Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Multiple malware/adware programs keep installing, please help [Solved]

Started by Alkalidum , Aug 20 2015 02:42 PM

  • This topic is locked This topic is locked

#31
Alkalidum
Posted 25 August 2015 - 11:41 AM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Hello again :)

 

I was thinking maybe one of the programs we've installed is causing the cpu problem? I tried disabling Spybot and CCleaner and ran the Hearthstone game again thismorning but the results was still the same, the game almost came to a complete standstill.Or maybe one of the programs has changed one of the games files or settings so ill try uninstall the game and reinstall it to see if that fixes the issue.

 

Anyway..onto the logs:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:24-08-2015
Ran by Speed X8 (2015-08-25 18:07:56) Run:5
Running from C:\Users\Speed X8\Desktop
Loaded Profiles: Speed X8 (Available Profiles: Speed X8)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
Task: {F2A84BEA-2943-4CDA-920D-AE96FDA71A3E} - \ToolsUpdatePlatform_ScheduledTask -> No File <==== ATTENTION
End
*****************
 
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F2A84BEA-2943-4CDA-920D-AE96FDA71A3E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2A84BEA-2943-4CDA-920D-AE96FDA71A3E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ToolsUpdatePlatform_ScheduledTask => key not found. 
 
==== End of Fixlog 18:08:04 ====

Edited by Alkalidum, 25 August 2015 - 11:57 AM.

  • 0

Advertisements

#32
Alkalidum
Posted 25 August 2015 - 11:42 AM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts
 
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Speed X8 on 25/08/2015 at 18:09:07.89.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Speed X8\Desktop\zoek.exe [Scan all users]  [Checkboxes used]
 
==== System Restore Info ======================
 
25/08/2015 18:11:06 Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\DSP-worx deleted successfully
C:\PROGRA~2\Mobiloid deleted successfully
C:\PROGRA~2\Pando Networks deleted successfully
C:\PROGRA~2\Razer deleted successfully
C:\PROGRA~2\Utherverse Digital Inc deleted successfully
C:\PROGRA~2\COMMON~1\EAInstaller deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\McAfee deleted successfully
C:\PROGRA~3\Adobe deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\PROGRA~3\Seeing Machines deleted successfully
C:\PROGRA~3\Vizzed deleted successfully
C:\Users\Speed X8\AppData\Roaming\.rFactor deleted successfully
C:\Users\Speed X8\AppData\Roaming\Antares deleted successfully
C:\Users\Speed X8\AppData\Roaming\Origo deleted successfully
C:\Users\Speed X8\AppData\Roaming\PACE Anti-Piracy deleted successfully
C:\Users\Speed X8\AppData\Local\Adobe deleted successfully
C:\Users\Speed X8\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Speed X8\AppData\Local\EmieSiteList deleted successfully
C:\Users\Speed X8\AppData\Local\EmieUserList deleted successfully
C:\Users\Speed X8\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Speed X8\AppData\Local\Razer deleted successfully
C:\Users\Speed X8\AppData\Local\WarThunder deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SSUService deleted successfully
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\DSP-worx not found
C:\PROGRA~2\Mobiloid not found
C:\PROGRA~2\Pando Networks not found
C:\PROGRA~2\Razer not found
C:\PROGRA~2\Utherverse Digital Inc not found
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\Users\Speed X8\AppData\LocalLow\{0C4CB480-9D76-0433-6B53-D0043999ED39} deleted
C:\Users\Speed X8\AppData\Local\Packages\windows_ie_ac_001\AC\{0C4CB480-9D76-0433-6B53-D0043999ED39} deleted
C:\Users\Speed X8\AppData\Local\Packages\windows_ie_ac_001\AC\{6855207D-059D-6D2B-0BDB-596F63B2C7DB} deleted
C:\Users\Speed X8\.android deleted
C:\PROGRA~2\Razer Surround Driver Installer deleted
C:\PROGRA~2\Splashtop deleted
C:\Users\Speed X8\AppData\Roaming\WB.CFG deleted
C:\Users\Speed X8\AppData\Roaming\SpeedRunnersLog.txt deleted
C:\Users\Speed X8\AppData\Roaming\TargetInvocationLog.txt deleted
C:\PROGRA~3\Splashtop deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Speed X8\AppData\Local\avgchrome deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Windows\Installer\a15726.msi" deleted
 
==== Firefox Start and Search pages ======================
 
ProfilePath: C:\Users\SPEEDX~1\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default
user_pref("browser.startup.homepage", "https://www.google.c...ackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.c...ackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("keyword.URL", "https://www.google.c...ackid=sp-006");
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20/08/2015 20:44]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\SPEEDX~1\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default
- LastPass - %ProfilePath%\extensions\[email protected]
 
ExtDir: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- LastPass - %ExtDir%\[email protected]
 
ExtDir: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles
- LastPass - %ExtDir%\extensions\[email protected]
 
ExtDir: C:\Users\Speed X8\AppData\Roaming\Mozilla\Extensions
- LastPass - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected]
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default
DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director
EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash
EAF918D324861CD742AB9E3EC71861BA - C:\Users\Speed X8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
 
 
==== Fake Chromium Profiles Check ======================
 
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
 
==== Chromium Look ======================
 
Google Chrome Version: 44.0.2403.157
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12/03/2015 17:47]
hdokiejnpimakedhajhdlcegeplioahd - No path found[]
 
Subscriptions Grid For YouTube™ - Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjhgnfnmijfkmcddcmffeamphmmeed
AdBlock - Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Chrome Hotword Shared Module - Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
 
==== Chromium Startpages ======================
 
C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Preferences
qhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleap...h":"C:\\ProgramFiles (x86)\\Google\\Chrome\\Application\\44.0.2403.155\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"D1C8C8E54349A524FEDA30AFC50C6B4FFC32A1156425B304720A13CF690AD1B3"},"default_search_provider":{"keyword":"F00EEEE605F97994B9C2544DCA9B9BD86F4E4159EC69AFCAE096415559D66B29","name":"FBCA928B284AC927B967C90EB7EEC6C129617995EDFB59BC7D83959DD71A5223","search_url":"E68A04E0D54BE0C05BC616E8AE6124A7D0E75B0088283736F85FE0D1FA775456"},"default_search_provider_data":{"template_url_data":"D1D7D76345959066FE38F9EAC5FB4D254251CA6306B2349CB68D267D02E1F2D3"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"C47A64391B4B2507A078CF9E66581D3B535431C58E30D2EC483FB2A62A3C83CA","bepbmhgboaologfdajaanbcjmnhjmhfn":"B5E75052B080BCBD02FB430833FDC7C5821E7D72E135FA265D58C1CB035CF90A","cfhdojbkjhnklbpkdaibdccddilifddb":"9DA16991E0BE8957B10EABC561826670636663419E5E0BEAE3A4A7607CB9F5CC","dcnjhgnfnmijfkmcddcmffeamphmmeed":"0DAC80D209974FE9779D6A1EFD7F8701256E4B2B49809D719754573CF9C8068A","eemcgdkfndhakfknompkggombfjjjeno":"D47AD494FA1BD2207C16367CBA5B40586BB31B5059CD84FDFEB9476AD1C6C593","ennkphjdgehloodpbhlhldgbnhmacadg":"1F9AB8B8890DAE7E542E0A1CE12A06520344A7995041226F598F0C7EED49F683","gfdkimpbcpahaombhbimeihdjnejgicl":"DEC95146DBD79A1D729FC25D767991140A020DEBBD2F34B125C830CD0DEA772D","gighmmpiobklfepjocnamgkkbiglidom":"98F4E4B34B778EC1BA01EEF52C1B40817DB8A33E8A2378C8482BD09B299E1CBF","gomekmidlodglbbmalcneegieacbdmki":"15E8202B6339812C8877BE995293685AEEAAD09156EEB72627C6125C19D9ED70","hdokiejnpimakedhajhdlcegeplioahd":"268A9A57F0FD3D527C2C1D71C805FDC67A6D6CDF40F36AD5277ABD976C8BBD91","kmendfapggjehodndflmmgagdbamhnfd":"E558A66BCC30F77F65C710CE5841814ABE15839C96D08AC04B727E4D280796E8","lccekmodgklaepjeofjdjpbminllajkg":"D1921B9E19E3034DF3E4CADC10EA87D3FF5A9BF7CC004FFC92618399DCE9D2AA","mfehgcgbbipciphmccgaenjidiccnmng":"C3CAE2B3F42BF50ECD4A1B5540D761EC6587D4E4398E9C281508AA1B2F894A5A","mgndgikekgjfcpckkfioiadnlibdjbkf":"5E09DAC84C3FE115BB36851135A241A808EA0D741C8636DD55F94427ADB337F4","mhjfbmdgcfjbbpaeojofohoefgiehjai":"3D46D69D6FF298CC6CFA9F2B9E69036E175AF6BE22FA124AAC05A739AB0EC3EE","nbpagnldghgfoolbancepceaanlmhfmd":"A2C2FCE17E1D0C313F443193CA0AED1997555BD2CB08EEE528F28323FFAD5EB4","neajdppkdcdipfabeoofebfddakdcjhd":"50BADF548FDDB62F508352EDDD4B0B71457729D3AD84A76890EA704C64584246","nkeimhogjdpnpccoofpliimaahmaaome":"E1180F02FB2647435ACA7CA258CF984F175570097645959A0EA72BAE5A7F11AA","nmmhkkegccagdldgiimedpiccmgmieda":"B48BDDEE6F531868CCF24CE4C24AE34033DE12C7E1A01DD002B6CADF94E3D9B5","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"40EB6059D9AE0CE039BC0C1124A213232FC970B6F2E1F600E6F26A12EC69589C"}},"google":{"services":{"account_id":"D0E6F05972D2BE27961E3BB90FBD521C92F17CFC3DAFA1C404E9CCD958BB890B","last_username":"24279D918FA5F8CC0E2A8F8B482BCE545B189FE778EA29B725220B267E17FFD4","username":"52E2CACCDD5D69CF038D1E06FB0CB5536CF5FE7542474975F383F52D2DA75CF1"}},"homepage":"6756B0465D3F23C1FECC5668FAD21CDBBD79ACF12D909A1EE4C5E60A86A41290","homepage_is_newtabpage":"4542DF9AB41EEBE5203F30C69F00D7500C884121EBF2E2E504FFDD7532689302","pinned_tabs":"94505D91F2A4B1FABEEA23682674D4F0F7FBA57469D6D8B8587A8B90F43CD721","prefs":{"preference_reset_time":"2F77D1C5D057538164BF495C38F59C7C1AC862DD9BC76387D2041BAA37FB0FDB"},"profile":{"reset_prompt_memento":"40EF61054DBC0E0ABAEBF62D9C3C1541F378C3F773EC30E53B74C1FDEA1F1757"},"safebrowsing":{"incidents_sent":"4554586CAB0F862434F96DB5439C8238A0E238CBB902EA3946F1EC6DA2871C8D"},"search_provider_overrides":"253459EB52D7BA941AECA61481A37729B68C074C631E1EAA2EDB70733DCBBCFB","session":{"restore_on_startup":"50F07D8A03BB7978D7AC2182F72FA50BEE6B854390D6E644F7EF6B12B357876D","startup_urls":"1DF887BE9DE73C99DD45AB3A9F4CB81FE51D643254582521100154AE9A833652"},"software_reporter":{"prompt_reason":"4C33FB08630D25012223B0E62954C22F2FEDF2E790766FBF9EAB0B3451B75D24","prompt_seed":"8757DA42CEF0094F3643E8B8BAAA3EFE3521F8D298732927FF63E6A408845BD7","prompt_version":"9FE7F389A707A6BA01E56398744AC25958941154436A5E9CF6C2AE86181BDDE2"},"sync":{"remaining_rollback_tries":"46D4330CB673FEC9C373210E2F823B27CB0BB495DA2FC9AB8B767C2365AF6F18"}},"super_mac":"049FDB11507FE3646C25566B5A9AEA09842CB5C363B7F77675FA3919FAC479B7"}}
 
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.co...={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE8SRC"
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\75DEC8D2BDCC68D40978B3CBEAF8F822 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{692F1413-1249-43CB-726C-57A59C9B4314} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A2AB805D-0F65-2C91-B527-FF10754B7799} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\093b2eed-041b-4c11-8c9d-f8d5f4ad9bdb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\75DEC8D2BDCC68D40978B3CBEAF8F822 deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Speed X8\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Speed X8\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
C:\Users\Speed X8\AppData\Local\Mozilla\Firefox\Profiles\6p4gp8b1.default\cache2 emptied successfully
 
==== Empty Chrome Cache ======================
 
C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=59 folders=48 73482244 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Speed X8\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\SPEEDX~1\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== EOF on 25/08/2015 at 18:35:21.19 ======================

  • 0

#33
Alkalidum
Posted 25 August 2015 - 12:08 PM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

The fresh game install didnt fix it  :upset:


  • 0

#34
pystryker
Posted 25 August 2015 - 05:22 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Hello again :)



I was thinking maybe one of the programs we've installed is causing the cpu problem? I tried disabling Spybot and CCleaner and ran the Hearthstone game again thismorning but the results was still the same, the game almost came to a complete standstill.Or maybe one of the programs has changed one of the games files or settings so ill try uninstall the game and reinstall it to see if that fixes the issue.


Hello :)

Well, the programs I use do not consume hardly any system resources. I'd like to take a look with TDSSKiller and see what it sees. I'd also like to get fresh FRST logs to see if anything is showing after the Zoek run. :thumbsup:


Step 1: TDSSKiller

Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!


Step 2: Fresh FRST Logs
  • Start Farbar's Recovery Scan Tool, place a checkmark in the Addition.txt box and press the Scan button.
  • FRST will scan your system and produce two logs. Please post them in your next reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

TDSSKiller Log

FRST.txt Log

Addition.txt Log
  • 0

#35
Alkalidum
Posted 26 August 2015 - 08:56 AM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Hey,

 

Tried to uninstall CCleaner today because i never use it and noticed its always running in processes, however the uninstall kept failing.

