80F417E770D4C467FA70F58382FCFD17ABD4BDC076DC ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:50:27.0301 0x0464 RimUsb - ok
15:50:27.0316 0x0464 [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:50:27.0316 0x0464 RimVSerPort - ok
15:50:27.0332 0x0464 [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:50:27.0332 0x0464 ROOTMODEM - ok
15:50:27.0363 0x0464 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:50:27.0363 0x0464 RpcEptMapper - ok
15:50:27.0379 0x0464 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:50:27.0379 0x0464 RpcLocator - ok
15:50:27.0410 0x0464 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:50:27.0426 0x0464 RpcSs - ok
15:50:27.0441 0x0464 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:50:27.0441 0x0464 rspndr - ok
15:50:27.0504 0x0464 [ B358C047E081AC70035017BD1D7ED818, D52455156F2913C5A88B18EC76C4C10B3589FE95F9735DD687A0307FA00FF500 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:50:27.0519 0x0464 RTL8167 - ok
15:50:27.0535 0x0464 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:50:27.0535 0x0464 s3cap - ok
15:50:27.0550 0x0464 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
15:50:27.0550 0x0464 SamSs - ok
15:50:27.0566 0x0464 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:50:27.0566 0x0464 sbp2port - ok
15:50:27.0582 0x0464 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:50:27.0582 0x0464 SCardSvr - ok
15:50:27.0613 0x0464 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:50:27.0613 0x0464 scfilter - ok
15:50:27.0660 0x0464 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:50:27.0675 0x0464 Schedule - ok
15:50:27.0706 0x0464 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:50:27.0706 0x0464 SCPolicySvc - ok
15:50:27.0722 0x0464 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:50:27.0722 0x0464 SDRSVC - ok
15:50:27.0738 0x0464 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:50:27.0738 0x0464 secdrv - ok
15:50:27.0738 0x0464 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:50:27.0738 0x0464 seclogon - ok
15:50:27.0800 0x0464 [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
15:50:27.0831 0x0464 Secunia PSI Agent - ok
15:50:27.0862 0x0464 [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
15:50:27.0878 0x0464 Secunia Update Agent - ok
15:50:27.0894 0x0464 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:50:27.0909 0x0464 SENS - ok
15:50:27.0909 0x0464 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:50:27.0909 0x0464 SensrSvc - ok
15:50:27.0925 0x0464 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:50:27.0925 0x0464 Serenum - ok
15:50:27.0940 0x0464 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:50:27.0940 0x0464 Serial - ok
15:50:27.0940 0x0464 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:50:27.0956 0x0464 sermouse - ok
15:50:27.0972 0x0464 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:50:27.0972 0x0464 SessionEnv - ok
15:50:28.0003 0x0464 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:50:28.0003 0x0464 sffdisk - ok
15:50:28.0018 0x0464 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:50:28.0018 0x0464 sffp_mmc - ok
15:50:28.0034 0x0464 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:50:28.0034 0x0464 sffp_sd - ok
15:50:28.0034 0x0464 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:50:28.0050 0x0464 sfloppy - ok
15:50:28.0081 0x0464 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:50:28.0096 0x0464 SharedAccess - ok
15:50:28.0128 0x0464 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:50:28.0128 0x0464 ShellHWDetection - ok
15:50:28.0143 0x0464 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:50:28.0143 0x0464 SiSRaid2 - ok
15:50:28.0159 0x0464 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:50:28.0159 0x0464 SiSRaid4 - ok
15:50:28.0174 0x0464 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:50:28.0174 0x0464 SkypeUpdate - ok
15:50:28.0206 0x0464 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:50:28.0206 0x0464 Smb - ok
15:50:28.0252 0x0464 [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
15:50:28.0252 0x0464 snapman - ok
15:50:28.0268 0x0464 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:50:28.0268 0x0464 SNMPTRAP - ok
15:50:28.0284 0x0464 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:50:28.0284 0x0464 spldr - ok
15:50:28.0330 0x0464 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:50:28.0330 0x0464 Spooler - ok
15:50:28.0440 0x0464 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:50:28.0502 0x0464 sppsvc - ok
15:50:28.0518 0x0464 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:50:28.0518 0x0464 sppuinotify - ok
15:50:28.0580 0x0464 [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:50:28.0580 0x0464 SQLWriter - ok
15:50:28.0627 0x0464 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:50:28.0627 0x0464 srv - ok
15:50:28.0642 0x0464 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:50:28.0658 0x0464 srv2 - ok
15:50:28.0674 0x0464 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:50:28.0674 0x0464 srvnet - ok
15:50:28.0689 0x0464 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:50:28.0689 0x0464 SSDPSRV - ok
15:50:28.0705 0x0464 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:50:28.0705 0x0464 SstpSvc - ok
15:50:28.0720 0x0464 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:50:28.0720 0x0464 stexstor - ok
15:50:28.0752 0x0464 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:50:28.0767 0x0464 stisvc - ok
15:50:28.0798 0x0464 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:50:28.0798 0x0464 storflt - ok
15:50:28.0814 0x0464 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:50:28.0814 0x0464 storvsc - ok
15:50:28.0830 0x0464 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
15:50:28.0830 0x0464 swenum - ok
15:50:28.0845 0x0464 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:50:28.0876 0x0464 swprv - ok
15:50:29.0110 0x0464 [ 4BCC8ACE771AF417B9D4D640372033BC, 4ACDFF97EC67849922B7953C1D3DF4CE935F1CB8ABDA4BE22F0B2BCA39E52924 ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
15:50:29.0220 0x0464 syncagentsrv - ok
15:50:29.0251 0x0464 Synth3dVsc - ok
15:50:29.0313 0x0464 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:50:29.0344 0x0464 SysMain - ok
15:50:29.0376 0x0464 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:50:29.0376 0x0464 TabletInputService - ok
15:50:29.0407 0x0464 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:50:29.0407 0x0464 TapiSrv - ok
15:50:29.0422 0x0464 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:50:29.0422 0x0464 TBS - ok
15:50:29.0485 0x0464 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:50:29.0547 0x0464 Tcpip - ok
15:50:29.0610 0x0464 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:50:29.0641 0x0464 TCPIP6 - ok
15:50:29.0656 0x0464 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:50:29.0672 0x0464 tcpipreg - ok
15:50:29.0688 0x0464 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:50:29.0703 0x0464 TDPIPE - ok
15:50:29.0766 0x0464 [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
15:50:29.0797 0x0464 tdrpman - ok
15:50:29.0812 0x0464 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:50:29.0828 0x0464 TDTCP - ok
15:50:29.0859 0x0464 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:50:29.0859 0x0464 tdx - ok
15:50:30.0031 0x0464 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
15:50:30.0109 0x0464 TeamViewer9 - ok
15:50:30.0140 0x0464 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
15:50:30.0140 0x0464 TermDD - ok
15:50:30.0187 0x0464 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:50:30.0187 0x0464 TermService - ok
15:50:30.0249 0x0464 [ AB10AFD7809ABA275A8E20F215C5C0BD, 566718AE01B4B46AD3CAE50B8F54D131FF8DFB13D28F592639D0572C74C8B168 ] TGCM_ImportWiFiSvc C:\Program Files (x86)\O2\Connection Manager\ImpWiFiSvc.exe
15:50:30.0249 0x0464 TGCM_ImportWiFiSvc - ok
15:50:30.0265 0x0464 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:50:30.0280 0x0464 Themes - ok
15:50:30.0296 0x0464 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:50:30.0296 0x0464 THREADORDER - ok
15:50:30.0343 0x0464 [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\Windows\system32\DRIVERS\tib.sys
15:50:30.0374 0x0464 tib - ok
15:50:30.0405 0x0464 [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter C:\Windows\system32\DRIVERS\tib_mounter.sys
15:50:30.0405 0x0464 tib_mounter - ok
15:50:30.0436 0x0464 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
15:50:30.0436 0x0464 TPM - ok
15:50:30.0452 0x0464 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:50:30.0452 0x0464 TrkWks - ok
15:50:30.0483 0x0464 [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
15:50:30.0483 0x0464 TrueSight - ok
15:50:30.0514 0x0464 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:50:30.0514 0x0464 TrustedInstaller - ok
15:50:30.0546 0x0464 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:50:30.0546 0x0464 tssecsrv - ok
15:50:30.0561 0x0464 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:50:30.0561 0x0464 TsUsbFlt - ok
15:50:30.0561 0x0464 tsusbhub - ok
15:50:30.0608 0x0464 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:50:30.0608 0x0464 tunnel - ok
15:50:30.0624 0x0464 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:50:30.0624 0x0464 uagp35 - ok
15:50:30.0655 0x0464 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:50:30.0670 0x0464 udfs - ok
15:50:30.0702 0x0464 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:50:30.0733 0x0464 UI0Detect - ok
15:50:30.0764 0x0464 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:50:30.0780 0x0464 uliagpkx - ok
15:50:30.0858 0x0464 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
15:50:30.0858 0x0464 umbus - ok
15:50:30.0904 0x0464 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:50:30.0904 0x0464 UmPass - ok
15:50:30.0920 0x0464 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:50:30.0920 0x0464 UmRdpService - ok
15:50:30.0951 0x0464 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:50:30.0951 0x0464 upnphost - ok
15:50:30.0982 0x0464 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:50:30.0982 0x0464 USBAAPL64 - ok
15:50:30.0998 0x0464 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:50:30.0998 0x0464 usbccgp - ok
15:50:31.0029 0x0464 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:50:31.0029 0x0464 usbcir - ok
15:50:31.0060 0x0464 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:50:31.0060 0x0464 usbehci - ok
15:50:31.0076 0x0464 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:50:31.0092 0x0464 usbhub - ok
15:50:31.0107 0x0464 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:50:31.0107 0x0464 usbohci - ok
15:50:31.0123 0x0464 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:50:31.0123 0x0464 usbprint - ok
15:50:31.0154 0x0464 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
15:50:31.0154 0x0464 usbscan - ok
15:50:31.0170 0x0464 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:50:31.0170 0x0464 USBSTOR - ok
15:50:31.0170 0x0464 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:50:31.0185 0x0464 usbuhci - ok
15:50:31.0201 0x0464 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:50:31.0201 0x0464 usb_rndisx - ok
15:50:31.0216 0x0464 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:50:31.0216 0x0464 UxSms - ok
15:50:31.0216 0x0464 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
15:50:31.0232 0x0464 VaultSvc - ok
15:50:31.0263 0x0464 [ 9C24F61B36E7305AC42DC41881A2C97C, 4800D9517D2AE7772784BC2E8A85F4516A1483B9A2F7C3FE96DFC65CD3089E06 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
15:50:31.0263 0x0464 VBoxNetAdp - ok
15:50:31.0279 0x0464 VBoxNetFlt - ok
15:50:31.0294 0x0464 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:50:31.0294 0x0464 vdrvroot - ok
15:50:31.0326 0x0464 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:50:31.0357 0x0464 vds - ok
15:50:31.0372 0x0464 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:50:31.0372 0x0464 vga - ok
15:50:31.0388 0x0464 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:50:31.0388 0x0464 VgaSave - ok
15:50:31.0388 0x0464 VGPU - ok
15:50:31.0419 0x0464 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:50:31.0419 0x0464 vhdmp - ok
15:50:31.0435 0x0464 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:50:31.0450 0x0464 viaide - ok
15:50:31.0466 0x0464 [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
15:50:31.0466 0x0464 vididr - ok
15:50:31.0482 0x0464 [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt C:\Windows\system32\DRIVERS\vidsflt.sys
15:50:31.0497 0x0464 vidsflt - ok
15:50:31.0528 0x0464 [ 29BDAD03D52587A1312B52DC1FABA1CD, C3EFD15C1D1ECF4ADB15EBDC77C39AE5C8DF6597F3194ED2BE8FB697B0BBB7AE ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
15:50:31.0544 0x0464 VMAuthdService - ok
15:50:31.0560 0x0464 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:50:31.0560 0x0464 vmbus - ok
15:50:31.0575 0x0464 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:50:31.0575 0x0464 VMBusHID - ok
15:50:31.0591 0x0464 [ 6203C901DEFF10631AAD919B3BD1489B, 2CF99A56EEBB444A30736982647FBECC037D03F4EC3A7B06C147FF62876F438B ] vmci C:\Windows\system32\DRIVERS\vmci.sys
15:50:31.0591 0x0464 vmci - ok
15:50:31.0622 0x0464 [ BCF80435A7DB12FC29A39DE35313434C, F8419622BE1787F9EEDC7513BEBD0C446A8FDF95A18F2F2AD8DF759B69720690 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
15:50:31.0622 0x0464 vmkbd - ok
15:50:31.0622 0x0464 [ AEF53B47E960F227BF7638A6A1A9D5C6, 21280177B404F27A5C9725AE50D6E8595CFFED59837741C9FEEF6013CE7C8CF6 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
15:50:31.0622 0x0464 VMnetAdapter - ok
15:50:31.0638 0x0464 [ C234A1DC2F06A15B9210787F54253810, B1A25D9F84752294BEE643EB9E17CC0538E5C26B7C741E32F7AEFE6514B1F5C6 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
15:50:31.0638 0x0464 VMnetBridge - ok
15:50:31.0638 0x0464 VMnetDHCP - ok
15:50:31.0653 0x0464 [ 60FD2002D27AA986AABDAD88E6389A16, 596DAC8BF9449DDB630635ED1E2084DDD96F28DC7CD63EDC6B00B4858D68B591 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
15:50:31.0653 0x0464 VMnetuserif - ok
15:50:31.0669 0x0464 [ 415B167695C4B5960A13098622EF3D80, E68AE845A6967E68FB22EB0F4D95631D041DA906801202F7662B22EAD34B2371 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
15:50:31.0684 0x0464 vmusb - ok
15:50:31.0716 0x0464 [ 37BED1FE8A5024AE47617DF335508C9B, C244407DCC95A9D76C2C724DC22036A3FAB4AC0E0C62556FD1603AC7F644D4EE ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
15:50:31.0731 0x0464 VMUSBArbService - ok
15:50:31.0747 0x0464 VMware NAT Service - ok
15:50:31.0747 0x0464 [ B5ADAAD05669023A7F4986FC804E9592, 0CADF2DFCA3BFBEC462A26BB82A08007FF4C89437F432454453A9DEEB1D0E329 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
15:50:31.0762 0x0464 vmx86 - ok
15:50:31.0762 0x0464 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:50:31.0778 0x0464 volmgr - ok
15:50:31.0809 0x0464 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:50:31.0825 0x0464 volmgrx - ok
15:50:31.0840 0x0464 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:50:31.0840 0x0464 volsnap - ok
15:50:31.0903 0x0464 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:50:31.0903 0x0464 vsmraid - ok
15:50:31.0918 0x0464 [ EF1E48D431223F670CFFD6169B1A136F, 7DEF32CA45019DD79438B93626C4F31BB903093D605F18F71E055319BF4BB41E ] vsock C:\Windows\system32\drivers\vsock.sys
15:50:31.0918 0x0464 vsock - ok
15:50:31.0981 0x0464 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:50:32.0028 0x0464 VSS - ok
15:50:32.0043 0x0464 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:50:32.0043 0x0464 vwifibus - ok
15:50:32.0059 0x0464 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:50:32.0059 0x0464 vwififlt - ok
15:50:32.0090 0x0464 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:50:32.0090 0x0464 vwifimp - ok
15:50:32.0121 0x0464 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:50:32.0137 0x0464 W32Time - ok
15:50:32.0152 0x0464 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:50:32.0152 0x0464 WacomPen - ok
15:50:32.0168 0x0464 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:50:32.0168 0x0464 WANARP - ok
15:50:32.0184 0x0464 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:50:32.0184 0x0464 Wanarpv6 - ok
15:50:32.0262 0x0464 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:50:32.0293 0x0464 WatAdminSvc - ok
15:50:32.0371 0x0464 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:50:32.0402 0x0464 wbengine - ok
15:50:32.0433 0x0464 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:50:32.0433 0x0464 WbioSrvc - ok
15:50:32.0449 0x0464 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:50:32.0464 0x0464 wcncsvc - ok
15:50:32.0464 0x0464 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:50:32.0480 0x0464 WcsPlugInService - ok
15:50:32.0496 0x0464 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:50:32.0496 0x0464 Wd - ok
15:50:32.0528 0x0464 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:50:32.0559 0x0464 Wdf01000 - ok
15:50:32.0575 0x0464 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:50:32.0590 0x0464 WdiServiceHost - ok
15:50:32.0590 0x0464 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:50:32.0606 0x0464 WdiSystemHost - ok
15:50:32.0668 0x0464 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:50:32.0684 0x0464 WebClient - ok
15:50:32.0699 0x0464 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:50:32.0699 0x0464 Wecsvc - ok
15:50:32.0715 0x0464 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:50:32.0715 0x0464 wercplsupport - ok
15:50:32.0731 0x0464 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:50:32.0746 0x0464 WerSvc - ok
15:50:32.0777 0x0464 [ 559284D49BA0A03F70DB82239CF2B23B, F5434F4735A8D2790208EBA1A4C83584A473705ACDC7AE7F88C77BDD67FAFF28 ] wfcs C:\Program Files\Windows Firewall Control\wfcs.exe
15:50:32.0777 0x0464 wfcs - ok
15:50:32.0809 0x0464 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:50:32.0809 0x0464 WfpLwf - ok
15:50:32.0824 0x0464 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:50:32.0824 0x0464 WIMMount - ok
15:50:32.0840 0x0464 WinDefend - ok
15:50:32.0855 0x0464 WinHttpAutoProxySvc - ok
15:50:32.0902 0x0464 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:50:32.0918 0x0464 Winmgmt - ok
15:50:32.0996 0x0464 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