Why am i so bad with computers! :( lol

 

15:40:41.0487 0x1804  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:40:45.0716 0x1804  ============================================================
15:40:45.0716 0x1804  Current date / time: 2015/08/26 15:40:45.0716
15:40:45.0716 0x1804  SystemInfo:
15:40:45.0716 0x1804  
15:40:45.0716 0x1804  OS Version: 6.1.7601 ServicePack: 1.0
15:40:45.0716 0x1804  Product type: Workstation
15:40:45.0716 0x1804  ComputerName: SPEEDX8-PC
15:40:45.0716 0x1804  UserName: Speed X8
15:40:45.0716 0x1804  Windows directory: C:\Windows
15:40:45.0716 0x1804  System windows directory: C:\Windows
15:40:45.0716 0x1804  Running under WOW64
15:40:45.0716 0x1804  Processor architecture: Intel x64
15:40:45.0716 0x1804  Number of processors: 8
15:40:45.0716 0x1804  Page size: 0x1000
15:40:45.0716 0x1804  Boot type: Normal boot
15:40:45.0716 0x1804  ============================================================
15:40:53.0321 0x1804  KLMD registered as C:\Windows\system32\drivers\11565703.sys
15:40:53.0835 0x1804  System UUID: {2E7DC3DF-F5F7-7EE1-318B-9CFAC2C5044E}
15:40:54.0585 0x1804  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3F161, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:40:54.0679 0x1804  ============================================================
15:40:54.0679 0x1804  \Device\Harddisk0\DR0:
15:40:54.0757 0x1804  MBR partitions:
15:40:54.0757 0x1804  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:40:54.0757 0x1804  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
15:40:54.0757 0x1804  ============================================================
15:40:54.0788 0x1804  C: <-> \Device\Harddisk0\DR0\Partition2
15:40:54.0788 0x1804  ============================================================
15:40:54.0788 0x1804  Initialize success
15:40:54.0788 0x1804  ============================================================
15:41:32.0608 0x0454  ============================================================
15:41:32.0608 0x0454  Scan started
15:41:32.0608 0x0454  Mode: Manual; SigCheck; TDLFS; 
15:41:32.0608 0x0454  ============================================================
15:41:32.0608 0x0454  KSN ping started
15:41:46.0125 0x0454  KSN ping finished: true
15:41:51.0947 0x0454  ================ Scan system memory ========================
15:41:51.0947 0x0454  System memory - ok
15:41:51.0947 0x0454  ================ Scan services =============================
15:41:52.0275 0x0454  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:41:52.0400 0x0454  1394ohci - ok
15:41:52.0416 0x0454  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:41:52.0432 0x0454  ACPI - ok
15:41:52.0447 0x0454  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:41:52.0494 0x0454  AcpiPmi - ok
15:41:52.0806 0x0454  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:41:52.0837 0x0454  AdobeFlashPlayerUpdateSvc - ok
15:41:52.0900 0x0454  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:41:52.0962 0x0454  adp94xx - ok
15:41:53.0009 0x0454  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:41:53.0056 0x0454  adpahci - ok
15:41:53.0087 0x0454  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:41:53.0102 0x0454  adpu320 - ok
15:41:53.0180 0x0454  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:41:53.0274 0x0454  AeLookupSvc - ok
15:41:53.0461 0x0454  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:41:53.0508 0x0454  AFD - ok
15:41:53.0555 0x0454  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:41:53.0570 0x0454  agp440 - ok
15:41:53.0602 0x0454  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:41:53.0633 0x0454  ALG - ok
15:41:53.0664 0x0454  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:41:53.0680 0x0454  aliide - ok
15:41:53.0726 0x0454  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:41:53.0758 0x0454  amdide - ok
15:41:53.0789 0x0454  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:41:53.0820 0x0454  AmdK8 - ok
15:41:53.0836 0x0454  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:41:53.0867 0x0454  AmdPPM - ok
15:41:53.0929 0x0454  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:41:53.0945 0x0454  amdsata - ok
15:41:53.0976 0x0454  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:41:54.0007 0x0454  amdsbs - ok
15:41:54.0023 0x0454  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:41:54.0023 0x0454  amdxata - ok
15:41:54.0070 0x0454  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
15:41:54.0179 0x0454  AppID - ok
15:41:54.0210 0x0454  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:41:54.0257 0x0454  AppIDSvc - ok
15:41:54.0304 0x0454  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
15:41:54.0367 0x0454  Appinfo - ok
15:41:54.0492 0x0454  [ F401929EE0CC92BFE7F15161CA535383, 61E1C0630B8BBC65C51121D5DC7F095C59B475F39BB7B0DC68133EF7D9D0A29D ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:41:54.0507 0x0454  Apple Mobile Device - ok
15:41:54.0632 0x0454  [ 6BE11AD81D4527D299F0CB5F3731AABC, 9C01278D3336CD74B9672A2A9EF7AF836CB0E7F2EA5BC310E9ADDD1238B92229 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
15:41:54.0679 0x0454  AppleCharger - ok
15:41:54.0726 0x0454  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:41:54.0741 0x0454  AppleChargerSrv - ok
15:41:54.0773 0x0454  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:41:54.0819 0x0454  arc - ok
15:41:54.0851 0x0454  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:41:54.0882 0x0454  arcsas - ok
15:41:55.0287 0x0454  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:41:55.0319 0x0454  aspnet_state - ok
15:41:55.0443 0x0454  [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
15:41:55.0475 0x0454  aswHwid - ok
15:41:55.0553 0x0454  [ BAAE273BC5F03796D3201E2C91FAF3E0, 83BECDA4D973392D25BFA706E277A67C9E8896ECF14B430B96FFD299D9AA42B8 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
15:41:55.0599 0x0454  aswKbd - ok
15:41:55.0646 0x0454  [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:41:55.0662 0x0454  aswMonFlt - ok
15:41:55.0771 0x0454  [ 6EBBD0E2CF55056DA75B539F6BA8F70E, 26CCDDD1E968196C14408F395FB6F1C10B5E56B70A61BF91D104F1140A63D1D9 ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
15:41:55.0802 0x0454  aswNdisFlt - ok
15:41:55.0849 0x0454  [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:41:55.0896 0x0454  aswRdr - ok
15:41:55.0927 0x0454  [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:41:55.0943 0x0454  aswRvrt - ok
15:41:56.0317 0x0454  [ E0F47617EB31CD205BF68B55CE88862D, EE3ED93E51E310E1D713F8692CF2A61147C0EFCFA465969C04B85DA2E271F3E6 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:41:56.0348 0x0454  aswSnx - ok
15:41:56.0396 0x0454  [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:41:56.0412 0x0454  aswSP - ok
15:41:56.0427 0x0454  [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:41:56.0427 0x0454  aswStm - ok
15:41:56.0443 0x0454  [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:41:56.0458 0x0454  aswVmm - ok
15:41:56.0474 0x0454  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:41:56.0490 0x0454  AsyncMac - ok
15:41:56.0661 0x0454  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:41:56.0677 0x0454  atapi - ok
15:41:56.0786 0x0454  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:41:56.0848 0x0454  AudioEndpointBuilder - ok
15:41:56.0880 0x0454  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:41:56.0895 0x0454  AudioSrv - ok
15:41:57.0051 0x0454  [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:41:57.0067 0x0454  avast! Antivirus - ok
15:41:57.0285 0x0454  [ AF09E0E7239052DDE959F2662C42D94A, 6E4EC06AAACD15502909CB1021362ED686589EEDB490CD7B9DF15C6001ECB2F0 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
15:41:57.0316 0x0454  avast! Firewall - ok
15:41:57.0784 0x0454  [ CCC3FE1DDCCF99633539B3D7681EF7D7, 0C048EDCD22681C82586845B822990FB4A9303B3B1F4161EBA5A6C444EF7C5CC ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
15:41:57.0956 0x0454  AvastVBoxSvc - ok
15:41:58.0034 0x0454  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:41:58.0112 0x0454  AxInstSV - ok
15:41:58.0190 0x0454  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:41:58.0237 0x0454  b06bdrv - ok
15:41:58.0284 0x0454  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:41:58.0330 0x0454  b57nd60a - ok
15:41:58.0362 0x0454  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:41:58.0394 0x0454  BDESVC - ok
15:41:58.0409 0x0454  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:41:58.0472 0x0454  Beep - ok
15:41:58.0534 0x0454  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:41:58.0581 0x0454  BFE - ok
15:41:58.0753 0x0454  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:41:58.0799 0x0454  BITS - ok
15:41:58.0846 0x0454  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:41:58.0877 0x0454  blbdrive - ok
15:41:59.0408 0x0454  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:41:59.0439 0x0454  Bonjour Service - ok
15:41:59.0533 0x0454  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:41:59.0579 0x0454  bowser - ok
15:41:59.0767 0x0454  [ 857D6063204E5EB92E14A36951C02B02, 5D9EEE63163A88F984785140600CE3ED8679D6A7CC441170BFBC1FBE36FD0FA1 ] BRDriver64      C:\programdata\bitraider\BRDriver64.sys
15:41:59.0782 0x0454  BRDriver64 - ok
15:41:59.0847 0x0454  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:41:59.0878 0x0454  BrFiltLo - ok
15:41:59.0894 0x0454  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:41:59.0925 0x0454  BrFiltUp - ok
15:41:59.0972 0x0454  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:42:00.0003 0x0454  Browser - ok
15:42:00.0065 0x0454  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:42:00.0112 0x0454  Brserid - ok
15:42:00.0143 0x0454  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:42:00.0174 0x0454  BrSerWdm - ok
15:42:00.0425 0x0454  [ C05EE13045D4DFF6A3EDB5766D9402B9, 18FBEB6B33E33B8B4641F185AECEBE578C056567C6BA4E8E20926F595125DFE0 ] BRSptSvc        C:\programdata\bitraider\BRSptSvc.exe
15:42:00.0456 0x0454  BRSptSvc - ok
15:42:00.0487 0x0454  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:42:00.0503 0x0454  BrUsbMdm - ok
15:42:00.0519 0x0454  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:42:00.0550 0x0454  BrUsbSer - ok
15:42:00.0586 0x0454  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:42:00.0617 0x0454  BTHMODEM - ok
15:42:00.0648 0x0454  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:42:00.0680 0x0454  bthserv - ok
15:42:00.0945 0x0454  [ A8AD33C9DD88C810CAC00ACC7F4329FB, 59A476A39E5B03E740B9ED0BC43A41663BC65BBDCDDF030215432238482287FE ] ccSet_NST       C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
15:42:00.0992 0x0454  ccSet_NST - ok
15:42:01.0054 0x0454  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:42:01.0148 0x0454  cdfs - ok
15:42:01.0413 0x0454  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:42:01.0475 0x0454  cdrom - ok
15:42:01.0506 0x0454  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:42:01.0569 0x0454  CertPropSvc - ok
15:42:01.0631 0x0454  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:42:01.0647 0x0454  circlass - ok
15:42:01.0662 0x0454  [ 125327DF629324FAD78D9A95CCD0F425, 80ABD22F2710BF3357CD842371B863C69637519BB43E635FB67239E231A3B5DC ] CLBStor         C:\Windows\system32\DRIVERS\CLBStor.sys
15:42:01.0694 0x0454  CLBStor - ok
15:42:01.0725 0x0454  [ 9C0CD75FEA24E7E0E835EEE7F14406F7, EA156208A6A4E29882EAA7F47F2B4F9506244E01A0B9A9670C00A4681C0DB1C6 ] CLBUDF          C:\Windows\system32\drivers\CLBUDF.sys
15:42:01.0740 0x0454  CLBUDF - ok
15:42:01.0943 0x0454  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:42:01.0959 0x0454  CLFS - ok
15:42:02.0068 0x0454  [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
15:42:02.0099 0x0454  CLKMSVC10_9EC60124 - ok
15:42:02.0193 0x0454  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:42:02.0208 0x0454  clr_optimization_v2.0.50727_32 - ok
15:42:02.0286 0x0454  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:42:02.0380 0x0454  clr_optimization_v2.0.50727_64 - ok
15:42:02.0459 0x0454  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:42:02.0475 0x0454  clr_optimization_v4.0.30319_32 - ok
15:42:02.0521 0x0454  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:42:02.0537 0x0454  clr_optimization_v4.0.30319_64 - ok
15:42:02.0615 0x0454  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:42:02.0646 0x0454  CmBatt - ok
15:42:02.0693 0x0454  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:42:02.0709 0x0454  cmdide - ok
15:42:02.0771 0x0454  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
15:42:02.0833 0x0454  CNG - ok
15:42:02.0943 0x0454  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:42:02.0958 0x0454  Compbatt - ok
15:42:03.0083 0x0454  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:42:03.0161 0x0454  CompositeBus - ok
15:42:03.0161 0x0454  COMSysApp - ok
15:42:03.0177 0x0454  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:42:03.0192 0x0454  crcdisk - ok
15:42:03.0255 0x0454  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:42:03.0333 0x0454  CryptSvc - ok
15:42:03.0473 0x0454  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:42:03.0582 0x0454  DcomLaunch - ok
15:42:03.0723 0x0454  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:42:03.0785 0x0454  defragsvc - ok
15:42:04.0035 0x0454  [ 2B9A817DC1BDAD9CE5495099B6A7136A, 6D040069C6CD249A4113E4BDD16658D02685F6018F804654934A03F5E2D161A8 ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
15:42:04.0050 0x0454  Desura Install Service - ok
15:42:04.0097 0x0454  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:42:04.0175 0x0454  DfsC - ok
15:42:04.0253 0x0454  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:42:04.0300 0x0454  Dhcp - ok
15:42:04.0441 0x0454  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:42:04.0504 0x0454  DiagTrack - ok
15:42:04.0535 0x0454  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:42:04.0597 0x0454  discache - ok
15:42:04.0660 0x0454  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:42:04.0675 0x0454  Disk - ok
15:42:04.0706 0x0454  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:42:04.0738 0x0454  Dnscache - ok
15:42:04.0753 0x0454  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:42:04.0831 0x0454  dot3svc - ok
15:42:04.0909 0x0454  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:42:04.0972 0x0454  DPS - ok
15:42:05.0143 0x0454  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:42:05.0284 0x0454  drmkaud - ok
15:42:05.0502 0x0454  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:42:05.0611 0x0454  DXGKrnl - ok
15:42:05.0736 0x0454  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:42:05.0767 0x0454  EapHost - ok
15:42:06.0032 0x0454  EasyAntiCheat - ok
15:42:06.0439 0x0454  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:42:06.0642 0x0454  ebdrv - ok
15:42:06.0673 0x0454  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS             C:\Windows\System32\lsass.exe
15:42:06.0720 0x0454  EFS - ok
15:42:07.0001 0x0454  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:42:07.0032 0x0454  ehRecvr - ok
15:42:07.0063 0x0454  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:42:07.0063 0x0454  ehSched - ok
15:42:07.0110 0x0454  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:42:07.0125 0x0454  elxstor - ok
15:42:07.0141 0x0454  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:42:07.0172 0x0454  ErrDev - ok
15:42:07.0344 0x0454  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:42:07.0406 0x0454  EventSystem - ok
15:42:07.0469 0x0454  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:42:07.0531 0x0454  exfat - ok
15:42:07.0547 0x0454  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:42:07.0578 0x0454  fastfat - ok
15:42:07.0609 0x0454  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:42:07.0656 0x0454  Fax - ok
15:42:07.0671 0x0454  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:42:07.0687 0x0454  fdc - ok
15:42:07.0703 0x0454  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:42:07.0749 0x0454  fdPHost - ok
15:42:07.0827 0x0454  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:42:07.0937 0x0454  FDResPub - ok
15:42:07.0968 0x0454  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:42:07.0968 0x0454  FileInfo - ok
15:42:07.0983 0x0454  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:42:08.0015 0x0454  Filetrace - ok
15:42:08.0046 0x0454  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:42:08.0077 0x0454  flpydisk - ok
15:42:08.0108 0x0454  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:42:08.0155 0x0454  FltMgr - ok
15:42:08.0295 0x0454  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
15:42:08.0327 0x0454  FontCache - ok
15:42:08.0530 0x0454  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:42:08.0562 0x0454  FontCache3.0.0.0 - ok
15:42:08.0796 0x0454  [ 26EABEEA7F30DCF21DA0577C4EE26FAA, 20C3CD2579ED6853249B1EAEF23DF2904779BA2E806D00C30F81EA9A1612AE0F ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
15:42:08.0796 0x0454  FoxitCloudUpdateService - ok
15:42:08.0905 0x0454  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:42:08.0952 0x0454  FsDepends - ok
15:42:09.0014 0x0454  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:42:09.0030 0x0454  Fs_Rec - ok
15:42:09.0154 0x0454  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:42:09.0170 0x0454  fvevol - ok
15:42:09.0201 0x0454  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:42:09.0232 0x0454  gagp30kx - ok
15:42:09.0326 0x0454  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
15:42:09.0373 0x0454  gdrv - ok
15:42:09.0482 0x0454  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:42:09.0498 0x0454  GEARAspiWDM - ok
15:42:09.0622 0x0454  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:42:09.0654 0x0454  GfExperienceService - ok
15:42:09.0872 0x0454  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:42:09.0919 0x0454  gpsvc - ok
15:42:10.0090 0x0454  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:10.0106 0x0454  gupdate - ok
15:42:10.0418 0x0454  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:42:10.0434 0x0454  gupdatem - ok
15:42:10.0481 0x0454  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
15:42:10.0544 0x0454  GVTDrv64 - ok
15:42:10.0575 0x0454  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
15:42:10.0606 0x0454  hamachi - ok
15:42:10.0965 0x0454  [ 2ADED86ED9B92885378467CFEE9ABE8F, 78703B6E51C5E7DCFFBA9F15C404DB2A0054FE8F2F92B7AD470B08498995712A ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:42:11.0012 0x0454  Hamachi2Svc - ok
15:42:11.0074 0x0454  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:42:11.0137 0x0454  hcw85cir - ok
15:42:11.0324 0x0454  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:42:11.0355 0x0454  HdAudAddService - ok
15:42:11.0464 0x0454  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:42:11.0495 0x0454  HDAudBus - ok
15:42:11.0511 0x0454  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:42:11.0542 0x0454  HidBatt - ok
15:42:11.0558 0x0454  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:42:11.0605 0x0454  HidBth - ok
15:42:11.0636 0x0454  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:42:11.0698 0x0454  HidIr - ok
15:42:11.0745 0x0454  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:42:11.0792 0x0454  hidserv - ok
15:42:11.0948 0x0454  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:42:11.0979 0x0454  HidUsb - ok
15:42:12.0041 0x0454  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:42:12.0104 0x0454  hkmsvc - ok
15:42:12.0166 0x0454  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:42:12.0229 0x0454  HomeGroupListener - ok
15:42:12.0307 0x0454  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:42:12.0369 0x0454  HomeGroupProvider - ok
15:42:12.0495 0x0454  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:42:12.0510 0x0454  HpSAMD - ok
15:42:12.0588 0x0454  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:42:12.0620 0x0454  HTTP - ok
15:42:12.0713 0x0454  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:42:12.0729 0x0454  hwpolicy - ok
15:42:12.0791 0x0454  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:42:12.0822 0x0454  i8042prt - ok
15:42:12.0869 0x0454  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:42:12.0900 0x0454  iaStorV - ok
15:42:12.0932 0x0454  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:42:12.0947 0x0454  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:42:15.0399 0x0454  Detect skipped due to KSN trusted
15:42:15.0399 0x0454  IDriverT - ok
15:42:15.0555 0x0454  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:42:15.0602 0x0454  idsvc - ok
15:42:15.0633 0x0454  IEEtwCollectorService - ok
15:42:15.0665 0x0454  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:42:15.0696 0x0454  iirsp - ok
15:42:15.0930 0x0454  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:42:15.0992 0x0454  IKEEXT - ok
15:42:16.0508 0x0454  [ 392D5C87F282E8E36DF5154418A7BB20, 9E5BFF3F339401E88F26AC558451EA51A457B82BE0E51AE266FC4448F5AA6565 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:42:16.0570 0x0454  IntcAzAudAddService - ok
15:42:16.0726 0x0454  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:42:16.0773 0x0454  intelide - ok
15:42:16.0836 0x0454  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:42:16.0882 0x0454  intelppm - ok
15:42:16.0945 0x0454  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:42:17.0023 0x0454  IPBusEnum - ok
15:42:17.0054 0x0454  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:42:17.0163 0x0454  IpFilterDriver - ok
15:42:17.0272 0x0454  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:42:17.0335 0x0454  iphlpsvc - ok
15:42:17.0382 0x0454  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:42:17.0413 0x0454  IPMIDRV - ok
15:42:17.0460 0x0454  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:42:17.0491 0x0454  IPNAT - ok
15:42:17.0600 0x0454  [ A9AB99EE7D39725EAFEC82732D2B3271, 962F231608C36BA0B2EAE5981BB9BAC85B6CAA3A5F656D786B97D9B421A831A6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:42:17.0647 0x0454  iPod Service - ok
15:42:17.0678 0x0454  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:42:17.0709 0x0454  IRENUM - ok
15:42:17.0725 0x0454  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:42:17.0725 0x0454  isapnp - ok
15:42:17.0787 0x0454  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:42:17.0803 0x0454  iScsiPrt - ok
15:42:17.0818 0x0454  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:42:17.0834 0x0454  kbdclass - ok
15:42:17.0850 0x0454  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:42:17.0896 0x0454  kbdhid - ok
15:42:17.0959 0x0454  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso          C:\Windows\system32\lsass.exe
15:42:17.0974 0x0454  KeyIso - ok
15:42:18.0006 0x0454  [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:42:18.0021 0x0454  KSecDD - ok
15:42:18.0115 0x0454  [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:42:18.0208 0x0454  KSecPkg - ok
15:42:18.0240 0x0454  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:42:18.0286 0x0454  ksthunk - ok
15:42:18.0364 0x0454  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:42:18.0427 0x0454  KtmRm - ok
15:42:18.0521 0x0454  [ 173666119D217E3739205C169E2BF0E5, 19F6E5B4496DB4151A6C68F58C42E73361D24F6D56FF9F375015515BF36B0309 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:42:18.0568 0x0454  L1C - ok
15:42:18.0662 0x0454  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:42:18.0693 0x0454  LanmanServer - ok
15:42:18.0724 0x0454  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:42:18.0771 0x0454  LanmanWorkstation - ok
15:42:18.0818 0x0454  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:42:18.0849 0x0454  LHidFilt - ok
15:42:18.0880 0x0454  libusb0 - ok
15:42:18.0896 0x0454  libusbd - ok
15:42:19.0099 0x0454  [ FA4A45C179AB0E0F1A31B9751D4B18D7, 4356777C2608A65185C9CB8243F071EC9E11BCD152E0C0ACDE25B6BCFD75A7F4 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:42:19.0130 0x0454  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
15:42:21.0596 0x0454  Detect skipped due to KSN trusted
15:42:21.0596 0x0454  LightScribeService - ok
15:42:21.0783 0x0454  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:42:21.0845 0x0454  lltdio - ok
15:42:21.0876 0x0454  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:42:21.0939 0x0454  lltdsvc - ok
15:42:22.0095 0x0454  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:42:22.0126 0x0454  lmhosts - ok
15:42:22.0344 0x0454  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
15:42:22.0360 0x0454  LMIGuardianSvc - ok
15:42:22.0391 0x0454  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:42:22.0438 0x0454  LMouFilt - ok
15:42:22.0500 0x0454  [ 0803906D607A9B83184447B75B60ECC2, A7A599C4CEDD4AC4196A558442E80B4F852AF6C6104A53C8819A79AA5D388DE8 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:42:22.0516 0x0454  LMS - ok
15:42:22.0611 0x0454  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:42:22.0626 0x0454  LSI_FC - ok
15:42:22.0657 0x0454  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:42:22.0673 0x0454  LSI_SAS - ok
15:42:22.0689 0x0454  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:42:22.0689 0x0454  LSI_SAS2 - ok
15:42:22.0704 0x0454  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:42:22.0735 0x0454  LSI_SCSI - ok
15:42:22.0767 0x0454  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:42:22.0798 0x0454  luafv - ok
15:42:22.0829 0x0454  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:42:22.0845 0x0454  MBAMProtector - ok
15:42:23.0063 0x0454  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Users\Speed X8\Desktop\Malwarebytes Anti-Malware\mbamservice.exe
15:42:23.0094 0x0454  MBAMService - ok
15:42:23.0125 0x0454  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:42:23.0141 0x0454  MBAMWebAccessControl - ok
15:42:23.0172 0x0454  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:42:23.0203 0x0454  Mcx2Svc - ok
15:42:23.0235 0x0454  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:42:23.0250 0x0454  megasas - ok
15:42:23.0297 0x0454  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:42:23.0344 0x0454  MegaSR - ok
15:42:23.0391 0x0454  [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:42:23.0422 0x0454  MEIx64 - ok
15:42:23.0531 0x0454  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:42:23.0640 0x0454  MMCSS - ok
15:42:23.0687 0x0454  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:42:23.0765 0x0454  Modem - ok
15:42:23.0827 0x0454  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:42:23.0859 0x0454  monitor - ok
15:42:23.0921 0x0454  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
15:42:23.0952 0x0454  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
15:42:26.0434 0x0454  Detect skipped due to KSN trusted
15:42:26.0434 0x0454  MotioninJoyXFilter - ok
15:42:26.0558 0x0454  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:42:26.0606 0x0454  mouclass - ok
15:42:26.0637 0x0454  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:42:26.0669 0x0454  mouhid - ok
15:42:26.0793 0x0454  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:42:26.0871 0x0454  mountmgr - ok
15:42:27.0027 0x0454  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:42:27.0043 0x0454  MozillaMaintenance - ok
15:42:27.0059 0x0454  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:42:27.0074 0x0454  mpio - ok
15:42:27.0090 0x0454  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:42:27.0137 0x0454  mpsdrv - ok
15:42:27.0371 0x0454  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:42:27.0495 0x0454  MpsSvc - ok
15:42:27.0527 0x0454  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:42:27.0573 0x0454  MRxDAV - ok
15:42:27.0714 0x0454  [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:42:27.0792 0x0454  mrxsmb - ok
15:42:27.0839 0x0454  [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:42:27.0870 0x0454  mrxsmb10 - ok
15:42:27.0917 0x0454  [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:42:27.0963 0x0454  mrxsmb20 - ok
15:42:28.0026 0x0454  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:42:28.0057 0x0454  msahci - ok
15:42:28.0151 0x0454  [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
15:42:28.0166 0x0454  MSCamSvc - ok
15:42:28.0244 0x0454  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:42:28.0260 0x0454  msdsm - ok
15:42:28.0291 0x0454  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:42:28.0353 0x0454  MSDTC - ok
15:42:28.0478 0x0454  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:42:28.0541 0x0454  Msfs - ok
15:42:28.0666 0x0454  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:42:28.0713 0x0454  mshidkmdf - ok
15:42:28.0744 0x0454  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:42:28.0760 0x0454  msisadrv - ok
15:42:28.0791 0x0454  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:42:28.0822 0x0454  MSiSCSI - ok
15:42:28.0822 0x0454  msiserver - ok
15:42:28.0869 0x0454  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:42:28.0900 0x0454  MSKSSRV - ok
15:42:28.0932 0x0454  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:42:29.0025 0x0454  MSPCLOCK - ok
15:42:29.0103 0x0454  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:42:29.0150 0x0454  MSPQM - ok
15:42:29.0306 0x0454  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:42:29.0368 0x0454  MsRPC - ok
15:42:29.0415 0x0454  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:42:29.0431 0x0454  mssmbios - ok
15:42:29.0509 0x0454  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:42:29.0587 0x0454  MSTEE - ok
15:42:29.0618 0x0454  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:42:29.0634 0x0454  MTConfig - ok
15:42:29.0665 0x0454  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:42:29.0665 0x0454  Mup - ok
15:42:29.0727 0x0454  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:42:29.0805 0x0454  napagent - ok
15:42:29.0852 0x0454  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:42:29.0868 0x0454  NativeWifiP - ok
15:42:30.0213 0x0454  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:42:30.0260 0x0454  NDIS - ok
15:42:30.0322 0x0454  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:42:30.0369 0x0454  NdisCap - ok
15:42:30.0416 0x0454  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:42:30.0462 0x0454  NdisTapi - ok
15:42:30.0478 0x0454  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:42:30.0494 0x0454  Ndisuio - ok
15:42:30.0509 0x0454  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:42:30.0540 0x0454  NdisWan - ok
15:42:30.0540 0x0454  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:42:30.0556 0x0454  NDProxy - ok
15:42:30.0572 0x0454  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:42:30.0604 0x0454  NetBIOS - ok
15:42:30.0668 0x0454  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:42:30.0777 0x0454  NetBT - ok
15:42:30.0793 0x0454  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon        C:\Windows\system32\lsass.exe
15:42:30.0809 0x0454  Netlogon - ok
15:42:30.0933 0x0454  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:42:30.0996 0x0454  Netman - ok
15:42:31.0183 0x0454  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:31.0230 0x0454  NetMsmqActivator - ok
15:42:31.0323 0x0454  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:31.0339 0x0454  NetPipeActivator - ok
15:42:31.0448 0x0454  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:42:31.0495 0x0454  netprofm - ok
15:42:31.0635 0x0454  [ C32CBA363C0308AC69DA5AFB62C96FDB, 448EA7A0A2BF739C369F81EFDC76F7484F507D8035D3C8966F6FE30C1DB59989 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
15:42:31.0760 0x0454  netr28ux - ok
15:42:31.0776 0x0454  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:31.0791 0x0454  NetTcpActivator - ok
15:42:31.0807 0x0454  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:42:31.0823 0x0454  NetTcpPortSharing - ok
15:42:31.0885 0x0454  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:42:31.0916 0x0454  nfrd960 - ok
15:42:31.0947 0x0454  [ C88EB6EA6819740B97DECE3E6FD1C7BA, E37E3E07F9D0778913DDABAA8957626DFA81D8370DFA931D48AB53B1838B0D7B ] ngvss           C:\Windows\system32\drivers\ngvss.sys
15:42:31.0979 0x0454  ngvss - ok
15:42:32.0041 0x0454  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:42:32.0088 0x0454  NlaSvc - ok
15:42:32.0228 0x0454  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
15:42:32.0275 0x0454  NPF - ok
15:42:32.0322 0x0454  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:42:32.0400 0x0454  Npfs - ok
15:42:32.0462 0x0454  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:42:32.0571 0x0454  nsi - ok
15:42:32.0650 0x0454  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:42:32.0682 0x0454  nsiproxy - ok
15:42:32.0682 0x0454  NSL - ok
15:42:33.0212 0x0454  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:42:33.0274 0x0454  Ntfs - ok
15:42:33.0290 0x0454  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:42:33.0321 0x0454  Null - ok
15:42:33.0384 0x0454  [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:42:33.0430 0x0454  NVHDA - ok