15:50:33.0058 0x0464 WinRM - ok
15:50:33.0089 0x0464 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:50:33.0105 0x0464 WinUsb - ok
15:50:33.0136 0x0464 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:50:33.0152 0x0464 Wlansvc - ok
15:50:33.0167 0x0464 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:50:33.0183 0x0464 WmiAcpi - ok
15:50:33.0199 0x0464 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:50:33.0199 0x0464 wmiApSrv - ok
15:50:33.0214 0x0464 WMPNetworkSvc - ok
15:50:33.0230 0x0464 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:50:33.0245 0x0464 WPCSvc - ok
15:50:33.0261 0x0464 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:50:33.0261 0x0464 WPDBusEnum - ok
15:50:33.0308 0x0464 [ 38F209772630760E9C2358D6957C0576, AB6AD5FF97A987FFB4091028224A7F2404664FC5F9FD842922DD33CE09AE853A ] WRkrn C:\Windows\system32\drivers\WRkrn.sys
15:50:33.0308 0x0464 WRkrn - ok
15:50:33.0339 0x0464 [ B1525F4FF77AF44BF1B0E851C28A5F7D, E0D201241B104E5139832B0092C1ACFE26361B30B44DA13E81FB95716FA69E81 ] WRSVC C:\Program Files\Webroot\WRSA.exe
15:50:33.0355 0x0464 WRSVC - ok
15:50:33.0370 0x0464 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:50:33.0370 0x0464 ws2ifsl - ok
15:50:33.0401 0x0464 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:50:33.0401 0x0464 wscsvc - ok
15:50:33.0401 0x0464 WSearch - ok
15:50:33.0495 0x0464 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
15:50:33.0526 0x0464 wuauserv - ok
15:50:33.0557 0x0464 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:50:33.0557 0x0464 WudfPf - ok
15:50:33.0589 0x0464 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:50:33.0589 0x0464 WUDFRd - ok
15:50:33.0604 0x0464 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:50:33.0604 0x0464 wudfsvc - ok
15:50:33.0620 0x0464 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:50:33.0635 0x0464 WwanSvc - ok
15:50:33.0682 0x0464 ================ Scan global ===============================
15:50:33.0682 0x0464 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:50:33.0713 0x0464 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:50:33.0729 0x0464 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:50:33.0745 0x0464 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:50:33.0791 0x0464 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:50:33.0791 0x0464 [ Global ] - ok
15:50:33.0791 0x0464 ================ Scan MBR ==================================
15:50:33.0791 0x0464 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:50:33.0979 0x0464 \Device\Harddisk0\DR0 - ok
15:50:33.0979 0x0464 [ E64B2A49894D1FD5A0201870E3E41A51 ] \Device\Harddisk1\DR1
15:50:34.0010 0x0464 \Device\Harddisk1\DR1 - ok
15:50:34.0010 0x0464 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR3
15:50:34.0025 0x0464 \Device\Harddisk2\DR3 - ok
15:50:34.0025 0x0464 ================ Scan VBR ==================================
15:50:34.0025 0x0464 [ F97A45EA3C7864EA49B12073DCF6DA01 ] \Device\Harddisk0\DR0\Partition1
15:50:34.0025 0x0464 \Device\Harddisk0\DR0\Partition1 - ok
15:50:34.0041 0x0464 [ 2E2445606964527D83EBDAB901FD2AD3 ] \Device\Harddisk0\DR0\Partition2
15:50:34.0041 0x0464 \Device\Harddisk0\DR0\Partition2 - ok
15:50:34.0041 0x0464 [ 7301DD4F2B4EB4E2334F7ADD5BC9F278 ] \Device\Harddisk1\DR1\Partition1
15:50:34.0088 0x0464 \Device\Harddisk1\DR1\Partition1 - ok
15:50:34.0103 0x0464 [ 306203EA0B8933E668DEA8A3AE64ACA4 ] \Device\Harddisk2\DR3\Partition1
15:50:34.0525 0x0464 \Device\Harddisk2\DR3\Partition1 - ok
15:50:34.0525 0x0464 ================ Scan generic autorun ======================
15:50:34.0556 0x0464 [ 322B1B1C82D92BB017D9588357A5AA0B, 5B797ABCEBDBE4C95E6A54D8626DA07F8C285D9E43C0925B6CA2C4B54A424D44 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
15:50:34.0571 0x0464 Acronis Scheduler2 Service - ok
15:50:34.0852 0x0464 [ D7952C092447131478C1B1E808DFBBC1, E1547E2587BEC5E59C8B27D897FA852E580510EEA0289497986A3079B1D4508B ] C:\Program Files\Investintech.com Inc\Able2Extract 9.0\Able2Extract.PrnDisp.exe
15:50:34.0977 0x0464 Able2Extract 9.0 Print Dispatcher - ok
15:50:35.0039 0x0464 [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
15:50:35.0039 0x0464 AVP - ok
15:50:35.0102 0x0464 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:50:35.0117 0x0464 Adobe ARM - ok
15:50:35.0164 0x0464 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:50:35.0164 0x0464 APSDaemon - ok
15:50:35.0351 0x0464 [ 73FBABDB72DB4E3F372D1B813135C9C2, 0B9EC3F83A980D544546765E9CD867B64B7CF5AB7F785C69416449CDCD617138 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
15:50:35.0445 0x0464 TrueImageMonitor.exe - ok
15:50:35.0492 0x0464 [ E2BF5267333394516C74B1E9D88D989C, 143D40EEC41DE04AB604E5243C84BFFB178E063F8B6208C922C35A75F28CC5A3 ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
15:50:35.0507 0x0464 AcronisTibMounterMonitor - ok
15:50:35.0539 0x0464 [ B1525F4FF77AF44BF1B0E851C28A5F7D, E0D201241B104E5139832B0092C1ACFE26361B30B44DA13E81FB95716FA69E81 ] C:\Program Files\Webroot\WRSA.exe
15:50:35.0554 0x0464 WRSVC - ok
15:50:35.0601 0x0464 [ 07DACF8EE0581D188931E02CB7D50E1A, 4789520F8F5596CCC830D2C6B7C9592F156B298F9CA76EC9E0254D3499455367 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
15:50:35.0601 0x0464 RIMBBLaunchAgent.exe - ok
15:50:35.0648 0x0464 [ 3F744D5BCEF935B32B43BF7F83098032, 8152B47CB1B5966329C2C66DE0F137FBF7E5CE8D3AF56AD949BE737D5FE0AD17 ] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe
15:50:35.0663 0x0464 KeyScrambler - ok
15:50:35.0788 0x0464 [ 6AFC92C6F756CEEF40E6C7E00CC9FDB0, F7603C2C4909420E19D1DF4F59CB7E713424A682955E71522F2C72A4874F7403 ] C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe
15:50:35.0819 0x0464 AppGuardGUI - ok
15:50:35.0866 0x0464 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:50:35.0866 0x0464 iTunesHelper - ok
15:50:36.0007 0x0464 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:50:36.0007 0x0464 QuickTime Task - ok
15:50:36.0038 0x0464 [ 6D313E4121365B2ABEED5A93F9B197E5, 94CDAD27F1A362A23F6CE0D65881EB8753B7A3744DE127022DB77B4459EE1FD6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:50:36.0053 0x0464 SunJavaUpdateSched - ok
15:50:36.0085 0x0464 [ 2775EDE4F2EEB56D94AFC7D6D0E45A5D, 0AF265E9BD3DEFC4F66215CB7431D073CBD88DBAC8D96EF7F81294658F4D971A ] C:\Program Files (x86)\Alcatel\Alcatel USB Modem\AutoLauncher.exe
15:50:36.0085 0x0464 AlcatelAutoLauncher_O2 - ok
15:50:36.0303 0x0464 [ 8116E700D5B62746B2A715722415EC52, 1CF5AE32DE2A73DBBFA4C53486E762BDB73A7E18A83691B6C2D73A0768CDD314 ] C:\Program Files (x86)\NETGEAR\A6210\A6210.EXE
15:50:36.0381 0x0464 A6210 - ok
15:50:36.0459 0x0464 [ 5FCE678826ACCC54C2481FC3494AC515, 09FF16D2953F09BF58D2B3738F1B6008C113E17716596408FFF5E4E5C21442DC ] C:\Program Files (x86)\DrayTek Vigor N61\WLANmon.exe
15:50:36.0475 0x0464 DrayTek Vigor N61 802.11n Wireless USB Adapter - ok
15:50:36.0521 0x0464 [ 67890918105702D77CE72073E16F1153, 795F7DDB045EBEEF6591C97FFFB872E0527D8EE31394F24CA35AF9C668995076 ] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
15:50:36.0521 0x0464 ANIWZCS2Service - ok
15:50:36.0599 0x0464 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:50:36.0631 0x0464 Sidebar - ok
15:50:36.0646 0x0464 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:50:36.0646 0x0464 mctadmin - ok
15:50:36.0693 0x0464 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:50:36.0709 0x0464 Sidebar - ok
15:50:36.0709 0x0464 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:50:36.0724 0x0464 mctadmin - ok
15:50:36.0771 0x0464 [ 105C276BB7B43501225C419B062096D0, F5D35230FC5E116FB04147F216313D2E2542D96E975B19F5FD9F7641CF11271F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
15:50:36.0771 0x0464 ApplePhotoStreams - ok
15:50:36.0818 0x0464 [ F1DC2458DFC929331F2FE071EB17CFE8, 2A046F41DC0C2A72B425812D5EEBC5FF8B0970DB492646A979FA242ECB63CCD1 ] C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
15:50:36.0833 0x0464 MyDriveConnect.exe - ok
15:50:36.0849 0x0464 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
15:50:36.0865 0x0464 RESTART_STICKY_NOTES - ok
15:50:36.0880 0x0464 SandboxieControl - ok
15:50:36.0911 0x0464 [ A064A1D9CBD7F6959AAEAEAFF96DB2E9, F3DC0C0240FCE4FE7478093C415548297E49C349FE600D7F6CC1C655953C1D48 ] C:\Windows\system32\osk.exe
15:50:36.0927 0x0464 osk.exe - ok
15:50:36.0974 0x0464 AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
15:50:36.0974 0x0464 Win FW state via NFP2: enabled
15:50:36.0974 0x0464 ============================================================
15:50:36.0974 0x0464 Scan finished
15:50:36.0974 0x0464 ============================================================
15:50:37.0005 0x1790 Detected object count: 0
15:50:37.0005 0x1790 Actual detected object count: 0
****************
Combo Fix
********************
ComboFix 15-04-01.01 - SUNDARS PC 04/04/2015 0:53.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.12287.9952 [GMT 1:00]
Running from: d:\downloadsw\Utility\Utility Tools\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\windows\SysWow64\AdobePDF.dll
c:\windows\SysWow64\ccrpTmr6.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2015-03-04 to 2015-04-04 )))))))))))))))))))))))))))))))
.
.