15:42:33.0930 0x0454  [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:42:34.0273 0x0454  nvlddmkm - ok
15:42:34.0600 0x0454  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:42:34.0648 0x0454  NvNetworkService - ok
15:42:34.0757 0x0454  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:42:34.0882 0x0454  nvraid - ok
15:42:34.0929 0x0454  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:42:34.0960 0x0454  nvstor - ok
15:42:35.0085 0x0454  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:42:35.0101 0x0454  NvStreamKms - ok
15:42:35.0132 0x0454  NvStreamSvc - ok
15:42:35.0210 0x0454  [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] NVSvc           C:\Windows\system32\nvvsvc.exe
15:42:35.0272 0x0454  NVSvc - ok
15:42:35.0319 0x0454  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:42:35.0350 0x0454  nvvad_WaveExtensible - ok
15:42:35.0397 0x0454  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:42:35.0413 0x0454  nv_agp - ok
15:42:35.0428 0x0454  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:42:35.0444 0x0454  ohci1394 - ok
15:42:35.0491 0x0454  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:42:35.0506 0x0454  ose - ok
15:42:35.0553 0x0454  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:42:35.0600 0x0454  p2pimsvc - ok
15:42:35.0647 0x0454  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:42:35.0678 0x0454  p2psvc - ok
15:42:36.0458 0x0454  [ 9D14AD63376E9B80D4987DAB78B62E21, BB18903455721564D6C8A9CB084A24299B3E013F19F5CDCE01F8A1F7D36AA97B ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
15:42:36.0567 0x0454  PaceLicenseDServices - detected UnsignedFile.Multi.Generic ( 1 )
15:42:39.0533 0x0454  PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - warning
15:42:42.0061 0x0454  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:42:42.0092 0x0454  Parport - ok
15:42:42.0139 0x0454  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:42:42.0170 0x0454  partmgr - ok
15:42:42.0233 0x0454  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:42:42.0280 0x0454  PcaSvc - ok
15:42:42.0342 0x0454  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:42:42.0373 0x0454  pci - ok
15:42:42.0498 0x0454  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:42:42.0514 0x0454  pciide - ok
15:42:42.0545 0x0454  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:42:42.0560 0x0454  pcmcia - ok
15:42:42.0592 0x0454  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:42:42.0607 0x0454  pcw - ok
15:42:42.0654 0x0454  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:42:42.0702 0x0454  PEAUTH - ok
15:42:42.0827 0x0454  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:42:42.0889 0x0454  PerfHost - ok
15:42:42.0998 0x0454  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:42:43.0139 0x0454  pla - ok
15:42:43.0310 0x0454  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:42:43.0404 0x0454  PlugPlay - ok
15:42:43.0466 0x0454  PnkBstrA - ok
15:42:43.0482 0x0454  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:42:43.0529 0x0454  PNRPAutoReg - ok
15:42:43.0653 0x0454  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:42:43.0685 0x0454  PNRPsvc - ok
15:42:43.0920 0x0454  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:42:43.0966 0x0454  PolicyAgent - ok
15:42:44.0076 0x0454  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:42:44.0138 0x0454  Power - ok
15:42:44.0202 0x0454  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:42:44.0265 0x0454  PptpMiniport - ok
15:42:44.0280 0x0454  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:42:44.0296 0x0454  Processor - ok
15:42:44.0436 0x0454  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:42:44.0561 0x0454  ProfSvc - ok
15:42:44.0608 0x0454  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:42:44.0624 0x0454  ProtectedStorage - ok
15:42:44.0749 0x0454  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:42:44.0859 0x0454  Psched - ok
15:42:44.0952 0x0454  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:42:45.0046 0x0454  ql2300 - ok
15:42:45.0093 0x0454  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:42:45.0124 0x0454  ql40xx - ok
15:42:45.0171 0x0454  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:42:45.0233 0x0454  QWAVE - ok
15:42:45.0295 0x0454  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:42:45.0311 0x0454  QWAVEdrv - ok
15:42:45.0514 0x0454  [ E5F568414F32873E6EC9FD97F9EE980C, 7B360B2FB8CE6BB8FEED996FD45F209C00828C507908884369ED1100CF0E2B7A ] RalinkRegistryWriter C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
15:42:45.0529 0x0454  RalinkRegistryWriter - ok
15:42:45.0592 0x0454  [ FFB6C1E16FF8772F62693A3DCA731F8F, 558F13D44E3F6DD0028D129F0AC1B9B529052951671317F839CBAE9A33877377 ] RalinkRegistryWriter64 C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
15:42:45.0607 0x0454  RalinkRegistryWriter64 - ok
15:42:45.0654 0x0454  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:42:45.0732 0x0454  RasAcd - ok
15:42:45.0841 0x0454  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:42:45.0888 0x0454  RasAgileVpn - ok
15:42:46.0013 0x0454  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:42:46.0091 0x0454  RasAuto - ok
15:42:46.0138 0x0454  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:42:46.0216 0x0454  Rasl2tp - ok
15:42:46.0278 0x0454  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:42:46.0325 0x0454  RasMan - ok
15:42:46.0341 0x0454  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:42:46.0372 0x0454  RasPppoe - ok
15:42:46.0419 0x0454  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:42:46.0450 0x0454  RasSstp - ok
15:42:46.0543 0x0454  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:42:46.0621 0x0454  rdbss - ok
15:42:46.0653 0x0454  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:42:46.0684 0x0454  rdpbus - ok
15:42:46.0716 0x0454  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:42:46.0747 0x0454  RDPCDD - ok
15:42:46.0763 0x0454  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:42:46.0794 0x0454  RDPENCDD - ok
15:42:46.0794 0x0454  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:42:46.0841 0x0454  RDPREFMP - ok
15:42:46.0919 0x0454  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:42:46.0997 0x0454  RDPWD - ok
15:42:47.0090 0x0454  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:42:47.0137 0x0454  rdyboost - ok
15:42:47.0184 0x0454  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:42:47.0262 0x0454  RemoteAccess - ok
15:42:47.0402 0x0454  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:42:47.0496 0x0454  RemoteRegistry - ok
15:42:47.0605 0x0454  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
15:42:47.0636 0x0454  rpcapd - ok
15:42:47.0699 0x0454  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:42:47.0903 0x0454  RpcEptMapper - ok
15:42:47.0996 0x0454  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:42:48.0090 0x0454  RpcLocator - ok
15:42:48.0168 0x0454  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:42:48.0199 0x0454  RpcSs - ok
15:42:48.0355 0x0454  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:42:48.0417 0x0454  rspndr - ok
15:42:48.0433 0x0454  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs           C:\Windows\system32\lsass.exe
15:42:48.0449 0x0454  SamSs - ok
15:42:48.0464 0x0454  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:42:48.0511 0x0454  sbp2port - ok
15:42:48.0542 0x0454  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:42:48.0636 0x0454  SCardSvr - ok
15:42:48.0683 0x0454  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:42:48.0762 0x0454  scfilter - ok
15:42:48.0902 0x0454  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:42:48.0949 0x0454  Schedule - ok
15:42:48.0996 0x0454  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:42:49.0042 0x0454  SCPolicySvc - ok
15:42:49.0120 0x0454  [ AD7189E85A0801DE0507C610963A3CD0, 0AA9F3C9D252624CC62EC95FD910C6911E136DD3E66159CEB9857BC7AB70FAA2 ] ScpVBus         C:\Windows\system32\DRIVERS\ScpVBus.sys
15:42:49.0136 0x0454  ScpVBus - ok
15:42:49.0152 0x0454  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:42:49.0230 0x0454  SDRSVC - ok
15:42:49.0808 0x0454  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
15:42:49.0839 0x0454  SDScannerService - ok
15:42:50.0416 0x0454  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:42:50.0447 0x0454  SDUpdateService - ok
15:42:50.0494 0x0454  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:42:50.0525 0x0454  SDWSCService - ok
15:42:50.0557 0x0454  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:42:50.0619 0x0454  secdrv - ok
15:42:50.0728 0x0454  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:42:50.0760 0x0454  seclogon - ok
15:42:50.0776 0x0454  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:42:50.0838 0x0454  SENS - ok
15:42:50.0854 0x0454  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:42:50.0885 0x0454  SensrSvc - ok
15:42:50.0932 0x0454  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:42:50.0948 0x0454  Serenum - ok
15:42:50.0963 0x0454  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:42:50.0994 0x0454  Serial - ok
15:42:51.0026 0x0454  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:42:51.0072 0x0454  sermouse - ok
15:42:51.0119 0x0454  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:42:51.0275 0x0454  SessionEnv - ok
15:42:51.0338 0x0454  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:42:51.0353 0x0454  sffdisk - ok
15:42:51.0369 0x0454  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:42:51.0556 0x0454  sffp_mmc - ok
15:42:51.0556 0x0454  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:42:51.0791 0x0454  sffp_sd - ok
15:42:51.0822 0x0454  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:42:51.0885 0x0454  sfloppy - ok
15:42:52.0041 0x0454  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:42:52.0150 0x0454  SharedAccess - ok
15:42:52.0290 0x0454  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:42:52.0353 0x0454  ShellHWDetection - ok
15:42:52.0399 0x0454  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:42:52.0415 0x0454  SiSRaid2 - ok
15:42:52.0431 0x0454  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:42:52.0431 0x0454  SiSRaid4 - ok
15:42:52.0571 0x0454  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:42:52.0602 0x0454  SkypeUpdate - ok
15:42:52.0727 0x0454  [ 101556F6216E97F1258D87C38203695F, 49506CC2BB4630EB016CE806B3FFEDA183D17D16FFD04FC5A7850E5660C0C1E2 ] Smart TimeLock  C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
15:42:52.0743 0x0454  Smart TimeLock - detected UnsignedFile.Multi.Generic ( 1 )
15:43:02.0745 0x0454  Smart TimeLock ( UnsignedFile.Multi.Generic ) - warning
15:43:05.0336 0x0454  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:43:05.0383 0x0454  Smb - ok
15:43:05.0430 0x0454  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:43:05.0461 0x0454  SNMPTRAP - ok
15:43:05.0508 0x0454  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:43:05.0523 0x0454  spldr - ok
15:43:05.0664 0x0454  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:43:05.0804 0x0454  Spooler - ok
15:43:06.0272 0x0454  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:43:06.0444 0x0454  sppsvc - ok
15:43:06.0506 0x0454  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:43:06.0569 0x0454  sppuinotify - ok
15:43:06.0740 0x0454  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:43:06.0787 0x0454  srv - ok
15:43:06.0850 0x0454  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:43:06.0882 0x0454  srv2 - ok
15:43:06.0928 0x0454  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:43:06.0944 0x0454  srvnet - ok
15:43:06.0991 0x0454  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:43:07.0022 0x0454  SSDPSRV - ok
15:43:07.0100 0x0454  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:43:07.0131 0x0454  SstpSvc - ok
15:43:07.0552 0x0454  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:43:07.0568 0x0454  Steam Client Service - ok
15:43:08.0317 0x0454  [ C64C157B167FE562E8670984E72C25FA, 9302C82A75CA65515297B72F3A6230307AAE0B14FD8C9C7FA343F7B62E5ED376 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:43:08.0364 0x0454  Stereo Service - ok
15:43:08.0691 0x0454  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:43:08.0722 0x0454  stexstor - ok
15:43:08.0883 0x0454  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:43:09.0054 0x0454  stisvc - ok
15:43:09.0086 0x0454  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:43:09.0148 0x0454  swenum - ok
15:43:09.0257 0x0454  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:43:09.0288 0x0454  swprv - ok
15:43:09.0616 0x0454  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:43:09.0788 0x0454  SysMain - ok
15:43:09.0819 0x0454  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:43:09.0912 0x0454  TabletInputService - ok
15:43:10.0006 0x0454  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
15:43:10.0037 0x0454  tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
15:43:12.0487 0x0454  Detect skipped due to KSN trusted
15:43:12.0487 0x0454  tap0901t - ok
15:43:12.0519 0x0454  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:43:12.0581 0x0454  TapiSrv - ok
15:43:12.0628 0x0454  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:43:12.0659 0x0454  TBS - ok
15:43:12.0956 0x0454  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:43:13.0019 0x0454  Tcpip - ok
15:43:13.0144 0x0454  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:43:13.0175 0x0454  TCPIP6 - ok
15:43:13.0206 0x0454  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:43:13.0253 0x0454  tcpipreg - ok
15:43:13.0284 0x0454  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:43:13.0378 0x0454  TDPIPE - ok
15:43:13.0440 0x0454  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:43:13.0502 0x0454  TDTCP - ok
15:43:13.0565 0x0454  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:43:13.0612 0x0454  tdx - ok
15:43:13.0690 0x0454  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:43:13.0721 0x0454  TermDD - ok
15:43:13.0939 0x0454  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:43:13.0970 0x0454  TermService - ok
15:43:13.0986 0x0454  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:43:14.0033 0x0454  Themes - ok
15:43:14.0111 0x0454  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:43:14.0142 0x0454  THREADORDER - ok
15:43:14.0347 0x0454  [ 5523B0E188BA1ACC00183F2187B04EAD, AEC3453FBFE48DF3980B68CF172CBEB7253CBBD3F253F0588DBB1FDB4EA0F389 ] Tpkd            C:\Windows\system32\drivers\Tpkd.sys
15:43:14.0378 0x0454  Tpkd - ok
15:43:14.0409 0x0454  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:43:14.0534 0x0454  TrkWks - ok
15:43:14.0596 0x0454  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:43:14.0690 0x0454  TrustedInstaller - ok
15:43:14.0737 0x0454  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:43:14.0987 0x0454  tssecsrv - ok
15:43:15.0128 0x0454  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:43:15.0221 0x0454  TsUsbFlt - ok
15:43:15.0268 0x0454  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:43:15.0331 0x0454  TsUsbGD - ok
15:43:15.0393 0x0454  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:43:15.0440 0x0454  tunnel - ok
15:43:15.0861 0x0454  [ ADF0BC359B3959ECBF4141EC1F2E0DD4, 3A2EAA7C4D8D8941013FAEF5EF26F2D654692326200BC124893B70580246C32F ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
15:43:15.0956 0x0454  TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
15:43:18.0422 0x0454  Detect skipped due to KSN trusted
15:43:18.0422 0x0454  TunngleService - ok
15:43:18.0485 0x0454  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:43:18.0532 0x0454  uagp35 - ok
15:43:18.0610 0x0454  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:43:18.0672 0x0454  udfs - ok
15:43:18.0719 0x0454  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:43:18.0766 0x0454  UI0Detect - ok
15:43:18.0812 0x0454  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:43:18.0828 0x0454  uliagpkx - ok
15:43:18.0875 0x0454  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:43:18.0890 0x0454  umbus - ok
15:43:18.0890 0x0454  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:43:18.0927 0x0454  UmPass - ok
15:43:19.0270 0x0454  [ EB79C6C91A99930015EF29AE7FA802D1, 96D00BA330854C7763BF385D84D47C3D1B87C4085A91D73B558C86829930DC4B ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:43:19.0379 0x0454  UNS - ok
15:43:19.0504 0x0454  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:43:19.0566 0x0454  upnphost - ok