2015-04-04 10:08 . 2015-04-04 10:08 -------- d-----w- d:\users\SUNDARS PC\AppData\Local\temp
2015-04-04 10:08 . 2015-04-04 10:08 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-04-04 10:08 . 2015-04-04 10:08 -------- d-----w- d:\users\ITunes Sundar\AppData\Local\temp
2015-04-03 14:48 . 2015-04-03 14:48 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-04-03 14:48 . 2015-04-03 14:59 -------- d-----w- c:\programdata\RogueKiller
2015-04-03 14:10 . 2014-07-09 08:18 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2015-04-03 14:10 . 2014-07-09 08:18 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2015-04-03 14:10 . 2014-07-09 08:18 769168 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2015-04-03 14:10 . 2015-04-03 14:10 -------- d-----w- c:\program files (x86)\Realtek
2015-04-02 15:40 . 2015-04-02 15:40 -------- d-----w- d:\users\SUNDARS PC\AppData\Roaming\InstallShield
2015-04-02 13:25 . 2015-04-02 13:25 -------- d-----w- c:\users\Administrator\AppData\Local\ElevatedDiagnostics
2015-04-02 11:33 . 2015-04-02 13:56 129752 ----a-w- c:\windows\system32\drivers\428A3AF7.sys
2015-03-31 19:22 . 2015-03-31 19:22 -------- d-----w- d:\users\SUNDARS PC\AppData\Roaming\2BrightSparks
2015-03-31 19:22 . 2011-05-31 18:03 20480 ----a-w- c:\windows\SysWow64\SyncBackPro.dll
2015-03-31 19:22 . 2009-01-12 07:15 71096 ----a-w- c:\windows\SysWow64\NMSAccessU.exe
2015-03-31 19:22 . 2015-03-31 19:22 -------- d-----w- d:\users\SUNDARS PC\AppData\Local\2BrightSparks
2015-03-31 19:22 . 2015-03-31 19:22 -------- d-----w- c:\program files (x86)\2BrightSparks
2015-03-30 22:43 . 2009-05-04 13:55 40208 ----a-w- c:\windows\SysWow64\drivers\aztech_npf64.sys
2015-03-30 22:43 . 2015-03-30 22:43 -------- d-----w- c:\program files (x86)\HomeplugAV
2015-03-30 22:43 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2015-03-30 22:43 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2015-03-30 22:43 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2015-03-30 22:43 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2015-03-30 22:43 . 2002-07-25 16:07 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2015-03-30 12:26 . 2015-03-30 23:03 129752 ----a-w- c:\windows\system32\drivers\0264792B.sys
2015-03-26 12:26 . 2015-03-26 12:26 0 ----a-w- d:\users\SUNDARS PC\AppData\Local\BITF9B1.tmp
2015-03-26 07:06 . 2015-03-26 07:06 129752 ----a-w- c:\windows\system32\drivers\67994B70.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-04 10:36 . 2014-04-19 23:30 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-02 16:34 . 2012-08-13 15:49 177864 ----a-w- c:\windows\system32\drivers\kneps.sys
2015-04-02 10:37 . 2013-12-10 17:41 151728 ----a-w- c:\windows\SysWow64\WRusr.dll
2015-04-02 10:37 . 2013-12-10 17:41 104360 ----a-w- c:\windows\system32\WRusr.dll
2015-04-02 10:36 . 2013-12-10 17:41 114720 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2015-03-30 23:21 . 2014-12-16 20:29 467224 ----a-w- c:\windows\system32\drivers\b57nd60a.sys
2015-02-02 09:52 . 2013-11-27 18:57 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-02 09:52 . 2013-11-27 18:57 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-02 09:52 . 2014-11-12 17:52 4087472 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-01-29 10:16 . 2015-01-28 09:27 129752 ----a-w- c:\windows\system32\drivers\573B5188.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\MyDriveConnect.exe" [2013-11-29 473496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2013-10-10 356128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2013-03-28 6366264]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1103440]
"WRSVC"="c:\program files\Webroot\WRSA.exe" [2013-12-10 757864]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2013-09-09 443408]
"KeyScrambler"="c:\program files (x86)\KeyScrambler\keyscrambler.exe" [2013-11-14 508144]
"AppGuardGUI"="c:\program files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe" [2014-08-11 2988256]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
"AlcatelAutoLauncher_O2"="c:\program files (x86)\Alcatel\Alcatel USB Modem\AutoLauncher.exe" [2012-10-12 133120]
"A6210"="c:\program files (x86)\NETGEAR\A6210\A6210.EXE" [2015-01-21 6214488]
"DrayTek Vigor N61 802.11n Wireless USB Adapter"="c:\program files (x86)\DrayTek Vigor N61\WLANmon.exe" [2009-10-30 827392]
"ANIWZCS2Service"="c:\program files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-10-19 102400]
.
d:\users\SUNDARS PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-3-4 42560368]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
OpenDNSCrypt.lnk - c:\windows\Installer\{E811D3DC-A647-4744-9CA6-BD4707D2808B}\_41100329364C94A5913B21.exe [2013-12-5 4710]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-12-6 565464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 A6210;NETGEAR A6210 USB Wireless LAN Card Driver;c:\windows\system32\DRIVERS\A6210.sys;c:\windows\SYSNATIVE\DRIVERS\A6210.sys [x]
R3 ALCATELUSB;Alcatel HSPA Modem Service;c:\windows\system32\Drivers\AlcatelUsb.sys;c:\windows\SYSNATIVE\Drivers\AlcatelUsb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys;c:\windows\SYSNATIVE\DRIVERS\jrdusbser.sys [x]
R3 JRDusbwwan;Alcatel USB-NDIS WWAN miniport;c:\windows\system32\DRIVERS\AlcatelUsbWwan.sys;c:\windows\SYSNATIVE\DRIVERS\AlcatelUsbWwan.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 dnscrypt-proxy;dnscrypt-proxy;c:\dnscrypt\dnscrypt-proxy.exe;c:\dnscrypt\dnscrypt-proxy.exe [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys;c:\windows\SYSNATIVE\drivers\WRkrn.sys [x]
S1 BrnFileLock;Blue Ridge Networks FileLock mini-filter driver;c:\windows\system32\drivers\brnfilelock.sys;c:\windows\SYSNATIVE\drivers\brnfilelock.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe;c:\windows\SYSNATIVE\ANIWConnService.exe [x]
S2 BRN_APPGUARD_SERVICE;Blue Ridge AppGuard Service;c:\program files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe;c:\program files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe [x]
S2 NetgearSwitchUSB;NetgearSwitchUSB;c:\program files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe;c:\program files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe [x]
S2 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;c:\program files\Nitro\Pro 9\NitroPDFDriverService9x64.exe;c:\program files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [x]
S2 NitroUpdateService;NitroUpdateService;c:\program files\Nitro\Pro 9\Nitro_UpdateService.exe;c:\program files\Nitro\Pro 9\Nitro_UpdateService.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\O2\Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\O2\Connection Manager\ImpWiFiSvc.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 wfcs;Windows Firewall Control;c:\program files\Windows Firewall Control\wfcs.exe;c:\program files\Windows Firewall Control\wfcs.exe [x]
S2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe;c:\program files\Webroot\WRSA.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys;c:\windows\SYSNATIVE\drivers\keyscrambler.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2015-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-27 09:52]
.
2015-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 15:15]
.
2015-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 15:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-03-28 01:59 2818848 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-03-28 01:59 2818848 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-03-28 01:59 2818848 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 516960]
"Able2Extract 9.0 Print Dispatcher"="c:\program files\Investintech.com Inc\Able2Extract 9.0\Able2Extract.PrnDisp.exe" [2014-12-08 9023816]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: books24x7.com
Trusted Zone: skillport.com
Trusted Zone: skillwsa.com
Trusted Zone: ultimatix.net\icalms
TCP: Interfaces\{D069F953-031D-4CCC-860A-9F8AD58B4496}: NameServer = 127.0.0.1
TCP: Interfaces\{DFD2CCC5-AB2C-4057-9408-1AB1A135237C}: NameServer = 127.0.0.1
FF - ProfilePath - d:\users\SUNDARS PC\AppData\Roaming\Mozilla\Firefox\Profiles\tc02jb7q.default-1409742926604\
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Wondershare\Wondershare Helper Compact\1684366662\*PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC*PROCESSOR_ARCHITECTURE=x86*PROCESSOR_ARCHITEW6432=AMD64*PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel*PROCESSOR_LEVEL=6*PROCESSOR_REVISION=170a*ProgramData=C:\Program]
"JoinUserExperience"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Wondershare\Wondershare Helper Compact\1919381362\am Files (x86)\DTN\IQFeed*PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC*PROCESSOR_ARCHITECTURE=x86*PROCESSOR_ARCHITEW6432=AMD64*PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel*PROCESSOR_LEVEL=6*PROCESSOR_REVISION=17]
"JoinUserExperience"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\ANIWConnService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\NMSAccessU.exe
c:\windows\SysWOW64\vmnat.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
d:\users\SUNDARS PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Completion time: 2015-04-04 11:56:17 - machine was rebooted
ComboFix-quarantined-files.txt 2015-04-04 10:55
.
Pre-Run: 402,119,790,592 bytes free
Post-Run: 402,534,453,248 bytes free
.
- - End Of File - - 0BDD404801FEF86182E757E1F7EC4113
A36C5E4F47E84449FF07ED3517B43A31
***************8
FARBAR TOOL - FRST
**********************
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by SUNDARS PC (administrator) on SUNDARSPC-PC on 13-06-2015 16:31:51
Running from D:\Users\SUNDARS PC\Desktop
Loaded Profiles: SUNDARS PC (Available Profiles: SUNDARS PC & ITunes Sundar & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Windows\SysWOW64\ANIWConnService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Blue Ridge Networks) C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Windows\SysWOW64\NMSAccessU.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Telefónica) C:\Program Files (x86)\O2\Connection Manager\ImpWiFiSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(BiniSoft.org) C:\Program Files\Windows Firewall Control\wfcs.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Investintech.com Inc.) C:\Program Files\Investintech.com Inc\Able2Extract 9.0\Able2Extract.PrnDisp.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(Blue Ridge Networks) C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Alcatel\Alcatel USB Modem\AutoLauncher.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\A6210\A6210.EXE
() C:\Program Files (x86)\DrayTek Vigor N61\WlanMon.exe
(Wireless Service) C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516960 2013-02-15] (Acronis)
HKLM\...\Run: [Able2Extract 9.0 Print Dispatcher] => C:\Program Files\Investintech.com Inc\Able2Extract 9.0\Able2Extract.PrnDisp.exe [9023816 2014-12-08] (Investintech.com Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6366264 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103440 2013-01-10] (Acronis)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [757864 2013-12-10] (Webroot)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [508144 2013-11-14] (QFX Software Corporation)
HKLM-x32\...\Run: [AppGuardGUI] => C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardGUI.exe [2988256 2014-08-11] (Blue Ridge Networks)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [AlcatelAutoLauncher_O2] => C:\Program Files (x86)\Alcatel\Alcatel USB Modem\AutoLauncher.exe [133120 2012-10-12] ()
HKLM-x32\...\Run: [A6210] => C:\Program Files (x86)\NETGEAR\A6210\A6210.EXE [6214488 2015-01-21] (NETGEAR)
HKLM-x32\...\Run: [DrayTek Vigor N61 802.11n Wireless USB Adapter] => C:\Program Files (x86)\DrayTek Vigor N61\WLANmon.exe [827392 2009-10-30] ()
HKLM-x32\...\Run: [ANIWZCS2Service] => C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [102400 2009-10-19] (Wireless Service)
HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: D:\Users\SUNDARS PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-20]
ShortcutTarget: Dropbox.lnk -> D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-629275367-314371585-4215095554-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-629275367-314371585-4215095554-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-629275367-314371585-4215095554-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...U218DHP&pc=U218
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-20] (Kaspersky Lab ZAO)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-22] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-22] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-20] (Kaspersky Lab ZAO)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-03] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-03] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-11] (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\..\Interfaces\{D069F953-031D-4CCC-860A-9F8AD58B4496}: [NameServer] 127.0.0.1
Tcpip\..\Interfaces\{DFD2CCC5-AB2C-4057-9408-1AB1A135237C}: [NameServer] 127.0.0.1
FireFox:
========
FF ProfilePath: D:\Users\SUNDARS PC\AppData\Roaming\Mozilla\Firefox\Profiles\tc02jb7q.default-1409742926604
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll [2015-02-02] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-02-02] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-22] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2013-11-06] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-629275367-314371585-4215095554-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: D:\Users\SUNDARS PC\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-11-14] (Cisco WebEx LLC)
FF Extension: Download Status Bar - D:\Users\SUNDARS PC\AppData\Roaming\Mozilla\Firefox\Profiles\tc02jb7q.default-1409742926604\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-09-03]
FF Extension: Adblock Plus - D:\Users\SUNDARS PC\AppData\Roaming\Mozilla\Firefox\Profiles\tc02jb7q.default-1409742926604\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-06-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-06-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013-06-09]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Nightly\firefox.exe
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-11-01]
CHR Extension: (Google Docs) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-22]
CHR Extension: (Google Drive) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-25]
CHR Extension: (WOT) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-11-01]
CHR Extension: (YouTube) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-22]
CHR Extension: (Abine TACO) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadbkmipeldjmjfcpcjibfjgflahmphk [2014-11-01]
CHR Extension: (Adblock Plus) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-01]
CHR Extension: (Google Search) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-22]
CHR Extension: (Kaspersky URL Advisor) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-02-03]
CHR Extension: (VTchromizer) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2014-11-01]
CHR Extension: (Blur) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-11-01]
CHR Extension: (Kaspersky Protection) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-02-03]
CHR Extension: (Poppit!) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-11-01]
CHR Extension: (Google Mail Checker) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-11-01]
CHR Extension: (Google Wallet) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-25]
CHR Extension: (Gmail) - D:\Users\SUNDARS PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-22]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx [2013-01-14]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.googl...dnajaicnklhfplh
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ANIWConnService; C:\Windows\SysWOW64\ANIWConnService.exe [147456 2009-02-11] () [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited) [File not signed]
R2 BRN_APPGUARD_SERVICE; C:\Program Files (x86)\Blue Ridge Networks\AppGuard\AppGuardAgent.exe [783072 2014-08-11] (Blue Ridge Networks)
S4 dnscrypt-proxy; C:\DNSCRYPT\dnscrypt-proxy.exe [258062 2013-12-05] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NetgearSwitchUSB; C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe [210648 2014-05-13] ()
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] ()
R2 NMSAccess; C:\Windows\SysWOW64\NMSAccessU.exe [71096 2009-01-12] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\O2\Connection Manager\ImpWiFiSvc.exe [201080 2011-06-14] (Telefónica)
R2 wfcs; C:\Program Files\Windows Firewall Control\wfcs.exe [78336 2013-12-24] (BiniSoft.org) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [757864 2013-12-10] (Webroot)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 A6210; C:\Windows\System32\DRIVERS\A6210.sys [2208984 2014-06-20] (Ralink Technology Corp.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2010-06-09] (Windows ® Codename Longhorn DDK provider)
S1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] () [File not signed]
R1 BrnFileLock; c:\windows\system32\drivers\brnfilelock.sys [79648 2014-06-13] (Blue Ridge Networks)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2012-03-31] (TCT International Mobile Ltd.)
S3 JRDusbwwan; C:\Windows\System32\DRIVERS\AlcatelUsbWwan.sys [228352 2010-08-05] (TCT International Mobile Ltd)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-20] (Kaspersky Lab ZAO) [File not signed]
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-04-02] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-06-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-12-06] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-12-06] (Acronis)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-04-03] ()
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-12-06] (Acronis International GmbH)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114720 2015-04-02] (Webroot)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-13 16:31 - 2015-06-13 16:32 - 00027624 _____ D:\Users\SUNDARS PC\Desktop\FRST.txt
2015-06-13 16:31 - 2015-06-13 16:31 - 00000000 ____D C:\FRST
2015-06-13 16:26 - 2015-06-13 16:26 - 02109952 _____ (Farbar) D:\Users\SUNDARS PC\Desktop\FRST64.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-13 16:32 - 2014-10-06 13:56 - 00000000 ____D C:\Windows TMP
2015-06-13 16:26 - 2014-10-19 16:15 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-13 16:10 - 2009-07-14 05:45 - 00013760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-13 16:10 - 2009-07-14 05:45 - 00013760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-13 16:06 - 2013-06-09 11:59 - 01651346 _____ C:\Windows\WindowsUpdate.log
2015-06-13 16:04 - 2014-10-19 16:15 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-13 16:04 - 2014-10-06 13:56 - 00000000 ____D C:\Windows TEMP
2015-06-13 16:04 - 2014-04-20 00:30 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-13 16:02 - 2014-03-04 20:28 - 00017209 _____ C:\Windows\setupact.log
2015-06-13 16:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-13 14:52 - 2013-11-27 19:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-13 12:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-13 12:39 - 2014-03-04 20:28 - 02357256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-13 12:30 - 2014-01-21 00:50 - 00000000 ___RD D:\Users\SUNDARS PC\Dropbox
2015-06-13 12:04 - 2014-01-21 00:47 - 00000000 ____D D:\Users\SUNDARS PC\AppData\Roaming\Dropbox
==================== Files in the root of some directories =======
2015-04-02 16:43 - 2015-04-02 16:43 - 0003284 _____ () D:\Users\SUNDARS PC\AppData\Roaming\ANIWZCS{57EBEEAA-7AB5-4156-B13C-0830C39151A4}
2015-01-29 11:58 - 2015-02-03 15:02 - 0003284 _____ () D:\Users\SUNDARS PC\AppData\Roaming\ANIWZCS{624826FE-7B9A-4414-9232-8E1185407EB2}
2013-12-29 14:06 - 2014-01-03 14:08 - 0000154 _____ () D:\Users\SUNDARS PC\AppData\Roaming\Rim.Desktop.Exception.log
2013-12-29 14:04 - 2014-05-28 08:24 - 0002021 _____ () D:\Users\SUNDARS PC\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-12-29 14:06 - 2014-01-03 14:08 - 0000154 _____ () D:\Users\SUNDARS PC\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-03-26 13:26 - 2015-03-26 13:26 - 0000000 _____ () D:\Users\SUNDARS PC\AppData\Local\BITF9B1.tmp
2014-01-09 12:34 - 2015-01-16 19:59 - 0005296 _____ () D:\Users\SUNDARS PC\AppData\Local\tcNSISDump.Log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-13 13:12
==================== End of log ============================
******************
FARBAR TOOL - ADDITIONS
********************
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by SUNDARS PC at 2015-06-13 16:32:24
Running from D:\Users\SUNDARS PC\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-629275367-314371585-4215095554-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-629275367-314371585-4215095554-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-629275367-314371585-4215095554-1007 - Limited - Enabled)
ITunes Sundar (S-1-5-21-629275367-314371585-4215095554-1008 - Limited - Enabled) => D:\Users\ITunes Sundar
SUNDARS PC (S-1-5-21-629275367-314371585-4215095554-1001 - Administrator - Enabled) => D:\Users\SUNDARS PC
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Able2Extract 9.0 (HKLM\...\{98A71953-B535-4E63-897B-EC9B2FC46376}_is1) (Version: 9.0 - Investintech.com Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Alcatel USB Modem (HKLM-x32\...\{2E35E738-75E8-4C31-8E04-2564619DC7D5}) (Version: 1.002.00001 - Alcatel)
AmiBroker 5.60.3 x64 (HKLM\...\AmiBroker64_is1) (Version: 5.60 - AmiBroker.com)
ANIWZCS2 Service (HKLM-x32\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BlackBerry Device Software Updater (HKLM-x32\...\{334147DC-B3C8-4626-A985-4AEA8A36DAB6}) (Version: 8.0.0.41 - Research In Motion Ltd)
Blue Ridge Networks AppGuard (HKLM-x32\...\{B18537F1-B130-4C4B-A606-01128D45907E}) (Version: 4.1.45.1 - Blue Ridge Networks)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 10.3.0.2191 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.3.0.2191 - Bullzip)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon MP Navigator 2.0 (HKLM-x32\...\MP Navigator 2.0) (Version: - )
Canon MP800 (HKLM\...\{04F9B09E-CDB5-46fc-AC30-2E7E7C7A8A34}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Cisco WebEx Meetings (HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Connection Manager (HKLM-x32\...\O2UK) (Version: 8.7.6.800 - Connection Manager)
Dropbox (HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HomeplugAV (HKLM-x32\...\{2DFC446B-8A6E-4EF3-99DF-C89E37DB156D}) (Version: - )
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IQFeed Client 5.1.0.5 (HKLM-x32\...\IQFeed Client) (Version: 5.1.0.5 - DTN)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Jagannatha Hora 7.66 (HKLM-x32\...\Jagannatha Hora_is1) (Version: 7.66 - PVR Narasimha Rao)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Jyotishya Deepika v5.0 (HKLM-x32\...\{40342A0E-7166-491B-A98C-3BEEBD7837A6}) (Version: 5.2.2 - Sridhara Software Technologies)
Kaspersky Anti-Virus 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Anti-Virus 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
Macromedia Contribute 3.11 (HKLM-x32\...\{4B9535BF-CC90-4158-AF32-CAF57A8820CA}) (Version: 3.11.0.2419 - Macromedia, Inc.)