15:43:19.0738 0x0454  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:43:19.0800 0x0454  USBAAPL64 - ok
15:43:19.0894 0x0454  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:43:19.0956 0x0454  usbaudio - ok
15:43:20.0034 0x0454  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:43:20.0065 0x0454  usbccgp - ok
15:43:20.0097 0x0454  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:43:20.0128 0x0454  usbcir - ok
15:43:20.0315 0x0454  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:43:20.0362 0x0454  usbehci - ok
15:43:20.0440 0x0454  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:43:20.0502 0x0454  usbhub - ok
15:43:20.0549 0x0454  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:43:20.0580 0x0454  usbohci - ok
15:43:20.0596 0x0454  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:43:20.0611 0x0454  usbprint - ok
15:43:20.0721 0x0454  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:43:20.0830 0x0454  USBSTOR - ok
15:43:20.0861 0x0454  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:43:20.0877 0x0454  usbuhci - ok
15:43:20.0956 0x0454  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
15:43:20.0987 0x0454  usb_rndisx - ok
15:43:21.0018 0x0454  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:43:21.0127 0x0454  UxSms - ok
15:43:21.0143 0x0454  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc        C:\Windows\system32\lsass.exe
15:43:21.0158 0x0454  VaultSvc - ok
15:43:21.0580 0x0454  [ 2D8A86BE49A1AD9D05678A2A10F64CE7, 771B5882267B593A1E389DB26F21C3F790D534C8C98FD4A8F043978EA6E09CD6 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
15:43:21.0595 0x0454  VBoxAswDrv - ok
15:43:21.0923 0x0454  [ CDA796F41C2B64CEEC143B3A86904CFB, 8D9CACB74608C145A75424F4169E447A9EFA0EC3DD1412F097B56F86C0FC8E6E ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
15:43:22.0001 0x0454  VBoxDrv - ok
15:43:22.0110 0x0454  [ 8CD776EB77695524CCE594AAC3A71569, AEF6F9B0E5F67E87819EB0E9FA5220EEF247A160A2BF8511CEDC8D12A9D4D941 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
15:43:22.0157 0x0454  VBoxNetAdp - ok
15:43:22.0172 0x0454  [ 39D80811EB7E87CD7F682A3124693CBA, C90A08CCE322FB01F5D8E7CE269CFC5B91E7A30FC4BCCEE047C636D651E5A59A ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
15:43:22.0188 0x0454  VBoxNetFlt - ok
15:43:22.0219 0x0454  [ 248C6ADD9467AF319D1882A5E8B12966, EE23FB426C6408354A1D212978528F5ECA8ADBB7441C5734F5675D7306235163 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
15:43:22.0219 0x0454  VBoxUSBMon - ok
15:43:22.0250 0x0454  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:43:22.0266 0x0454  vdrvroot - ok
15:43:22.0297 0x0454  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:43:22.0328 0x0454  vds - ok
15:43:22.0360 0x0454  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:43:22.0375 0x0454  vga - ok
15:43:22.0375 0x0454  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:43:22.0406 0x0454  VgaSave - ok
15:43:22.0422 0x0454  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:43:22.0484 0x0454  vhdmp - ok
15:43:22.0562 0x0454  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:43:22.0578 0x0454  viaide - ok
15:43:22.0594 0x0454  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:43:22.0609 0x0454  volmgr - ok
15:43:22.0625 0x0454  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:43:22.0640 0x0454  volmgrx - ok
15:43:22.0656 0x0454  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:43:22.0672 0x0454  volsnap - ok
15:43:22.0703 0x0454  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:43:22.0718 0x0454  vsmraid - ok
15:43:22.0781 0x0454  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:43:22.0890 0x0454  VSS - ok
15:43:22.0921 0x0454  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:43:22.0952 0x0454  vwifibus - ok
15:43:23.0000 0x0454  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:43:23.0016 0x0454  vwififlt - ok
15:43:23.0172 0x0454  [ C366AE91D2CC2C1C25380061D235C36B, FF641D2D913223069EEDCDC08286D91D40BEE5FC7471610DE76E98D8A32045A2 ] VX3000          C:\Windows\system32\DRIVERS\VX3000.sys
15:43:23.0281 0x0454  VX3000 - ok
15:43:23.0375 0x0454  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:43:23.0437 0x0454  W32Time - ok
15:43:23.0499 0x0454  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:43:23.0531 0x0454  WacomPen - ok
15:43:23.0577 0x0454  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:43:23.0624 0x0454  WANARP - ok
15:43:23.0702 0x0454  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:43:23.0733 0x0454  Wanarpv6 - ok
15:43:23.0967 0x0454  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:43:23.0999 0x0454  WatAdminSvc - ok
15:43:24.0373 0x0454  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:43:24.0467 0x0454  wbengine - ok
15:43:24.0529 0x0454  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:43:24.0560 0x0454  WbioSrvc - ok
15:43:24.0685 0x0454  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:43:24.0810 0x0454  wcncsvc - ok
15:43:24.0841 0x0454  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:43:24.0857 0x0454  WcsPlugInService - ok
15:43:24.0888 0x0454  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:43:24.0903 0x0454  Wd - ok
15:43:25.0060 0x0454  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:43:25.0123 0x0454  Wdf01000 - ok
15:43:25.0154 0x0454  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:43:25.0154 0x0454  WdiServiceHost - ok
15:43:25.0170 0x0454  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:43:25.0170 0x0454  WdiSystemHost - ok
15:43:25.0279 0x0454  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
15:43:25.0372 0x0454  WebClient - ok
15:43:25.0575 0x0454  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:43:25.0716 0x0454  Wecsvc - ok
15:43:25.0747 0x0454  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:43:25.0809 0x0454  wercplsupport - ok
15:43:25.0840 0x0454  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:43:25.0887 0x0454  WerSvc - ok
15:43:25.0934 0x0454  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:43:25.0965 0x0454  WfpLwf - ok
15:43:25.0981 0x0454  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:43:25.0981 0x0454  WIMMount - ok
15:43:25.0996 0x0454  WinDefend - ok
15:43:26.0012 0x0454  WinHttpAutoProxySvc - ok
15:43:26.0059 0x0454  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:43:26.0090 0x0454  Winmgmt - ok
15:43:26.0589 0x0454  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:43:26.0761 0x0454  WinRM - ok
15:43:26.0854 0x0454  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
15:43:26.0870 0x0454  WinUsb - ok
15:43:26.0901 0x0454  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:43:27.0011 0x0454  Wlansvc - ok
15:43:27.0386 0x0454  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:43:27.0495 0x0454  wlidsvc - ok
15:43:27.0542 0x0454  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:43:27.0573 0x0454  WmiAcpi - ok
15:43:27.0635 0x0454  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:43:27.0667 0x0454  wmiApSrv - ok
15:43:27.0682 0x0454  WMPNetworkSvc - ok
15:43:27.0698 0x0454  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:43:27.0745 0x0454  WPCSvc - ok
15:43:27.0760 0x0454  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:43:27.0791 0x0454  WPDBusEnum - ok
15:43:27.0838 0x0454  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:43:27.0916 0x0454  ws2ifsl - ok
15:43:27.0947 0x0454  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:43:27.0994 0x0454  wscsvc - ok
15:43:27.0994 0x0454  WSearch - ok
15:43:28.0197 0x0454  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:43:28.0415 0x0454  wuauserv - ok
15:43:28.0587 0x0454  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:43:28.0618 0x0454  WudfPf - ok
15:43:28.0665 0x0454  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
15:43:28.0681 0x0454  WUDFRd - ok
15:43:28.0696 0x0454  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:43:28.0712 0x0454  wudfsvc - ok
15:43:28.0759 0x0454  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:43:28.0805 0x0454  WwanSvc - ok
15:43:28.0852 0x0454  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
15:43:28.0915 0x0454  xusb21 - ok
15:43:28.0961 0x0454  ================ Scan global ===============================
15:43:29.0009 0x0454  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:43:29.0103 0x0454  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
15:43:29.0118 0x0454  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
15:43:29.0165 0x0454  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:43:29.0368 0x0454  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:43:29.0384 0x0454  [ Global ] - ok
15:43:29.0384 0x0454  ================ Scan MBR ==================================
15:43:29.0430 0x0454  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:43:30.0649 0x0454  \Device\Harddisk0\DR0 - ok
15:43:30.0649 0x0454  ================ Scan VBR ==================================
15:43:30.0665 0x0454  [ 019F7F679CD615A2D43756E258FFAC71 ] \Device\Harddisk0\DR0\Partition1
15:43:30.0946 0x0454  \Device\Harddisk0\DR0\Partition1 - ok
15:43:30.0963 0x0454  [ 7361606738F95AFDD1EF1CD9C31A8819 ] \Device\Harddisk0\DR0\Partition2
15:43:31.0136 0x0454  \Device\Harddisk0\DR0\Partition2 - ok
15:43:31.0136 0x0454  ================ Scan generic autorun ======================
15:43:31.0713 0x0454  [ 2AED6E49CE99DFFF3FC4B9108246B7CB, 4D6A1C32DD10556F84A0B62C796C4C54A7E3E4772478B16A38E1668870D7019C ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:43:31.0916 0x0454  RtHDVCpl - ok
15:43:32.0212 0x0454  [ 88CA0FFA894AF4B0D90B93FAA2A0A0D9, FC48386A287EB95E5D173FA358D6F0823A651C83835605892EAFD6ED11F17D6F ] c:\Program Files\Microsoft IntelliType Pro\itype.exe
15:43:32.0321 0x0454  itype - ok
15:43:32.0446 0x0454  [ 74354790ECAE60C11631BD7856C0AFD0, 4932908C79842CFDB4882A767BCAECB97F663892C9715D4FA1F4AE902335DCB5 ] C:\Windows\KHALMNPR.EXE
15:43:32.0462 0x0454  Kernel and Hardware Abstraction Layer - ok
15:43:32.0462 0x0454  Nvtmru - ok
15:43:32.0930 0x0454  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:43:32.0977 0x0454  NvBackend - ok
15:43:33.0040 0x0454  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:43:33.0071 0x0454  ShadowPlay - ok
15:43:33.0118 0x0454  [ 69764A6475A4C54732E6A07CE6EF8BE2, BF983299386AC0A16FA798D8EED43B3E88541D49A03E3F6F2B89A9A0C9A18503 ] C:\Windows\vVX3000.exe
15:43:33.0165 0x0454  VX3000 - ok
15:43:33.0461 0x0454  [ 4C31C25EABFAE208733AFA8096214FBC, 020293967268461D80EAD88D173617BFC85D3EC7D3C7FCA37A7038FA7C362946 ] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
15:43:33.0492 0x0454  InstantBurn - ok
15:43:33.0633 0x0454  [ 57B4D34232852BFE4453BE571DF90D21, 3D329499D7BCACAE5F6377F988B90714F5A8301784CDB22D5B54A2266AC50D79 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
15:43:33.0648 0x0454  CLMLServer - ok
15:43:34.0241 0x0454  [ F5FBA8724DE219E96D9ABAF4772D31A3, C36CF6E40F831E01BA029B571EFCB46C5EA5A11750D13FE979DDFAE8B916AFFB ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
15:43:34.0257 0x0454  RemoteControl9 - ok
15:43:34.0350 0x0454  [ 82F4DCD720F8E0128779CD1BDF6B6759, 57D3A568E563064CBBB3FB87B9FE86B3CFA5CE7A91CFCD92DED90DF4E266477A ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
15:43:34.0366 0x0454  BDRegion - ok
15:43:34.0460 0x0454  [ 607FCAE0B447C1B917DADBF0BE9A83FE, 1400420835C4E523595A4700ABC2E0F66B7BBC6AC48DB334F4E41DA3B1581F20 ] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
15:43:34.0475 0x0454  UpdatePSTShortCut - ok
15:43:34.0756 0x0454  [ B45F2C4076ACFD9714037B7C69D90167, 560172AAB25C9FABB06C08D7364F1A7EDE398AE24A7528C7EE7099503361C907 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:43:34.0772 0x0454  APSDaemon - ok
15:43:34.0943 0x0454  [ 34086F1DBB4065047EA3671CB70505CC, 2C82287A8FD75724CEB95689C7CEF2C5D3EE263E9966E8982EF2F1A97BDCB946 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:43:34.0974 0x0454  iTunesHelper - ok
15:43:35.0287 0x0454  [ 7516C453B017706D857A6E57F75D72AD, EDB67298B432990D16168C023FB8079B475DAEC540594E2020BBE8EBD017B5E9 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
15:43:35.0319 0x0454  DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
15:43:37.0769 0x0454  Detect skipped due to KSN trusted
15:43:37.0769 0x0454  DivXMediaServer - ok
15:43:37.0909 0x0454  [ FB1A303207C1124C2B61A50E5A32AC21, 5BE93B9FDE657DCDAF4E8C02BC3F364C58B115DCE3AD10044FBCDC0FF90C2EBC ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
15:43:37.0956 0x0454  DivXUpdate - ok
15:43:38.0845 0x0454  [ 77D90A1094034727E5E86DF1FA8A87CF, 711A4D57A9E69FF8E3A36AD234195C5ED7E0503DFC87B5A3366FF4CC6413556B ] C:\Program Files (x86)\Mirroring360\Mirroring360.exe
15:43:39.0001 0x0454  Mirroring360 - ok
15:43:39.0798 0x0454  [ F66203AF9C159E2CBD54DF981654F499, C28A7E3D4BB50F14D40C3AE9D1267D11015381A9615663BAAAB6C0084A72E607 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:43:39.0907 0x0454  AvastUI.exe - ok
15:43:40.0110 0x0454  [ 0133E5265FDD7063F87856C9BD5156C9, 27C0389B3FA0209C6B4D1A8A75AAD23525DD3B5DB7B0CD7358D1D6417818C8EF ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
15:43:40.0125 0x0454  LifeCam - ok
15:43:40.0640 0x0454  [ 02B8BC2531917B205D509E6D8661DAFF, 9466DADD36A6B7FA4FB2C84B3F268CCEE65AA05D6DC93E70DE6F47F98D396B06 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
15:43:40.0734 0x0454  LogMeIn Hamachi Ui - ok
15:43:41.0265 0x0454  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
15:43:41.0328 0x0454  SDTray - ok
15:43:41.0406 0x0454  [ 4E574FEBE7CD85BB0A086ABEF602F910, 24A950E3F8DEA6E5D611229EC0B0C9007C416C2C88577E85B69D7F86187E806A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:43:41.0421 0x0454  SunJavaUpdateSched - ok
15:43:41.0499 0x0454  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:41.0546 0x0454  Sidebar - ok
15:43:41.0562 0x0454  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:41.0593 0x0454  mctadmin - ok
15:43:41.0655 0x0454  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:41.0702 0x0454  Sidebar - ok
15:43:41.0749 0x0454  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:41.0780 0x0454  mctadmin - ok
15:43:42.0076 0x0454  [ 8EDE61AD829449DC37458C29B73B6788, 3DA850AB163FD984BC5FF28FB3255827BB8B120324C604E51DD176AB98C4EF99 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
15:43:42.0123 0x0454  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
15:43:44.0593 0x0454  Detect skipped due to KSN trusted
15:43:44.0593 0x0454  LightScribe Control Panel - ok
15:43:45.0014 0x0454  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\steam.exe
15:43:45.0077 0x0454  Steam - ok
15:43:45.0124 0x0454  IndieCity Client - ok
15:43:45.0327 0x0454  [ A379B75A6FFE4DFD3184F35F0141CE91, C777B01B4361456D4D829E96723C85CCDC2E3647C4CF25894AC83100552E36AB ] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
15:43:45.0358 0x0454  ISUSPM Startup - detected UnsignedFile.Multi.Generic ( 1 )
15:43:47.0824 0x0454  Detect skipped due to KSN trusted
15:43:47.0824 0x0454  ISUSPM Startup - ok
15:43:48.0729 0x0454  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
15:43:48.0854 0x0454  CCleaner Monitoring - ok
15:43:48.0932 0x0454  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
15:43:48.0963 0x0454  RESTART_STICKY_NOTES - ok
15:43:49.0041 0x0454  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
15:43:49.0057 0x0454  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
15:43:51.0508 0x0454  Detect skipped due to KSN trusted
15:43:51.0508 0x0454  SpybotPostWindows10UpgradeReInstall - ok
15:43:51.0508 0x0454  Waiting for KSN requests completion. In queue: 2
15:43:52.0522 0x0454  Waiting for KSN requests completion. In queue: 2
15:43:53.0537 0x0454  Waiting for KSN requests completion. In queue: 2
15:43:54.0660 0x0454  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
15:43:54.0660 0x0454  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41010 ( enabled )
15:43:57.0157 0x0454  ============================================================
15:43:57.0157 0x0454  Scan finished
15:43:57.0157 0x0454  ============================================================
15:43:57.0157 0x05c4  Detected object count: 2
15:43:57.0157 0x05c4  Actual detected object count: 2
15:45:08.0880 0x05c4  PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:08.0880 0x05c4  PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:45:08.0880 0x05c4  Smart TimeLock ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:08.0880 0x05c4  Smart TimeLock ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:45:23.0546 0x18bc  Deinitialize success

  • 0

#36
Alkalidum
Posted 26 August 2015 - 08:56 AM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015
Ran by Speed X8 (administrator) on SPEEDX8-PC (26-08-2015 15:46:32)
Running from C:\Users\Speed X8\Desktop
Loaded Profiles: Speed X8 (Available Profiles: Speed X8)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corporation.) C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11858536 2011-06-07] (Realtek Semiconductor)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [InstantBurn] => C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [697640 2010-02-10] (CyberLink Corporation.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-18] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [Mirroring360] => C:\Program Files (x86)\Mirroring360\Mirroring360.exe [9966416 2014-10-15] (Splashtop Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [IndieCity Client] => C:\Program Files (x86)\IndieCity\Client\bin\x86\iceclient.exe -m
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-05-23]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-05-23]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk [2012-09-14]
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-20] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-975855429-1586840072-3018677650-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-24] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-05-23] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-05-23] (LastPass)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\..\Interfaces\{283D9FDB-27F4-4CC0-B300-A9CF3572C5A7}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{5FECFA46-5C30-449C-90BC-691D6E34E6C0}: [DhcpNameServer] 192.168.42.129
 
FireFox:
========
FF ProfilePath: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-24] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-05-23] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Speed X8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-975855429-1586840072-3018677650-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-20] ()
FF SearchPlugin: C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\searchplugins\google-avast.xml [2015-08-20]
FF Extension: LastPass - C:\Users\Speed X8\AppData\Roaming\Mozilla\Firefox\Profiles\6p4gp8b1.default\Extensions\[email protected] [2015-05-23]
FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST [2015-08-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-12]
 
Chrome: 
=======
CHR Profile: C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-20]
CHR Extension: (Subscriptions Grid For YouTube™) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjhgnfnmijfkmcddcmffeamphmmeed [2015-08-20]
CHR Extension: (AdBlock) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Speed X8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-20]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-12]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - http://clients2.goog...ice/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-20] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-20] (Avast Software)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [938776 2013-05-17] (BitRaider, LLC)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-26] (EasyAntiCheat Ltd)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Users\Speed X8\Desktop\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2928128 2012-11-19] (PACE Anti-Piracy, Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-15] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [193888 2010-06-28] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [211808 2010-06-28] (Ralink Technology, Corp.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 NSL; "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-20] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-20] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-20] (AVAST Software)
S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [74024 2013-04-04] (BitRaider)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-09] (Symantec Corporation)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-03-16] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-09-29] (MotioninJoy) [File not signed]
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-20] (AVAST Software)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-20] (Avast Software)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-26 15:46 - 2015-08-26 15:47 - 00027896 _____ C:\Users\Speed X8\Desktop\FRST.txt
2015-08-26 15:40 - 2015-08-26 15:40 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Speed X8\Downloads\tdsskiller.exe
2015-08-26 15:40 - 2015-08-26 15:40 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Speed X8\Desktop\tdsskiller.exe
2015-08-25 19:00 - 2015-08-25 19:04 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-25 19:00 - 2015-08-25 19:00 - 00001181 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-08-25 19:00 - 2015-08-25 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-08-25 18:32 - 2015-08-25 18:09 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-08-25 18:10 - 2015-08-25 18:35 - 00017038 ____C C:\zoek-results.log
2015-08-25 18:09 - 2015-08-25 18:29 - 00000000 ___DC C:\zoek_backup
2015-08-25 18:08 - 2015-08-25 18:08 - 01308672 _____ C:\Users\Speed X8\Downloads\zoek.exe
2015-08-25 18:08 - 2015-08-25 18:08 - 01308672 _____ C:\Users\Speed X8\Desktop\zoek.exe
2015-08-24 20:34 - 2015-08-24 20:34 - 00000000 ____D C:\Users\Speed X8\Desktop\FRST-OlderVersion
2015-08-24 09:27 - 2015-08-24 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-24 09:17 - 2015-08-24 09:17 - 00000000 ____D C:\ProgramData\Sun
2015-08-24 09:10 - 2015-08-24 09:18 - 00000000 ____D C:\Users\Speed X8\Desktop\JavaRa-2.6
2015-08-24 09:10 - 2015-08-24 09:10 - 00184620 _____ C:\Users\Speed X8\Downloads\JavaRa-2.6.1.zip
2015-08-24 00:09 - 2015-08-24 00:09 - 00852704 _____ C:\Users\Speed X8\Downloads\SecurityCheck.exe
2015-08-24 00:09 - 2015-08-24 00:09 - 00852704 _____ C:\Users\Speed X8\Desktop\SecurityCheck.exe
2015-08-23 21:24 - 2015-08-23 21:24 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-22 22:24 - 2015-08-22 22:24 - 00000000 ____D C:\Users\Speed X8\Desktop\Malwarebytes Anti-Malware
2015-08-22 22:24 - 2015-08-22 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-22 22:24 - 2015-08-22 22:23 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Speed X8\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-22 22:24 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-22 22:24 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-22 22:23 - 2015-08-22 22:23 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Speed X8\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-22 21:22 - 2015-08-22 22:57 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-22 21:21 - 2015-08-22 21:51 - 00000000 ____D C:\Users\Speed X8\Desktop\mbar
2015-08-22 21:21 - 2015-08-22 21:20 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Speed X8\Desktop\mbar-1.09.2.1008.exe
2015-08-22 21:21 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-22 21:20 - 2015-08-22 21:20 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Speed X8\Downloads\mbar-1.09.2.1008.exe
2015-08-22 00:23 - 2015-08-22 00:23 - 00000000 ____D C:\Users\Speed X8\AppData\Local\GWX
2015-08-21 10:58 - 2015-08-21 10:58 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Speed X8\Downloads\JRT.exe
2015-08-21 10:58 - 2015-08-21 10:58 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Speed X8\Desktop\JRT.exe
2015-08-21 10:32 - 2015-08-22 21:20 - 00000000 ____D C:\ProgramData\SystemSearchIndexer
2015-08-20 21:52 - 2015-08-20 21:53 - 00137859 _____ C:\Users\Speed X8\Downloads\Addition.txt
2015-08-20 21:51 - 2015-08-26 15:46 - 00000000 ___DC C:\FRST
2015-08-20 21:51 - 2015-08-24 20:34 - 02186752 ____C (Farbar) C:\Users\Speed X8\Desktop\FRST64.exe
2015-08-20 21:51 - 2015-08-20 21:53 - 00084307 _____ C:\Users\Speed X8\Downloads\FRST.txt
2015-08-20 21:32 - 2015-08-20 21:32 - 00246100 _____ C:\Users\Speed X8\Downloads\Extras.Txt
2015-08-20 21:30 - 2015-08-20 21:30 - 00177820 _____ C:\Users\Speed X8\Downloads\OTL.Txt
2015-08-20 20:47 - 2015-08-20 20:42 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-20 20:46 - 2015-08-20 20:47 - 01605632 _____ C:\Users\Speed X8\Desktop\AdwCleaner (1).exe
2015-08-20 20:46 - 2015-08-20 20:46 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-20 20:45 - 2015-08-20 20:45 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-20 20:44 - 2015-08-20 20:44 - 00602112 _____ (OldTimer Tools) C:\Users\Speed X8\Downloads\OTL.exe
2015-08-20 20:42 - 2015-08-20 20:42 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-08-20 20:34 - 2015-08-20 20:34 - 00000000 ____D C:\Users\Speed X8\Documents\ProcAlyzer Dumps
2015-08-20 09:42 - 2015-08-20 09:42 - 00001504 _____ C:\ProgramData\tempimage.bmp
2015-08-19 23:54 - 2015-08-11 02:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:54 - 2015-08-11 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 23:54 - 2015-08-11 01:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 23:54 - 2015-08-11 01:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 20:54 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150819-205448.backup
2015-08-19 19:55 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-19 19:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-19 19:50 - 2015-08-19 20:50 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-19 19:50 - 2015-08-19 19:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-19 19:50 - 2015-08-19 19:50 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-19 19:50 - 2015-08-19 19:50 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-19 19:50 - 2015-08-19 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-19 19:50 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-08-19 19:49 - 2015-08-19 19:49 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Speed X8\Downloads\spybot-2.4.exe
2015-08-19 18:46 - 2015-08-20 21:43 - 00000000 ____C C:\dummy.htm
2015-08-19 18:42 - 2015-08-19 18:43 - 00000904 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-08-19 18:35 - 2015-08-19 18:56 - 00002192 _____ C:\Users\Speed X8\Desktop\chrome.lnk
2015-08-19 18:35 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Speed X8\AppData\Local\MiniService
2015-08-19 18:31 - 2015-08-19 18:31 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-08-19 16:43 - 2015-08-19 16:43 - 00003206 _____ C:\Windows\System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF}
2015-08-19 16:40 - 2015-08-19 16:40 - 00000053 _____ C:\Windows\Directx.log
2015-08-19 16:26 - 1999-12-16 15:13 - 00086016 _____ (MindVision Software) C:\Windows\unvise32.exe
2015-08-18 19:43 - 2015-08-18 19:43 - 00000000 _____ C:\Users\Speed X8\apploc.msi
2015-08-18 19:31 - 2015-08-18 19:31 - 01391104 _____ C:\apploc.msi
2015-08-18 19:19 - 2015-08-18 19:19 - 00003216 _____ C:\Windows\System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77}
2015-08-12 00:37 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 00:37 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:02 - 2015-07-28 21:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 21:02 - 2015-07-28 21:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-11 21:02 - 2015-07-28 21:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 21:02 - 2015-07-28 20:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 21:02 - 2015-07-15 19:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 21:02 - 2015-07-15 19:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 21:02 - 2015-07-15 19:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 21:02 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 21:02 - 2015-07-15 19:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 21:02 - 2015-07-15 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 21:02 - 2015-07-15 19:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-11 21:02 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-11 21:02 - 2015-07-15 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 21:02 - 2015-07-15 19:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-11 21:02 - 2015-07-15 19:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 21:02 - 2015-07-15 19:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 19:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-11 21:02 - 2015-07-15 18:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-11 21:02 - 2015-07-15 18:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-11 21:02 - 2015-07-15 18:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-11 21:02 - 2015-07-15 18:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 21:02 - 2015-07-15 18:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 21:02 - 2015-07-15 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-11 21:02 - 2015-07-15 18:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-11 21:02 - 2015-07-15 18:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-11 21:02 - 2015-07-15 18:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 18:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-11 21:02 - 2015-07-15 17:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 21:02 - 2015-07-15 17:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 21:02 - 2015-07-15 17:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-11 21:02 - 2015-07-15 17:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-11 21:02 - 2015-07-15 17:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-11 21:02 - 2015-07-15 17:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-11 21:01 - 2015-07-21 01:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-11 21:01 - 2015-07-21 01:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-11 21:01 - 2015-07-16 21:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-11 21:01 - 2015-07-16 21:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-11 21:01 - 2015-07-16 21:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 21:01 - 2015-07-16 21:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-11 21:01 - 2015-07-16 21:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-11 21:01 - 2015-07-16 21:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-11 21:01 - 2015-07-16 20:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 21:01 - 2015-07-16 20:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-11 21:01 - 2015-07-16 20:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-11 21:01 - 2015-07-16 20:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 21:01 - 2015-07-16 20:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-11 21:01 - 2015-07-16 20:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-11 21:01 - 2015-07-16 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-11 21:01 - 2015-07-16 20:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-11 21:01 - 2015-07-16 20:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-11 21:01 - 2015-07-16 20:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-11 21:01 - 2015-07-16 20:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 21:01 - 2015-07-16 20:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 21:01 - 2015-07-16 19:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 21:01 - 2015-07-16 19:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 21:01 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-11 21:01 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-11 21:01 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 21:01 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-11 21:01 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-11 21:00 - 2015-07-30 19:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 21:00 - 2015-07-30 18:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-11 21:00 - 2015-07-30 18:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-11 21:00 - 2015-07-30 17:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 21:00 - 2015-07-30 17:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 21:00 - 2015-07-30 17:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 21:00 - 2015-07-16 21:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-11 21:00 - 2015-07-16 21:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 21:00 - 2015-07-16 21:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 21:00 - 2015-07-16 21:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-11 21:00 - 2015-07-16 21:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-11 21:00 - 2015-07-16 21:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 21:00 - 2015-07-16 21:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-11 21:00 - 2015-07-16 21:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-11 21:00 - 2015-07-16 21:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-11 21:00 - 2015-07-16 21:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-11 21:00 - 2015-07-16 20:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-11 21:00 - 2015-07-16 20:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-11 21:00 - 2015-07-16 20:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-11 21:00 - 2015-07-16 20:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 21:00 - 2015-07-16 20:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-11 21:00 - 2015-07-16 20:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-11 21:00 - 2015-07-16 20:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 21:00 - 2015-07-16 20:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 21:00 - 2015-07-16 20:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-11 21:00 - 2015-07-16 20:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-11 21:00 - 2015-07-16 20:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 21:00 - 2015-07-16 20:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 21:00 - 2015-07-16 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-11 21:00 - 2015-07-16 20:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 21:00 - 2015-07-16 20:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-11 21:00 - 2015-07-16 20:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-11 21:00 - 2015-07-16 20:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 21:00 - 2015-07-16 20:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 21:00 - 2015-07-16 20:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 21:00 - 2015-07-16 20:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-11 21:00 - 2015-07-16 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 21:00 - 2015-07-16 19:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 21:00 - 2015-07-15 04:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 21:00 - 2015-07-15 04:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 21:00 - 2015-07-15 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 21:00 - 2015-07-15 04:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 21:00 - 2015-07-15 03:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 21:00 - 2015-07-15 03:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 21:00 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 21:00 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 21:00 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 21:00 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 21:00 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 20:59 - 2015-07-20 19:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 20:59 - 2015-07-20 19:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 20:59 - 2015-07-20 19:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 20:59 - 2015-07-20 18:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 20:59 - 2015-07-20 18:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 20:59 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 20:59 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 20:59 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 20:59 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 20:59 - 2015-05-09 19:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-04 10:48 - 2015-08-04 10:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-27 17:52 - 2015-07-27 17:52 - 00001824 _____ C:\Users\Speed X8\Downloads\Alkalidum (9).plr
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-26 15:45 - 2012-03-15 14:26 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{767B4E75-0A22-454C-8045-6C88693109B7}
2015-08-26 15:43 - 2013-11-08 13:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-26 15:35 - 2012-03-14 14:10 - 02090717 _____ C:\Windows\WindowsUpdate.log
2015-08-26 15:34 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-26 15:34 - 2009-07-14 05:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-26 15:29 - 2013-03-16 17:46 - 00000392 _____ C:\Windows\Tasks\WpsUpdateTask_Speed X8.job
2015-08-26 15:22 - 2015-05-07 16:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-26 15:21 - 2012-06-03 15:43 - 00000000 ____D C:\Users\Speed X8\AppData\Local\LogMeIn Hamachi
2015-08-26 15:18 - 2014-12-30 20:48 - 00059804 _____ C:\Windows\setupact.log
2015-08-26 15:18 - 2013-11-08 13:06 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-26 15:18 - 2012-03-15 14:37 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-26 15:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-26 15:17 - 2012-03-14 14:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-25 21:59 - 2012-03-30 13:21 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 19:09 - 2014-01-14 15:08 - 00000000 ____D C:\Users\Speed X8\AppData\Local\Battle.net
2015-08-25 18:33 - 2014-12-31 11:41 - 00608186 _____ C:\Windows\PFRO.log
2015-08-25 18:30 - 2014-05-15 16:40 - 00000000 ____D C:\Users\HomeGroupUser$\AppData\Local\Google
2015-08-25 18:30 - 2014-05-15 16:40 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2015-08-25 18:30 - 2014-05-15 16:40 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2015-08-25 18:29 - 2012-03-14 14:10 - 00000000 ____D C:\Users\Speed X8
2015-08-24 20:28 - 2015-04-25 22:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-24 09:16 - 2014-08-17 18:05 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-08-24 09:16 - 2012-04-19 17:01 - 00000000 ____D C:\Program Files\Java
2015-08-24 09:05 - 2014-04-13 14:54 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2015-08-24 09:05 - 2012-12-20 17:01 - 00000000 ____D C:\Users\Speed X8\Downloads\christmas 2
2015-08-22 22:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PLA
2015-08-22 22:51 - 2015-04-25 22:05 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-22 22:51 - 2015-04-25 22:05 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-22 22:51 - 2012-03-14 14:11 - 00001317 _____ C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-22 21:53 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins
2015-08-22 21:22 - 2014-08-28 11:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-21 11:12 - 2014-08-29 10:37 - 00000000 ___DC C:\AdwCleaner
2015-08-21 10:47 - 2012-03-14 15:13 - 00000000 ____D C:\Windows\system32\temp
2015-08-21 10:38 - 2015-05-13 19:52 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\uTorrent
2015-08-21 10:35 - 2014-10-22 17:39 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-08-21 10:35 - 2014-10-22 17:39 - 00000000 ____D C:\Windows\system32\vbox
2015-08-21 10:08 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-20 20:58 - 2013-11-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-20 20:48 - 2015-03-12 17:48 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-20 20:46 - 2015-03-12 17:48 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-20 20:43 - 2015-03-12 17:48 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-08-19 23:24 - 2012-03-17 21:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Mumble
2015-08-19 18:55 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-19 16:32 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-14 21:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-08-14 20:32 - 2012-03-15 06:04 - 00000000 ____D C:\Windows\Panther
2015-08-14 20:28 - 2015-07-10 14:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-12 10:22 - 2009-07-14 05:45 - 00290992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 10:19 - 2014-12-12 17:17 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 10:19 - 2014-05-07 00:24 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 00:37 - 2013-03-14 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 00:36 - 2013-03-14 00:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 00:32 - 2014-08-29 11:22 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 00:26 - 2014-08-29 11:22 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 21:59 - 2012-03-30 13:21 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 21:59 - 2012-03-30 13:20 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 21:59 - 2012-03-22 20:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-10 11:07 - 2015-04-24 10:45 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-10 10:36 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-04 10:48 - 2012-06-03 15:42 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-03 12:12 - 2012-06-28 11:58 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-31 18:45 - 2014-05-17 18:29 - 00000000 ____D C:\Users\Speed X8\AppData\Roaming\.minecraft
 