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.2 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Fireworks 8 (HKLM-x32\...\{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}) (Version: 8.0.0.777 - Macromedia)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Maitreya 7.0.3 (HKLM-x32\...\Maitreya7.0_is1) (Version: - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0a1 - Mozilla)
MyDriveConnect 3.3.0.1342 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1342 - TomTom)
NETGEAR A6210 Genie (HKLM-x32\...\InstallShield_{B37F67D3-ABD1-48E0-B422-E011C355529C}) (Version: 1.0.0.30 - NETGEAR)
NETGEAR A6210 Genie (x32 Version: 1.0.0.30 - NETGEAR) Hidden
Nightly 37.0a1 (x86 en-US) (HKLM-x32\...\Nightly 37.0a1 (x86 en-US)) (Version: 37.0a1 - Mozilla)
Nitro Pro 9 (HKLM-x32\...\{c5237a45-d0a0-4c12-9269-f59919377de1}) (Version: 9.5.3.8 - Nitro)
Nitro Pro 9 (Version: 9.5.3.8 - Nitro) Hidden
NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
PDF-XChange Lite 4 (HKLM\...\{B860298B-CE03-4DE2-B92E-422F2C20A2D8}_is1) (Version: 4.0.214.2 - Tracker Software Products Ltd)
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Python 3.3.3 (64-bit) (HKLM\...\{e9d90870-ab19-32a8-aa93-f8348ba21d05}) (Version: 3.3.3150 - Python Software Foundation)
Python 3.3.4 (HKLM-x32\...\{cc2659bc-d27d-3593-a0a0-9ac0de07a430}) (Version: 3.3.4150 - Python Software Foundation)
QCollector Expert For DTN 4.0 (HKLM-x32\...\QC_EXPERT_IQFEED_is1) (Version: - Tradeworks Software)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
R for Windows 3.1.1 (HKLM\...\R for Windows 3.1.1_is1) (Version: 3.1.1 - R Core Team)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.49 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1073 - RStudio)
SaxoTrader 2 (HKLM-x32\...\{024D66E9-D50C-44A7-92B4-2DFDDD95D228}) (Version: 2.85.31.0 - Saxo Bank)
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 385 - MIT Media Lab)
Scratch 2 Offline Editor (x32 Version: 255 - MIT Media Lab) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartKpHorary (HKLM-x32\...\{F3B425D8-E179-4EF4-89DB-38686457DECE}) (Version: 1.1.1 - AstroOpenSource)
SnapAPI (HKLM-x32\...\{D4830EE9-E795-4CCA-AA7A-612A4E565977}) (Version: 3.11.586 - Acronis)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncBackPro (HKLM-x32\...\SyncBackPro_is1) (Version: 6.0.12.0 - 2BrightSparks)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TaxCalc (HKLM-x32\...\TaxCalcHub) (Version: 2 - Acorah Software Products)
TaxCalc 2010 (HKLM-x32\...\TaxCalc 2010) (Version: - Acorah Software Products)
TaxCalc 2011 (HKLM-x32\...\TaxCalc 2011) (Version: - )
TaxCalc 2012 (HKLM-x32\...\TaxCalc 2012) (Version: - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
True Image 2013 (HKLM-x32\...\{A3FDA583-78E5-45B6-A14A-BCF99B8410FB}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version: - File Recovery Ltd.)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vigor N61 802.11n Wireless USB Adapter (HKLM-x32\...\{272E80B6-9579-421F-8B8E-6E8855FA1F91}) (Version: - DrayTek)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.3 - VMware, Inc)
VMware Player (Version: 5.0.3 - VMware, Inc.) Hidden
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.3.3 - Webroot)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 4.0.6.0 - BiniSoft.org)
Write-N-Cite (HKLM-x32\...\Write-N-Cite) (Version: III - Refworks)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-629275367-314371585-4215095554-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-629275367-314371585-4215095554-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-629275367-314371585-4215095554-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-629275367-314371585-4215095554-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-629275367-314371585-4215095554-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-629275367-314371585-4215095554-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
31-03-2015 16:18:13 Revo Uninstaller's restore point - Janus 4.3 Atlas Update
31-03-2015 16:18:54 Revo Uninstaller's restore point - Janus 4.3 Atlas Update (C:\Program Files (x86)\Janus4\)
31-03-2015 16:19:48 Revo Uninstaller's restore point - lmc
31-03-2015 16:20:58 Revo Uninstaller's restore point - Nitro Pro 9
31-03-2015 16:21:39 Revo Uninstaller's restore point - Nitro Pro 9
02-04-2015 14:45:24 Removed EMET 5.0
02-04-2015 16:39:15 Removed Vigor N61 802.11n Wireless USB Adapter
02-04-2015 16:40:23 Installed Vigor N61 802.11n Wireless USB Adapter
02-04-2015 16:41:25 Installed ANIWZCS2 Service
03-04-2015 15:09:52 Installed Realtek Ethernet Controller Driver
05-05-2015 20:03:44 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-04-04 11:09 - 2015-04-04 11:37 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02070FD3-A44F-496A-9BF3-A329BE5124DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {04B57B4C-3522-46CB-A39F-D2610095338A} - System32\Tasks\{DF309475-A581-4165-936E-1EFF15E30CC2} => pcalua.exe -a "D:\Users\SUNDARS PC\Downloads\Shockwave_Installer_Slim.exe" -d "D:\Users\SUNDARS PC\Downloads"
Task: {0DB22FCF-CA6C-4D27-B97B-12B2C08D272F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {18400EFC-BD36-4A9B-ADB3-7398EDC0061C} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-06-10] (Microsoft Corporation)
Task: {190C2DC1-57A5-4E36-A1B1-2461F82D42C0} - System32\Tasks\{0067DF06-1CA4-4EB7-92AA-34A15C2A47A4} => pcalua.exe -a "D:\DownloadSW\Canon MP800\mp800win64111ej.exe" -d "D:\DownloadSW\Canon MP800"
Task: {28D12B95-450D-47A3-AB21-8BE4984A8260} - System32\Tasks\{49A434F2-4257-4659-B31A-D2F1735D8D9E} => pcalua.exe -a "C:\Windows TMP\Temp3_Vigor_N61+V5.0.2.1022.zip\Setup.exe"
Task: {4824DB31-F424-4D71-A2C0-788488D7BAA0} - System32\Tasks\{FBCC3706-EACD-40D1-8B3B-80B83C9F1C0D} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {619CC783-587A-4D5A-A1D5-048A7C1396D9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {6C18733F-DF79-412E-B6F7-ED706CB8DA96} - System32\Tasks\{D973572D-16DB-4F0B-B03D-18B159F083FE} => Chrome.exe http://ui.skype.com/...all?page=tsBing
Task: {93C12D0C-319E-4D21-AD89-91BDFDF67E8D} - System32\Tasks\{45630174-9AFF-4037-9939-25D92277BC8F} => pcalua.exe -a "D:\DownloadSW\Canon MP800\mp800win64111ej.exe" -d "D:\DownloadSW\Canon MP800"
Task: {B3FE7C04-6C76-47D7-B569-A09CAE1CFE71} - System32\Tasks\{0D0787EB-2131-49B4-B353-001FAF0936FA} => Chrome.exe http://ui.skype.com/...e=tsProgressBar
Task: {D2F35EE7-7FFC-4370-9BE2-60890CDA9D6E} - System32\Tasks\{B9DCA183-88F6-4390-A715-B64212C01F26} => pcalua.exe -a "D:\Users\SUNDARS PC\Desktop\wfc4setup.exe" -d "D:\Users\SUNDARS PC\Desktop"
Task: {D779A5C3-E00F-4DBA-9DD1-18E8375113F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-02] (Adobe Systems Incorporated)
Task: {DE846982-5DFD-4C6B-B900-8024031173FF} - System32\Tasks\{FDF79372-B4AC-404F-9714-C52B74B5B67D} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {E2915503-5ED1-44CC-A4BC-58970E03C055} - System32\Tasks\{5E28E702-CF72-4DD8-B357-ECB39F446816} => pcalua.exe -a "C:\Windows TMP\Temp1_Vigor_N61+V5.0.2.1022.zip\Setup.exe"
Task: {F7366F50-15A1-4A45-B143-F86BDE7B197D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-04-02 16:41 - 2009-02-11 18:57 - 00147456 _____ () C:\Windows\SysWOW64\ANIWConnService.exe
2014-05-13 17:57 - 2014-05-13 17:57 - 00210648 _____ () C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe
2014-08-01 15:23 - 2014-08-01 15:23 - 00418312 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
2015-03-31 20:22 - 2009-01-12 08:15 - 00071096 _____ () C:\Windows\SysWOW64\NMSAccessU.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-03-27 23:39 - 2013-03-27 23:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2013-06-09 14:48 - 2012-11-06 10:34 - 00380776 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2015-01-29 12:45 - 2012-10-12 11:59 - 00133120 _____ () C:\Program Files (x86)\Alcatel\Alcatel USB Modem\AutoLauncher.exe
2015-04-02 16:40 - 2009-10-30 10:20 - 00827392 _____ () C:\Program Files (x86)\DrayTek Vigor N61\WlanMon.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-14 14:41 - 2013-01-14 14:41 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\kpcengine.2.2.dll
2013-11-05 22:05 - 2013-11-05 22:05 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-12-15 17:54 - 2014-09-25 15:49 - 00883496 _____ () C:\Program Files\Investintech.com Inc\Able2Extract 9.0\platforms\qwindows.dll
2013-11-29 10:29 - 2013-11-29 10:29 - 00026520 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00082840 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00344984 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00750080 _____ () D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-06-13 16:04 - 2015-06-13 16:04 - 00043008 _____ () c:\Windows TEMP\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmportfts.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00047616 _____ () D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00865280 _____ () D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:07 - 2015-03-04 23:07 - 00200704 _____ () D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll
2012-08-17 21:40 - 2012-08-17 21:40 - 00068024 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\QtWebKit\qmlwebkitplugin4.dll
2013-03-28 02:42 - 2013-03-28 02:42 - 13606944 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 14:43 - 2013-01-10 14:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2015-01-21 16:21 - 2015-01-21 16:21 - 00131808 _____ () C:\Program Files (x86)\NETGEAR\A6210\Ralink.dll
2013-03-27 23:09 - 2013-03-27 23:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-03-27 23:36 - 2013-03-27 23:36 - 00021312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\books24x7.com -> hxxps://books24x7.com
IE trusted site: HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\skillport.com -> hxxps://skillport.com
IE trusted site: HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\skillwsa.com -> hxxps://skillwsa.com
IE trusted site: HKU\S-1-5-21-629275367-314371585-4215095554-1001\...\ultimatix.net -> hxxps://icalms.ultimatix.net
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-629275367-314371585-4215095554-1001\Control Panel\Desktop\\Wallpaper -> D:\Users\SUNDARS PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8DBDF54A-6044-4280-BD95-A75FE5503C6F}] => (Allow) %ProgramFiles% (x86)\DTN\IQFeed\iqconnect.exe
FirewallRules: [{FA99D32A-DFE9-4A49-8244-3AF34448FA84}] => (Allow) %ProgramFiles% (x86)\DTN\IQFeed\iqconnect.exe
FirewallRules: [{9F5E6F7C-1BAE-48C0-906A-5B84CB0FF752}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{52F0BEC5-E727-493E-9ED9-8F53C11E1BA8}] => (Allow) %ProgramFiles% (x86)\Microsoft Office\Office12\OUTLOOK.EXE
FirewallRules: [{37173833-9E91-4523-BB2C-9D0F35330214}] => (Allow) %SystemRoot%\SysWOW64\svchost.exe
FirewallRules: [{76D7BFC5-DE32-4D2B-975E-BF311A970C2B}] => (Allow) %SystemRoot%\SysWOW64\svchost.exe
FirewallRules: [{C25FDC95-75C8-4B02-A680-A9683369255D}] => (Block) LPort=1900
FirewallRules: [{9768C54D-E186-418F-A875-D6E358FA8DBA}] => (Block) LPort=445
FirewallRules: [{6D1CA2F5-7CF0-46CA-AF7A-277C38B2754F}] => (Block) C:\Windows\System32\svchost.exe
FirewallRules: [{38A745CD-9C0B-481F-A0F6-2B55D409C8DE}] => (Allow) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
FirewallRules: [{55A77A94-5B62-498A-9426-C02BAF3F977B}] => (Allow) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
FirewallRules: [{D1D6BDA2-327D-4124-A999-7B5CBC25EFBF}] => (Allow) LocalHost
FirewallRules: [{FAD88354-8E90-48F0-9C06-93B86887956B}] => (Allow) C:\program files (x86)\malwarebytes' anti-malware\mbam.exe
FirewallRules: [{770D90DC-A3EC-4E2A-9BD9-D1A9A381A196}] => (Allow) C:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe
FirewallRules: [{CB76087B-1BA0-4271-8CF5-6DD3F72E2E98}] => (Allow) %ProgramFiles% (x86)\DTN\IQFeed\iqconnect.exe
FirewallRules: [{734788E0-AFAF-487E-AED0-9298930A1088}] => (Allow) %ProgramFiles% (x86)\DTN\IQFeed\iqconnect.exe
FirewallRules: [{E231AF57-69BB-40B9-8E60-7AEA8D2AFCBF}] => (Allow) %ProgramFiles% (x86)\DTN\IQFeed\IQLinkLauncher.exe
FirewallRules: [{FBA1FFFE-E890-4A05-A650-C5E74DF32FC9}] => (Allow) C:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
FirewallRules: [{EFB25419-6427-4026-863D-0D0ABAF13106}] => (Allow) C:\program files\bonjour\mdnsresponder.exe
FirewallRules: [{A1DD282B-58C7-45B4-BEE7-752EA6D3906C}] => (Allow) C:\program files\bonjour\mdnsresponder.exe
FirewallRules: [{CB8C8985-DED2-4AD8-A6DB-9DACB7382757}] => (Allow) C:\windows\explorer.exe
FirewallRules: [{2FA6246B-3291-43C2-9104-335418D2B2C9}] => (Allow) C:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe
FirewallRules: [{CED1BDAB-355B-43E1-AE4C-B6F2BDACD7D7}] => (Allow) C:\Program Files (x86)\Internet Explorer\iexplore.exe
FirewallRules: [{C7AF0FCA-D9E0-46CC-9560-CC3F6374000F}] => (Allow) C:\Windows\System32\ftp.exe
FirewallRules: [{3E10042F-FF69-4A2F-885D-593CF23AB8CB}] => (Allow) FTPCommand
FirewallRules: [{460D9863-B5A3-49C7-85EB-1B0A0DEAFF55}] => (Allow) FTPs
FirewallRules: [{691532FC-BDE4-4416-9D10-2D58CFF798D8}] => (Allow) FTPDataPass
FirewallRules: [{94A3740E-1CBD-4890-92D0-544398794671}] => (Allow) FTPData
FirewallRules: [{AEE2927D-0BE7-48AD-B84F-BB9420B413F7}] => (Allow) C:\program files (x86)\google\update\googleupdate.exe
FirewallRules: [{0080B179-9CEC-40A5-A462-0B82343768A9}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{1004C511-AFBE-458B-98D5-833B7DB26337}] => (Allow) %ProgramFiles% (x86)\Common Files\Java\Java Update\jaucheck.exe
FirewallRules: [{435B5C72-25C2-4F4C-BECB-128217EA84E2}] => (Allow) %ProgramFiles% (x86)\Java\jre7\bin\javacpl.exe
FirewallRules: [{12CF2A8A-9497-417A-9D2E-2F3506289CC2}] => (Allow) %ProgramFiles% (x86)\Java\jre7\bin\java.exe
FirewallRules: [{5F3BD7B4-F12D-4F53-9333-8388EC1F3D79}] => (Allow) %ProgramFiles% (x86)\Java\jre7\bin\javaw.exe
FirewallRules: [{17CA3D79-A96C-4BBE-B23E-75A7FCDBC4FD}] => (Allow) %ProgramFiles% (x86)\Java\jre7\bin\javaws.exe
FirewallRules: [{55BD0BCC-0811-4876-A209-C948E128C403}] => (Allow) %ProgramFiles% (x86)\Common Files\Java\Java Update\jusched.exe
FirewallRules: [{A3E44110-D81C-4C40-97A6-AC370F8A58BC}] => (Allow) %ProgramFiles% (x86)\Common Files\Java\Java Update\jucheck.exe
FirewallRules: [{27BD713F-6845-4387-BBFF-E98D8C0B5B20}] => (Block) Any
FirewallRules: [{36E58820-6D9D-457A-B352-AF3F0CB53A5E}] => (Block) Any
FirewallRules: [{2E0D74DE-530B-4CB9-9F2C-7C2979EDDE73}] => (Allow) %ProgramFiles%\Tracker Software\Live Update\LiveUpdate.exe
FirewallRules: [{D0DA4E97-B166-4DE7-B464-648FA8FD55B0}] => (Allow) %ProgramFiles% (x86)\Microsoft Office\Office12\EXCEL.EXE
FirewallRules: [{2F0D4201-BAD0-424A-8C73-E882B4F873AF}] => (Allow) %ProgramFiles% (x86)\Microsoft Office\Office12\WINWORD.EXE
FirewallRules: [{9D9D968F-5989-4C63-9066-47179AFDD2B9}] => (Allow) %ProgramFiles% (x86)\Microsoft Office\Office12\MSPUB.EXE
FirewallRules: [{AA452646-7D51-40D5-8305-9E680E329612}] => (Allow) %ProgramFiles% (x86)\Microsoft Office\Office12\MSACCESS.EXE
FirewallRules: [{5AC02C1F-54F8-4DE5-817E-4FC269EDA339}] => (Allow) %ProgramFiles% (x86)\iTunes\iTunes.exe
FirewallRules: [{7647472E-4DD4-4328-B47E-EFC512D8E11C}] => (Allow) LPort=5454
FirewallRules: [{9CDC55CE-0F8C-4329-8BB1-4E0ECEABF1EC}] => (Block) %ProgramFiles% (x86)\Microsoft Office\Office12\OUTLOOK.EXE
FirewallRules: [{F37CA6CF-E3AE-4078-A751-D5B252818BCA}] => (Allow) %ProgramFiles% (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
FirewallRules: [{22146DC1-A30D-4580-8FD3-D6F5A139510E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{AFF8CA93-2376-44AD-A58F-789CA3994AA1}] => (Allow) LPort=4481
FirewallRules: [{05B41AF1-335D-45C9-9F32-CBC3EE012287}] => (Allow) LPort=4481
FirewallRules: [{5E340545-F01E-49EE-926D-80FA8CDCAF10}] => (Allow) LPort=4482
FirewallRules: [{AB0463F1-4AC9-40C1-83E6-36DDD75867DB}] => (Allow) LPort=4482
FirewallRules: [{A57529DA-512C-4D19-9058-5138DEE08DAC}] => (Allow) %ProgramFiles% (x86)\DTN\IQFeed\IQLinkLauncher.exe
FirewallRules: [{C5EAB85D-32A8-4BD0-A1EC-8B0EC2B3B0E5}] => (Allow) %ProgramFiles% (x86)\DTN\IQFeed\iqlink.exe
FirewallRules: [{184F0E05-1A6E-4CE6-B5EE-0F747B1161BD}] => (Allow) %ProgramFiles% (x86)\DTN\IQFeed\iqlink.exe
FirewallRules: [{E0707014-1506-4E14-8D4F-A92B26385F9B}] => (Allow) C:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\avp.exe
FirewallRules: [TCP Query User{98C6E13A-351A-487D-AD44-5AF8D8D9F9F4}F:\windows temp\showmypc\smpc3152\smpcph.exe] => (Allow) F:\windows temp\showmypc\smpc3152\smpcph.exe
FirewallRules: [UDP Query User{700CA384-000C-4FFC-9A73-373A6F53B27B}F:\windows temp\showmypc\smpc3152\smpcph.exe] => (Allow) F:\windows temp\showmypc\smpc3152\smpcph.exe
FirewallRules: [{BB96FE9C-EF2E-4A88-BF14-7EB13465E357}] => (Allow) %SystemDrive%\SierraChart\SierraChart.exe
FirewallRules: [{552068C3-117F-412A-A9EE-668545D44F13}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{CC0EB99A-2F26-48FB-9F8D-5550D5243835}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{04442390-99C2-400E-A685-6AF12AB5ABF3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7B9D0D08-61D8-419D-B506-9B14F2A8BCAE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FA8BC656-9D70-46DD-94EC-B84F08F4FAF4}] => (Allow) %ProgramFiles% (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F5682E41-440F-4A19-8F7D-B5406E95F99B}] => (Allow) %ProgramFiles% (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4055FC8A-1CEE-4E36-A927-BA19197D4C4A}] => (Allow) %ProgramFiles% (x86)\Janus4\Janus4.exe
FirewallRules: [{1FCFDF11-9AE4-43E0-A3E4-F583387E30CD}] => (Allow) %SystemDrive%\DNSCRYPT\dnscrypt-proxy.exe
FirewallRules: [{44BC45A3-350D-42B0-8C9C-71CD726B335B}] => (Allow) %ProgramFiles% (x86)\FileZilla FTP Client\filezilla.exe
FirewallRules: [{EDCDCB73-C6AD-43B0-AB3A-885E738B4187}] => (Allow) %ProgramFiles% (x86)\FileZilla FTP Client\filezilla.exe
FirewallRules: [{120895B4-34BF-4A89-9DCA-1B0D0571DF01}] => (Allow) C:\Program Files\Windows Firewall Control\wfc.exe
FirewallRules: [{394C8FE4-10B7-4A04-A2D2-010C1AA9E1BE}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{3338AFB7-9D11-44F4-A24C-922E4957757A}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{06D10F59-E785-4245-9DA1-D0DF91F4DCBE}] => (Block) C:\Windows\system32\svchost.exe
FirewallRules: [{0532C1C9-E221-40FA-A14A-8BDF388BFA5E}] => (Allow) %ProgramFiles% (x86)\MyDrive Connect\MyDriveConnect.exe
FirewallRules: [{9BE2F7CC-DC2C-49D4-A8B5-0C1E2FE04D32}] => (Block) C:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\avp.exe
FirewallRules: [{663AC72B-5D2D-4568-BCDD-B1EDEEEB51E6}] => (Allow) %ProgramFiles% (x86)\Skype\Phone\Skype.exe
FirewallRules: [{087C125B-FA62-48B1-9932-14876DAFE822}] => (Allow) %ProgramFiles% (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3CF4B9B8-DDC0-4B64-823C-278499389329}] => (Allow) %ProgramFiles% (x86)\Microsoft Office\Office12\OUTLOOK.EXE