==================== Files in the root of some directories =======
 
2015-05-23 23:43 - 2015-05-23 23:43 - 16258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-06-17 18:22 - 2013-06-17 18:21 - 0001160 _____ () C:\Users\Speed X8\AppData\Roaming\mods - Shortcut.lnk
2013-06-17 18:22 - 2013-06-17 18:23 - 0047104 ___SH () C:\Users\Speed X8\AppData\Roaming\Thumbs.db
2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Users\Speed X8\AppData\Local\datos.txt
2015-04-25 14:36 - 2015-04-25 14:36 - 0006605 _____ () C:\Users\Speed X8\AppData\Local\recently-used.xbel
2014-08-31 23:22 - 2014-08-31 23:22 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-08-20 09:42 - 2015-08-20 09:42 - 0001504 _____ () C:\ProgramData\tempimage.bmp
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-14 21:22
 
==================== End of FRST.txt ============================

  • 0

#37
Alkalidum
Posted 26 August 2015 - 08:57 AM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-08-2015
Ran by Speed X8 (2015-08-26 15:48:55)
Running from C:\Users\Speed X8\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-975855429-1586840072-3018677650-500 - Administrator - Disabled)
Guest (S-1-5-21-975855429-1586840072-3018677650-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-975855429-1586840072-3018677650-1003 - Limited - Enabled)
Speed X8 (S-1-5-21-975855429-1586840072-3018677650-1000 - Administrator - Enabled) => C:\Users\Speed X8
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE)
3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
AChat 1.18 (HKLM-x32\...\AChat_is1) (Version:  - AChat Animation Studios)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Airline Tycoon 2 (HKLM-x32\...\Steam App 201490) (Version:  - )
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Antares Auto-Tune 7 VST (HKLM\...\{8E7715AA-E19B-44E8-AE4C-FB5B37B7E2D9}) (Version: 7.05.0004 - Antares Audio Technologies)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARMA 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ARMA 2 Dedicated Server (HKLM-x32\...\Steam App 33905) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead - Dedicated Server (HKLM-x32\...\Steam App 33935) (Version:  - Bohemia Interactive)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Auto-Tune EFX 2 (HKLM\...\{CCF89E7D-8BFC-4B3C-8C9C-8C4E9EF8BA45}) (Version: 2.1 - Antares Audio Technologies)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)
Bloody Trapland (HKLM-x32\...\Steam App 257750) (Version:  - 2Play)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnInTest v7.0 Pro (HKLM\...\BurnInTest_is1) (Version: 7.0 - Passmark Software)
Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version:  - Stainless Games Ltd)
Castle Story (HKLM-x32\...\Steam App 227860) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Crawl (HKLM-x32\...\Steam App 293780) (Version:  - Powerhoof)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3721 - CyberLink Corp.)
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.6210 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1423 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3518.52 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{BAD8395E-CE31-44AA-B9FE-A14FCD0ABE4A}) (Version: 0.9.110 - Dotjosh Studios)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
DUNGEONS - Steam Special Edition (HKLM-x32\...\Steam App 57650) (Version:  - Realmforge Studios)
DUNGEONS - The Dark Lord (Steam Special Edition) (HKLM-x32\...\Steam App 200550) (Version:  - )
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version:  - )
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - Hitbox Team)
Easy Tune 6 B11.0630.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0630.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FaceTrackNoIR version 1.7 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7 - FaceTrackNoIR Team)
Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreeTrack v2.2.0.279 (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\FreeTrack v2.2.0.279) (Version:  - )
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - )
FrostWire 5.3.5 (HKLM-x32\...\FrostWire 5) (Version: 5.3.5.0 - FrostWire Team)
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Game Dev Tycoon version 1.3.2 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.2 - Greenheart Games Pty. Ltd.)
GameFly (HKLM-x32\...\GameFly) (Version: 1.2.378 - GameFly, Inc.)
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
Gang Beasts (HKLM-x32\...\Steam App 285900) (Version:  - Boneloaf)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Gauntlet™  (HKLM-x32\...\Steam App 258970) (Version:  - Arrowhead Game Studios)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Gratuitous Space Battles (HKLM-x32\...\Steam App 41800) (Version:  - Positech Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hidden in Plain Sight (HKLM-x32\...\Steam App 303590) (Version:  - Adam Spragg)
Hyrule Total War 3 Patch (HKLM-x32\...\{90D07AB1-663A-4F45-8BB8-E0763C8C8D1A}) (Version: 1.0.0 - Parallel Process)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
join.me (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\JoinMe) (Version: 1.17.1.162 - LogMeIn, Inc.)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
Kingsoft Spreadsheets  (8.1.0.3030) (HKLM-x32\...\Kingsoft Spreadsheets) (Version: 8.1.0.3030 - Kingsoft Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Magic The Gathering Online  (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\9f2df17776476c05) (Version: 3.4.77.332 - Wizards of the Coast)
Magic: The Gathering - Duels of the Planeswalkers (HKLM-x32\...\Steam App 49400) (Version:  - Stainless Games Ltd)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
March of War: Face Off (HKLM-x32\...\Steam App 323900) (Version:  - ISOTX)
Marvel Heroes (HKLM-x32\...\marvelheroesbeta) (Version: 1.8.0.302 - Gazillion Entertainment)
Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version:  - )
Marvel Puzzle Quest: Dark Reign (HKLM-x32\...\Steam App 234330) (Version:  - )
Mashed (HKLM-x32\...\Steam App 281280) (Version:  - Supersonic Software)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version:  - The Creative Assembly)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Mirroring360 (HKLM-x32\...\{2143C7CF-6CBA-4513-AC73-D410DEC57BFC}) (Version: 1.2.0.4 - Splashtop Inc.)
MNR -2litres - Horndean (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\MNR -2litres - Horndean) (Version:  - )
Mobiloid Demo (HKLM-x32\...\IndieCity-{43591a95-bcfd-478c-86ca-003a99d5ae0b}) (Version:  - Montrezina)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version:  - Other Ocean Interactive)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-GB)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
NBTExplorer (HKLM-x32\...\{06107EDA-5B85-4CEC-AB1E-8350DEC15231}) (Version: 2.7.4.0 - Justin Aquadro)
Next Car Game Sneak Peek 2.0 (HKLM-x32\...\Steam App 272860) (Version:  - Bugbear)
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version:  - Bugbear)
Ninja Loader (HKLM-x32\...\Ninja Loader) (Version: 198.0.0.605 - CLICK YES BELOW LP)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Orcs Must Die 2 Workshop Tool (HKLM-x32\...\Steam App 242150) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )
Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22479 - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version:  - PopCap)
Peggle Nights (HKLM-x32\...\Steam App 3540) (Version:  - PopCap)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version:  - PokerStars.uk)
Primal Carnage (HKLM-x32\...\Steam App 215470) (Version:  - )
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
RPG Maker XP (HKLM-x32\...\RPG Maker XP_is1) (Version: 1.04 - Enterbrain)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
SecondLifeBetaViewer (remove only) (HKLM-x32\...\SecondLifeBetaViewer) (Version:  - )
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Shatter (HKLM-x32\...\Steam App 20820) (Version:  - Sidhe)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
Silent Storm (HKLM-x32\...\Steam App 254960) (Version:  - Nival)
Silent Storm Sentinels (HKLM-x32\...\Steam App 254980) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart 6 B11.0512.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tenda Wireless LAN Card (HKLM-x32\...\{192BCCC6-C47B-4473-B187-5164185A413C}) (Version: 1.0.0.0 - Tenda)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
TerraTech Demo (HKLM-x32\...\Steam App 313990) (Version:  - Payload Studios)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - )
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version:  - Creative Assembly)
Towns (HKLM-x32\...\Steam App 221020) (Version:  - )
Toy Soldiers (HKLM-x32\...\Steam App 98300) (Version:  - Signal Studios)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-975855429-1586840072-3018677650-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version:  - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Ino-Co Plus)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10650 - WinZip Computing, S.L. )
Wizorb (HKLM-x32\...\Steam App 207420) (Version:  - )
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version:  - Team17 Digital Ltd)
Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version:  - Team17)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
21-08-2015 10:59:16 JRT Pre-Junkware Removal
22-08-2015 12:10:10 Restore Point Created by FRST
22-08-2015 21:20:01 Restore Point Created by FRST
22-08-2015 21:51:35 Malwarebytes Anti-Rootkit Restore Point
24-08-2015 09:05:04 Restore Point Created by FRST
24-08-2015 09:11:57 Removed Java™ 6 Update 39 (64-bit)
24-08-2015 09:13:26 Removed Java™ 6 Update 39
25-08-2015 17:29:50 Windows Update
25-08-2015 18:07:56 Restore Point Created by FRST
25-08-2015 18:10:56 zoek.exe restore point
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2015-08-22 12:10 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0793DEB0-D40C-4788-9C44-C530DE22B040} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {1531C316-5DD4-43F5-8BB7-D1094259E97B} - System32\Tasks\{286FED16-89AD-41FA-B336-C878763B2EBC} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {1C28571E-B8F9-4751-9B62-5DCACC1EBBE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1D855AD1-E04A-4E97-B733-8256DD0834C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {351EED9F-F898-461A-8A89-2F1F96EAE91B} - System32\Tasks\{015CF1CB-F6C9-49FB-A90E-982A10B08A69} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {49CB8988-1A24-440D-88C0-19C4AFBEC1BC} - System32\Tasks\{0807DA71-B6F4-49B9-BBB0-E0854F2ABFC0} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)
Task: {69C2FB89-A68C-41D5-B6A8-AF1028C409C0} - System32\Tasks\{9289B819-C4CD-43A3-953F-675C1133513F} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {6E04465B-6C12-4E56-93B0-2AB6FB9A0C7A} - System32\Tasks\{A03ADA05-3C49-42AF-9AA8-4F4D4799D68B} => pcalua.exe -a "C:\Users\Speed X8\Downloads\HorndeanRX.exe" -d "C:\Users\Speed X8\Downloads"
Task: {7FD075DA-E5A1-4DD6-BB1C-AEFB8DBF07C1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {83D175D2-F77D-4A18-AF1E-FF5C3F70A2A7} - System32\Tasks\{B42D7871-5D2F-4356-A274-9660481C2BAF} => pcalua.exe -a "C:\Users\Speed X8\Desktop\New folder (2)\BUNNYUST.EXE" -d "C:\Users\Speed X8\Desktop\New folder (2)"
Task: {9473A819-07C7-4DE4-A5A9-D2E85121F58B} - System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77} => pcalua.exe -a "C:\Users\Speed X8\Desktop\JX^€Ch3D\Installer.exe" -d "C:\Users\Speed X8\Desktop\JX^€Ch3D"
Task: {9876CA81-F86B-4066-ADAF-F2113D0B9E96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {9A166EB4-E047-4F95-A1D7-3E93A73322C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A06419F4-D3A9-4255-A4FA-72451E12A59B} - System32\Tasks\{35EFDB9A-0F99-4935-81C2-571069624150} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1075-installer-win.exe" -d "C:\Users\Speed X8\Downloads"
Task: {AA6DB421-83C3-446D-B99F-6F4D648F5C9C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {B2760364-CF81-4BDB-B568-B1ABF51C49AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {B4B6995A-60FD-4CF8-9BDE-CDE10962C7B2} - System32\Tasks\{94946A22-1B4E-4768-8F4C-08540FEB21F6} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {C2CE4F4E-BE46-41CF-BBB8-EBE279108B47} - System32\Tasks\{9D8E0C13-765B-4D19-BC69-2137BE3AABFB} => pcalua.exe -a "C:\Users\Speed X8\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe" -d "C:\Users\Speed X8\Downloads"
Task: {CFB3BA4B-8C6A-4783-BB44-B320D35B5063} - System32\Tasks\{1A4338B1-89FF-4018-B394-19B364430E88} => C:\Program Files (x86)\Mumble\mumble.exe [2013-06-02] (Thorvald Natvig)
Task: {DD959D27-44EE-4B06-A828-F9132D437B3B} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {F1CF0726-424C-4A74-BF6A-D135AFABC4CE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FBF6EAD0-1555-45C6-8525-F36E7BE6394E} - System32\Tasks\{49BC5B3B-F531-493B-BB3D-34464A9E50E3} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2012-03-20] (www.motioninjoy.com)
Task: {FC6E5ED8-4083-42BD-B512-A8100B08055E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-20] (AVAST Software)
Task: {FC88C451-A7A0-4EA4-94B3-E6F839EEA182} - System32\Tasks\WpsUpdateTask_Speed X8 => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe [2013-06-05] (Kingsoft Corp. Ltd.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Speed X8.job => C:\Program Files (x86)\Kingsoft\Kingsoft Spreadsheets\office6\wpsupdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-04-08 00:19 - 2015-05-12 04:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-15 18:59 - 2013-08-15 19:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-08-20 20:45 - 2015-08-20 20:45 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-20 20:44 - 2015-08-20 20:44 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-25 18:35 - 2015-08-25 18:35 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15082501\algo.dll
2015-08-26 15:22 - 2015-08-26 15:22 - 02961408 _____ () C:\Program Files\AVAST Software\Avast\defs\15082603\algo.dll
2012-05-30 21:06 - 2012-05-30 21:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 21:06 - 2012-05-30 21:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-26 17:09 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-11-22 15:00 - 2010-11-22 15:00 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-03-12 18:10 - 2015-07-03 17:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 18:59 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-21 18:59 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 18:59 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 09:05 - 2015-08-19 21:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 10:32 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-03-15 14:39 - 2015-08-19 21:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 16:19 - 2015-07-27 02:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2012-03-14 14:18 - 2010-02-09 11:52 - 33735976 _____ () C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll
2009-11-02 15:20 - 2009-11-02 15:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 15:23 - 2009-11-02 15:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-08-19 19:50 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-19 19:50 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-19 19:50 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-19 19:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-08-19 19:50 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-03-12 17:47 - 2015-03-12 17:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-03-15 14:39 - 2015-07-03 17:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-21 23:42 - 2015-08-18 06:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-21 23:42 - 2015-08-18 06:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7867 more restricted sites.
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-975855429-1586840072-3018677650-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Speed X8\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5D34EECB-21D4-424D-9DE7-470712A2D3D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{36BD4955-5723-430F-8244-E9B4B1A7CAA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{8C612AE7-408B-4B57-870C-6AE8C44A6123}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{575E7D19-5070-461A-8D98-F0752F9E0137}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{92BA3D5F-F326-4BAC-B9AD-B7C49096CBDB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{202E6A75-0D39-40C2-B324-709952A37C33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{E325BA99-B97F-44BE-8507-FE6E3C15671B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{32991B09-DA94-48AE-94F0-0B3C6148190B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{96984B82-FFC6-4F72-A9C9-7CB3D9CA72D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{2B1EC88A-34A2-4F00-B3FD-C203BDE3DD75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of WarFace Off\game.exe
FirewallRules: [{C88CDA11-419A-44D8-A146-F0FEBF250652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of WarFace Off\game.exe
FirewallRules: [{360D43A4-2713-4700-B4E4-4F2C6AE10573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{DD93EA47-6DC9-40E6-8333-0D5ACCAF19BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{4633DDED-2DCE-4F8F-87AA-F5107A45E2B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B8C661C1-82D2-42CC-8D6E-B6ABB6A044A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{D8D7F778-7918-4084-9500-8C8136CE83D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BDEED219-9CCE-4746-BEED-0C8D31F621C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{220F40F5-FBF1-4967-AD11-28C9D4371965}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{2CF8862B-36B7-48BC-888B-43B0C2CE911C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{8B88FADA-74BB-4333-9C67-8DE5F4D1924C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{ED41E218-6B33-4FBE-AFC4-5EBF560E4587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{AF18E4BD-032C-422C-B40A-CEA8723ED12D}] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1C8ABCAF-A7A7-4596-94EF-A1C804727180}] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{0815CFBF-7399-4408-A808-CF8B71E65C5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{12178A31-241C-4C0C-A2C6-C97107D8BCE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{75DAC7BF-D4CF-4F79-AF2F-676718175AAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{8C1CF764-7FA2-4056-9CBB-20B1A49222B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/26/2015 03:40:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Au_.exe version 2.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1a8c
 