FirewallRules: [{4961CF2A-C1BE-446C-B570-F0685F0EA4AE}] => (Block) %ProgramFiles% (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2D78B49C-C263-4E58-96A5-439881217E78}] => (Block) %ProgramFiles% (x86)\Microsoft Office\Office12\OUTLOOK.EXE
FirewallRules: [{20DA01E8-28BF-4D5A-837F-AB59D75DB5A4}] => (Allow) %ProgramFiles% (x86)\Skype\Phone\Skype.exe
FirewallRules: [{86C5477D-8DC5-4B04-A5A6-B187C66CD5BF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{90FFCB75-D72E-41B8-A218-09E6CA8A41DD}] => (Allow) C:\Program Files (x86)\Acorah Software Products\TaxCalcHub\TaxCalcHub.exe
FirewallRules: [{FFDDF7E5-B8EB-4975-A5C7-D81AA95AB7C6}] => (Allow) D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{467E6A07-709A-4B86-AAFF-CA99C65CCD98}] => (Allow) %ProgramFiles% (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
FirewallRules: [{A58CDFB8-56AD-40DA-B6C8-E465B99DC752}] => (Allow) %ProgramFiles% (x86)\iTunes\iTunes.exe
FirewallRules: [{ADF3BDAE-B133-4ECC-9F68-3C4704E7EA98}] => (Allow) %ProgramFiles% (x86)\iTunes\iTunes.exe
FirewallRules: [{10910CDC-C8E9-4B06-8527-80C593DB49CF}] => (Allow) %ProgramFiles% (x86)\iTunes\iTunes.exe
FirewallRules: [{E2BCBBCE-DD00-43F8-8AC1-84A252EE2995}] => (Allow) %ProgramFiles% (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
FirewallRules: [{2CD1DF7B-6CC2-4ABB-89C9-55554C6608EC}] => (Allow) %ProgramFiles% (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
FirewallRules: [{2444E4A4-C21D-4A06-895F-DDD0DA1447C5}] => (Allow) %ProgramFiles%\Microsoft Silverlight\sllauncher.exe
FirewallRules: [{58EF1F75-6859-401D-B1C5-436075A54F8A}] => (Allow) %ProgramFiles%\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe
FirewallRules: [{23121497-B02E-4FF9-9848-8B0D823DCE4D}] => (Allow) %ProgramFiles%\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe
FirewallRules: [{24698B26-C70E-46DB-AD79-FC222779BC81}] => (Allow) %ProgramFiles%\Microsoft Silverlight\sllauncher.exe
FirewallRules: [{6D34C37A-30A6-4AFE-9F8A-E5B2D7096530}] => (Allow) C:\program files (x86)\kaspersky lab\kaspersky anti-virus 2013\avp.exe
FirewallRules: [{D166F14C-C20B-4520-845D-9511DEDA34EC}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{2A5A0753-3F25-4295-B1DC-97CBBC09B3E9}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{B5C76304-3E9E-468D-A308-A3A05C6E2773}] => (Allow) C:\Program Files (x86)\Internet Explorer\iexplore.exe
FirewallRules: [{1F55ECD6-49CC-4A59-A413-48A711C3D14F}] => (Allow) D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{866CB03C-A52C-4BE5-94B2-84D1CF8B08A4}] => (Allow) D:\Users\SUNDARS PC\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F4D8749C-FED2-4263-B9EB-717531217398}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{0E6068C1-3F56-49EB-88D8-56EF5E16F56F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{160CBA5C-291C-4D61-8111-22E25A44EF70}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{6BF8BEE8-F9CB-49CB-A597-708327EFE188}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{DB31D691-A7D8-4F04-BF36-54875425991F}C:\khcoder\dep\mysql\bin\mysqld-nt.exe] => (Allow) C:\khcoder\dep\mysql\bin\mysqld-nt.exe
FirewallRules: [UDP Query User{4E6DA0C0-8B4D-47D3-B9DF-9933B759C613}C:\khcoder\dep\mysql\bin\mysqld-nt.exe] => (Allow) C:\khcoder\dep\mysql\bin\mysqld-nt.exe
FirewallRules: [TCP Query User{06C094CB-33AD-4DF3-B893-73E58BFF038C}C:\windows\syswow64\java.exe] => (Block) C:\windows\syswow64\java.exe
FirewallRules: [UDP Query User{E1B2FA41-719D-4FE6-978F-D7865521B3BB}C:\windows\syswow64\java.exe] => (Block) C:\windows\syswow64\java.exe
FirewallRules: [{B00FD89B-5FCE-4341-BD70-D49C9C4FB8D4}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7C305130-A050-40E4-A87F-A679767F92A2}D:\downloadsw\text mining\dep\mysql\bin\mysqld-nt.exe] => (Allow) D:\downloadsw\text mining\dep\mysql\bin\mysqld-nt.exe
FirewallRules: [UDP Query User{40EBEA0D-84BF-4CAA-8F94-91946EBF5326}D:\downloadsw\text mining\dep\mysql\bin\mysqld-nt.exe] => (Allow) D:\downloadsw\text mining\dep\mysql\bin\mysqld-nt.exe
FirewallRules: [{A810BC00-20C8-4942-B3CC-3BB1E1C83402}] => (Allow) C:\Program Files (x86)\Acorah Software Products\TaxCalcHub\TaxCalcHub.exe
FirewallRules: [{7F754988-491E-447F-A01F-97EB09EE4259}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A4F14790-C578-4AC6-A93F-5BDC79A69079}] => (Block) C:\program files (x86)\acronis\trueimagehome\trueimage.exe
FirewallRules: [{21AAB52B-E23A-4D68-9CCC-AF0760B6F0FE}] => (Block) C:\program files (x86)\acronis\trueimagehome\trueimage.exe
==================== Faulty Device Manager Devices =============
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/13/2015 04:08:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/13/2015 04:03:23 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-06-13T16:03:23.486+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (06/13/2015 00:40:22 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-06-13T12:40:22.201+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (06/13/2015 11:46:50 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-06-13T11:46:50.392+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (05/05/2015 08:00:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "x64" of attribute "processorArchitecture" in element "assemblyIdentity" is invalid.
Error: (05/05/2015 07:27:27 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-05-05T19:27:27.330+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (05/05/2015 07:06:03 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-05-05T19:06:03.005+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (04/16/2015 10:28:37 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-16T22:28:37.395+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (04/16/2015 10:06:54 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-16T22:06:54.530+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (04/10/2015 01:53:36 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T13:53:36.463+01:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
System errors:
=============
Error: (06/13/2015 04:03:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
anodlwf
Error: (06/13/2015 00:40:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
anodlwf
Error: (06/13/2015 11:46:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
anodlwf
Error: (05/11/2015 08:06:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {60A90A2F-858D-42AF-8929-82BE9D99E8A1}
Error: (05/05/2015 07:27:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
anodlwf
Error: (05/05/2015 07:05:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
anodlwf
Error: (05/05/2015 07:05:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 22:59:58 on 16/04/2015 was unexpected.
Error: (04/16/2015 10:28:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
anodlwf
Error: (04/16/2015 10:06:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
anodlwf
Error: (04/16/2015 10:06:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:53:07 on 10/04/2015 was unexpected.
Microsoft Office:
=========================
Error: (01/04/2015 02:32:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 24 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/04/2015 02:31:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 334245 seconds with 3960 seconds of active time. This session ended with a crash.
Error: (01/04/2015 02:17:23 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 185350 seconds with 480 seconds of active time. This session ended with a crash.
Error: (12/04/2014 01:55:29 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 758 seconds with 540 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-06-13 16:02:44.101
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-06-13 16:02:44.054
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-06-13 12:39:30.444
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-06-13 12:39:30.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-06-13 11:46:13.758
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-06-13 11:46:13.711
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-05-05 19:26:55.492
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-05-05 19:26:55.446
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-05-05 19:05:14.682
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-05-05 19:05:14.636
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Xeon® CPU X5450 @ 3.00GHz
Percentage of memory in use: 23%
Total physical RAM: 12287.34 MB
Available physical RAM: 9397.7 MB
Total Pagefile: 24572.86 MB
Available Pagefile: 21673.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:374.28 GB) NTFS
Drive d: (RAID5) (Fixed) (Total:1397.27 GB) (Free:855 GB) NTFS
Drive g: (Backup Disk) (Fixed) (Total:931.51 GB) (Free:168.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D42AD42A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: 9AA59AA5)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 8667632D)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of log ============================
*********************************
Malwarebytes Anti-Malware
*****************************************
www.malwarebytes.org
Scan Date: 03/04/2015
Scan Time: 11:29:37
Logfile: mbam030415-1600.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.03.30.10
Rootkit Database: v2015.03.31.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: SUNDARS PC
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 492889
Time Elapsed: 44 min, 7 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)