Start Time: 01d0e00cfaf5fcdb
 
Termination Time: 1
 
Application Path: C:\Users\SPEEDX~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
 
Report Id:
 
Error: (08/26/2015 03:38:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Au_.exe version 2.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 12fc
 
Start Time: 01d0e00ac8b260c3
 
Termination Time: 3
 
Application Path: C:\Users\SPEEDX~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
 
Report Id:
 
Error: (08/26/2015 03:19:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/25/2015 06:35:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/25/2015 06:11:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DaS_21.exe, version: 2.1.0.4, time stamp: 0x540c90b2
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18933, time stamp: 0x55a6a16f
Exception code: 0xe0434352
Fault offset: 0x000000000000b3dd
Faulting process id: 0xfa4
Faulting application start time: 0xDaS_21.exe0
Faulting application path: DaS_21.exe1
Faulting module path: DaS_21.exe2
Report Id: DaS_21.exe3
 
Error: (08/25/2015 06:11:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DaS_21.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.String.Substring(Int32, Int32)
   at DriverAndServicesOut.GetProcess.GetPathName(System.String)
   at DriverAndServicesOut.GetProcess.GetAllServices(System.String)
   at DriverAndServicesOut.Program.Main(System.String[])
 
Error: (08/25/2015 05:23:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/24/2015 08:30:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/24/2015 09:05:03 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {339d327e-f5c7-4fae-a12c-1b4d7f429f7c}
 
Error: (08/24/2015 08:54:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (08/26/2015 03:32:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.205.415.0).
 
Error: (08/26/2015 03:26:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (08/26/2015 03:19:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (08/26/2015 03:19:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (08/26/2015 03:18:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error: 
%%2
 
Error: (08/26/2015 03:18:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: 
%%2
 
Error: (08/26/2015 03:17:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/25/2015 06:34:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (08/25/2015 06:34:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (08/25/2015 06:34:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Safe Web Lite service failed to start due to the following error: 
%%2
 
 
Microsoft Office:
=========================
Error: (08/26/2015 03:40:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Au_.exe2.0.0.01a8c01d0e00cfaf5fcdb1C:\Users\SPEEDX~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
 
Error: (08/26/2015 03:38:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Au_.exe2.0.0.012fc01d0e00ac8b260c33C:\Users\SPEEDX~1\AppData\Local\Temp\~nsu.tmp\Au_.exe
 
Error: (08/26/2015 03:19:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/25/2015 06:35:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/25/2015 06:11:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DaS_21.exe2.1.0.4540c90b2KERNELBASE.dll6.1.7601.1893355a6a16fe0434352000000000000b3ddfa401d0df590b0d87a0C:\Users\SPEEDX~1\AppData\Local\Temp\DaS_21.exeC:\Windows\system32\KERNELBASE.dll4d1677e1-4b4c-11e5-a762-50e54946680c
 
Error: (08/25/2015 06:11:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DaS_21.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentOutOfRangeException
Stack:
   at System.String.Substring(Int32, Int32)
   at DriverAndServicesOut.GetProcess.GetPathName(System.String)
   at DriverAndServicesOut.GetProcess.GetAllServices(System.String)
   at DriverAndServicesOut.Program.Main(System.String[])
 
Error: (08/25/2015 05:23:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/24/2015 08:30:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/24/2015 09:05:03 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {339d327e-f5c7-4fae-a12c-1b4d7f429f7c}
 
Error: (08/24/2015 08:54:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 20%
Total physical RAM: 16367.3 MB
Available physical RAM: 13092.64 MB
Total Virtual: 32732.81 MB
Available Virtual: 29051.25 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1313.43 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D2DB4A79)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
 
==================== End of FRST.txt ============================

  • 0

#38
pystryker
Posted 26 August 2015 - 06:08 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Hey,



Tried to uninstall CCleaner today because i never use it and noticed its always running in processes, however the uninstall kept failing.

Why am i so bad with computers! :( lol


Hello :)

You're not bad with computers, machines sometimes have a mind of their own. :) Quick question, I'm not seeing anything in the logs that would account for the symptom you described, but do you know what this is? I can't find any information anywhere on it. If you know what it is, no worries, if not, we'll need to remove it. Please let me know, and thanks.
 

C:\Users\Speed X8\Desktop\JX^Ch3D


  • 0

#39
Alkalidum
Posted 27 August 2015 - 02:17 AM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Hmm, no not sure what that is. i don't even see anything on my desktop called that.

 

Took a video with Fraps to show you how the game is running idle:

 

https://vid.me/wfwk

 

If you look at the cursor you can see it constant flashing and as if its trying to load something, the fraps recorder is only recording the game though so what you cant see is everytime the cursor flashes it shows me desktop (or whatever program is running under it) for a split second. This is just idle but if im actually playing it is far worse :(


Edited by Alkalidum, 27 August 2015 - 02:51 AM.

  • 0

#40
pystryker
Posted 27 August 2015 - 04:41 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Hmm, no not sure what that is. i don't even see anything on my desktop called that.
 
Took a video with Fraps to show you how the game is running idle:
 
https://vid.me/wfwk
 
If you look at the cursor you can see it constant flashing and as if its trying to load something, the fraps recorder is only recording the game though so what you cant see is everytime the cursor flashes it shows me desktop (or whatever program is running under it) for a split second. This is just idle but if im actually playing it is far worse :(


Hello :)

Ok, thank you. I've prepared a fix below to remove the item in question. If the performance doesn't improve after that, then I'll remove my tools, and refer you to the Hardware Forum so they can test your hardware for any potential problems. :thumbsup:


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:
Task: {9473A819-07C7-4DE4-A5A9-D2E85121F58B} - System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77} => pcalua.exe -a "C:\Users\Speed X8\Desktop\JX^Ch3D\Installer.exe" -d "C:\Users\Speed X8\Desktop\JX^Ch3D"
C:\Users\Speed X8\Desktop\JX^Ch3D
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Things I need to see in your next post:

Fixlog.txt Log

Any improvement in the performance?
  • 0

Advertisements

#41
Alkalidum
Posted 27 August 2015 - 01:48 PM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

 


Ok, thank you. I've prepared a fix below to remove the item in question. If the performance doesn't improve after that, then I'll remove my tools, and refer you to the Hardware Forum so they can test your hardware for any potential problems. :thumbsup:

Any improvement in the performance?

 

 

 

Hi again :)

 

Still having the same issue after the FRST fix, But if my computer looks clean could we try removing all the programs weve installed for the fix and see if that makes a difference? (Including CCleaner if we can)

 

I think doing anything with the hardware will be way beyond my capabilities if i have to take parts of my PC apart :S lol, however i did notice under the software section there is a Games forum, was wondering if there would be any experts there that would be able to help? I was thinking it could be an incomparable program interfering with the game because it seems like windows is doing something in the background thats pulling it into the foreground while the game is active.

 

Anyway onto the log :)

 

Fix result of Farbar Recovery Scan Tool (x64) Version:24-08-2015
Ran by Speed X8 (2015-08-27 20:24:22) Run:6
Running from C:\Users\Speed X8\Desktop
Loaded Profiles: Speed X8 (Available Profiles: Speed X8)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {9473A819-07C7-4DE4-A5A9-D2E85121F58B} - System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77} => pcalua.exe -a "C:\Users\Speed X8\Desktop\JX^Ch3D\Installer.exe" -d "C:\Users\Speed X8\Desktop\JX^Ch3D"
C:\Users\Speed X8\Desktop\JX^Ch3D
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9473A819-07C7-4DE4-A5A9-D2E85121F58B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9473A819-07C7-4DE4-A5A9-D2E85121F58B}" => key removed successfully
C:\Windows\System32\Tasks\{139121BD-9416-43B4-96AF-F08644BB5F77} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{139121BD-9416-43B4-96AF-F08644BB5F77}" => key removed successfully
"C:\Users\Speed X8\Desktop\JX^Ch3D" => File/Folder not found.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 20:24:56 ====

  • 0

#42
pystryker
Posted 27 August 2015 - 07:52 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Hi again :)



Still having the same issue after the FRST fix, But if my computer looks clean could we try removing all the programs weve installed for the fix and see if that makes a difference? (Including CCleaner if we can)



I think doing anything with the hardware will be way beyond my capabilities if i have to take parts of my PC apart :S lol, however i did notice under the software section there is a Games forum, was wondering if there would be any experts there that would be able to help? I was thinking it could be an incomparable program interfering with the game because it seems like windows is doing something in the background thats pulling it into the foreground while the game is active.


Hello :)

Ok, we'll remove my tools, create a clean restore point, and I also have some information to help protect you in the future. As for the Hardware forum, they won't make you take things apart. :) They have specific software tools to test the hardware.

I'd also definitely check out the Games forum and post about the issue if the tool removal doesn't help.

Let's see if Revo will remove CCCleaner from the machine before I tidy up the rest of my tools. :thumbsup:
  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • When prompted click on Yes and then on next.
  • Put a check on any folders that are found and select delete
  • When prompted select yes then on next
  • Once done click Finish.
Once completed, please let me know if it was successful.
  • 0

#43
Alkalidum
Posted 28 August 2015 - 04:15 AM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Yay, It is removed!  :prop:


  • 0

#44
pystryker
Posted 28 August 2015 - 04:33 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Yay, It is removed!  :prop:


Excellent, let's remove my tools and create a clean restore point on your machine. :thumbsup:


Step 1: Tool Removal with Delfix and Creation of a clean restore point
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    • Reset System Settings
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
  • You can uninstall ESET Online Scanner at this time.
  • I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.
Step 2: Tips, Information, and Optional Installation of Unchecky
  • Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  • Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
  • Be careful of the websites you visit.
  • When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take your time and read each screen as you go. :)
To help protect yourself while on the web, I recommend you read How did I get infected in the first place?


Installation of Unchecky

This is a very good little program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.
  • Click here to be taken to Unchecky.com
  • Click the very large Download button.
  • Click Save
  • Once downloaded, double click the program (Vista, Win 7, and 8, right click and Run as Administrator)
  • Once open, click the Install button.
unchecky1_zps667e512d.jpg


Then click Finish

unchecky2_zpsca4e7d0d.jpg


Unchecky is now installed and will help you keep unwanted check boxes unchecked. :thumbsup:


Things I need to see in your next post

Delfix Log
  • 0

#45
Alkalidum
Posted 28 August 2015 - 04:44 AM

Alkalidum

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

OK i've installed Unchecky and ran Delfix, i still have mbar, revo setup, revo uninstaller and mbam setup on desktop so should i just uninstall/delete them automatically?

 

# DelFix v1.010 - Logfile created 28/08/2015 at 11:35:16
# Updated 26/04/2015 by Xplode
# Username : Speed X8 - SPEEDX8-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\Users\Speed X8\Desktop\FRST-OlderVersion
Deleted : C:\Users\Speed X8\Desktop\mbar
Deleted : C:\TDSSKiller.3.1.0.5_26.08.2015_15.40.41_log.txt
Deleted : C:\Users\Speed X8\Desktop\AdwCleaner (1).exe
Deleted : C:\Users\Speed X8\Desktop\FRST64.exe
Deleted : C:\Users\Speed X8\Desktop\JRT.exe
Deleted : C:\Users\Speed X8\Desktop\SecurityCheck.exe
Deleted : C:\Users\Speed X8\Desktop\tdsskiller.exe
Deleted : C:\Users\Speed X8\Desktop\zoek.exe
Deleted : C:\Users\Speed X8\Downloads\Addition.txt
Deleted : C:\Users\Speed X8\Downloads\AdwCleaner.exe
Deleted : C:\Users\Speed X8\Downloads\Extras.Txt
Deleted : C:\Users\Speed X8\Downloads\FRST.txt
Deleted : C:\Users\Speed X8\Downloads\JRT.exe
Deleted : C:\Users\Speed X8\Downloads\JavaRa-2.6.1.zip
Deleted : C:\Users\Speed X8\Downloads\OTL.Txt
Deleted : C:\Users\Speed X8\Downloads\OTL.exe
Deleted : C:\Users\Speed X8\Downloads\SecurityCheck.exe
Deleted : C:\Users\Speed X8\Downloads\tdsskiller.exe
Deleted : C:\Users\Speed X8\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #539 [JRT Pre-Junkware Removal | 08/21/2015 09:59:16]
Deleted : RP #541 [Restore Point Created by FRST | 08/22/2015 11:10:10]
Deleted : RP #543 [Restore Point Created by FRST | 08/22/2015 20:20:01]
Deleted : RP #544 [Malwarebytes Anti-Rootkit Restore Point | 08/22/2015 20:51:35]
Deleted : RP #546 [Restore Point Created by FRST | 08/24/2015 08:05:04]
Deleted : RP #547 [Removed Java™ 6 Update 39 (64-bit) | 08/24/2015 08:11:57]
Deleted : RP #548 [Removed Java™ 6 Update 39 | 08/24/2015 08:13:26]
Deleted : RP #549 [Windows Update | 08/25/2015 16:29:50]
Deleted : RP #551 [Restore Point Created by FRST | 08/25/2015 17:07:56]
Deleted : RP #552 [zoek.exe restore point | 08/25/2015 17:10:56]
Deleted : RP #554 [Restore Point Created by FRST | 08/27/2015 19:24:29]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP