Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can't run any antivirus program or access any antivirus webpages [


  • This topic is locked This topic is locked

#1
musicalogist

musicalogist

    New Member

  • Member
  • Pip
  • 6 posts
I use AVAST, but just found out that it is disabled, and I can't open it, run it, or uninstall it, or access it in any way
 
I cannot access any antivirus software websites
 
Tried running Malwarebytes, won't run, even in safe mode
 
Otherwise the computer is running fine, so I don't know how long this has been going on
 
I would appreciate the help
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Oscar (administrator) on OSCARROJAS (03-11-2015 22:15:35)
Running from D:\Cloud Files\Desktop-LAP
Loaded Profiles: Oscar (Available Profiles: Oscar)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Stardock Software, Inc) C:\Programas\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Programas\Stardock\Start8\Start8_64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Binary Fortress Software) C:\Programas\DisplayFusion\DisplayFusionService.exe
() C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Nitro PDF Software) C:\Programas\NitroPDF\NitroPDFDriverService9x64.exe
() C:\Programas\NitroPDF\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
() C:\Program Files\GIGABYTE\Smart Switch\ElevateService.exe
(TeamViewer GmbH) C:\ProgramasTeamViewer\TeamViewer_Service.exe
(GIGABYTE) C:\Program Files\GIGABYTE\Smart Update\Update_Service.exe
() C:\Users\Oscar\AppData\Roaming\XBox\XBLive.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(GIGABYTE) C:\Program Files\GIGABYTE\Smart Update\GMSG.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Programas\WizMouse\WizMouse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSync.exe
(Binary Fortress Software) C:\Programas\DisplayFusion\DisplayFusion.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Dropbox, Inc.) C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Binary Fortress Software) C:\Programas\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Programas\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(GIGABYTE TECHNOLOGY CO., LTD.) C:\Program Files\GIGABYTE\SmartManagerV3\OSD\GBOSDV2.exe
(Simply Super Software) C:\Programas\Trojan Remover\Trjscan.exe
(GIGABYTE TECHNOLOGY CO., LTD.) C:\Program Files\GIGABYTE\SmartManagerV3\GBSMV2.exe
(Dropbox, Inc.) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Stardock) C:\Programas\Stardock\ObjectDock\ObjectDock.exe
(Stardock) C:\Programas\Stardock\ObjectDock\Dock64.exe
(Stardock) C:\Programas\Stardock\ObjectDock\ObjectDockTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Cloud Files\Desktop-LAP\adwcleaner_5.017.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-25] (Avast Software s.r.o.)
HKLM-x32\...\RunOnce: [SmartUpdate] => C:\Program Files\GIGABYTE\Smart Update\urgent.exe [357888 2014-11-21] (GIGABYTE)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [GoogleChromeAutoLaunch_D08D9DAE1EAB6F612F08AF40ADD97038] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [SugarSync] => C:\Program Files (x86)\SugarSync\SugarSync.exe [18880528 2015-09-28] (SugarSync, Inc.)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Steam] => D:\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Spotify Web Helper] => C:\Users\Oscar\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-14] (Spotify Ltd)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [DisplayFusion] => C:\Programas\DisplayFusion\DisplayFusion.exe [8538648 2015-09-22] (Binary Fortress Software)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Spotify] => C:\Users\Oscar\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-14] (Spotify Ltd)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2050048 2015-03-09] (RemoteMouse.net)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Dropbox Update] => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-03-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-09-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-09-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncSharedSyncing] -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-09-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncSynced] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-09-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [zz00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-03-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GBOSDV3.lnk [2014-11-27]
ShortcutTarget: GBOSDV3.lnk -> C:\Program Files\GIGABYTE\SmartManagerV3\OSD\GBOSDV2.exe (GIGABYTE TECHNOLOGY CO., LTD.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SystemTray.lnk [2014-11-27]
ShortcutTarget: SystemTray.lnk -> C:\Program Files\GIGABYTE\SmartManagerV3\SystemTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Welcome.lnk [2014-11-27]
ShortcutTarget: Welcome.lnk -> C:\Program Files\GIGABYTE\Smart USB Backup\Welcome.exe ()
Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2015-03-25]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Programas\Stardock\ObjectDock\ObjectDock.exe (Stardock)
GroupPolicy: Restriction - Chrome <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\ProgramData\System32\SafeGuard32.dll No File 
Winsock: Catalog5-x64 08 C:\ProgramData\System32\SafeGuard64.dll [2316728 2015-11-01] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{181FD1C2-996D-45CB-9E04-C6B32A4BF37A}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=testsinstcr&uid=LITEONXITXLMT-128L9M_002440101520&version=2.2.0.7859&pid=414031160&tid=310&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=testsinstcr&uid=LITEONXITXLMT-128L9M_002440101520&version=2.2.0.7859&pid=414031160&tid=310&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = 
SearchScopes: HKU\.DEFAULT -> {9CE1D075-7FE9-4ABD-B4FE-BE5D41094EB8} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-18] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-18] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-03] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Programas\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Programas\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Programas\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2700374867-1607317419-1423608881-1001: SkypeForBusinessPlugin-15.8 -> C:\Users\Oscar\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.351\npGatewayNpapi.dll [2015-03-13] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2700374867-1607317419-1423608881-1001: SkypeForBusinessPlugin64-15.8 -> C:\Users\Oscar\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.351\npGatewayNpapi-x64.dll [2015-03-13] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-25] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.searchult.com/?bd=hp&oem=testsinstcr&uid=LITEONXITXLMT-128L9M_002440101520&version=2.2.0.7859&pid=414031160&tid=310"
CHR NewTab: Default -> "chrome-extension://mgmiemnjjchgkmgbeljfocdjjnpjnmcg/ntp.html"
CHR Profile: C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-09-15]
CHR Extension: (Google Docs) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Cast) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-10-11]
CHR Extension: (Adblock Plus) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-22]
CHR Extension: (Pushbullet) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-11-03]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-10-27]
CHR Extension: (Google Search) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-11-03]
CHR Extension: (Feedly Plus) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebcfphdkgdlcmcokcpnbplppmcgklolc [2015-08-22]
CHR Extension: (Google Sheets) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (PDF Compressor - Smallpdf.com) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gealeehfjeflamgnohlhabaefbfjfjgc [2015-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-10-28]
CHR Extension: (Avast Online Security) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02]
CHR Extension: (feedly) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-03-25]
CHR Extension: (Linkclump) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2015-03-25]
CHR Extension: (Awesome New Tab Page) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2015-11-03]
CHR Extension: (Google Play Books) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2015-05-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-25] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-25] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 DisplayFusionService; C:\Programas\DisplayFusion\DisplayFusionService.exe [4608040 2015-09-22] (Binary Fortress Software)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [11071208 2015-07-07] (DisplayLink Corp.)
R2 ElevateService; C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe [19456 2014-11-25] () [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-10-08] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-29] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NitroDriverReadSpool9; C:\Programas\NitroPDF\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software)
R2 NitroUpdateService; C:\Programas\NitroPDF\Nitro_UpdateService.exe [418312 2014-08-01] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 OpenVPNService; C:\Programas\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-10-29] (The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [171952 2015-09-24] ()
R2 SmartSwitchService; C:\Program Files\GIGABYTE\Smart Switch\ElevateService.exe [19456 2014-03-31] () [File not signed]
R2 Start8; C:\Programas\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
R2 TeamViewer; C:\ProgramasTeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
R2 Update_Service; C:\Program Files\GIGABYTE\Smart Update\Update_Service.exe [136704 2014-11-21] (GIGABYTE) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
R2 XBox; C:\Users\Oscar\AppData\Roaming\XBox\XBLive.exe [6712760 2015-10-28] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-25] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
S3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.296.0.sys [58640 2015-07-08] ()
S3 dlcdcncm; C:\Windows\system32\DRIVERS\dlcdcncm62_x64.sys [91920 2015-07-07] (DisplayLink Corp.)
S3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [229648 2015-07-07] (DisplayLink Corp.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-10] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222664 2014-09-15] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-29] (Intel Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Apple Inc.) [File not signed]
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-06] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows ® Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [429272 2014-11-27] (Realsil Semiconductor Corporation)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-25] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-03 22:15 - 2015-11-03 22:15 - 00000000 ____D C:\FRST
2015-11-03 21:25 - 2015-11-03 21:25 - 00000000 ____D C:\ProgramData\Licenses
2015-11-03 20:52 - 2015-11-03 22:13 - 00000000 ____D C:\AdwCleaner
2015-11-03 20:12 - 2015-11-03 20:12 - 00003732 _____ C:\Windows\PFRO.log
2015-11-02 11:40 - 2015-11-02 11:42 - 00022081 _____ C:\Users\Oscar\AppData\Roaming\Comma Separated Values.ADR
2015-11-01 22:21 - 2015-11-03 22:11 - 00004988 _____ C:\Windows\setupact.log
2015-11-01 22:21 - 2015-11-01 22:21 - 00000000 _____ C:\Windows\setuperr.log
2015-10-29 14:02 - 2015-11-03 20:22 - 00000000 ____D C:\Users\Oscar\AppData\LocalLow\uTorrent
2015-10-28 14:11 - 2015-10-29 13:23 - 00000032 ___SH C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
2015-10-28 14:08 - 2015-10-28 14:08 - 00000000 ____D C:\Users\Oscar\AppData\Local\ORPALIS
2015-10-28 14:05 - 2015-10-28 14:05 - 00000000 ____D C:\Users\Oscar\AppData\Local\Downloaded Installations
2015-10-28 14:04 - 2015-10-28 14:04 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\iSkysoft
2015-10-28 13:58 - 2015-10-28 13:58 - 00000000 ____D C:\ProgramData\wondershare
2015-10-28 13:58 - 2015-10-28 13:58 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-10-28 13:57 - 2015-10-28 13:58 - 00000000 ____D C:\Users\Public\Documents\iSkysoft
2015-10-28 13:38 - 2015-10-28 13:38 - 00000000 ____D C:\Users\Oscar\Documents\PDF Compressor Output
2015-10-28 13:38 - 2015-10-28 13:38 - 00000000 ____D C:\Users\Oscar\AppData\Local\iWesoft
2015-10-28 11:04 - 2015-10-28 11:04 - 00000000 ____D C:\Windows\SysWOW64\worker
2015-10-26 12:40 - 2015-10-26 12:40 - 00000000 ____D C:\ADDSIS ROVESA
2015-10-26 11:53 - 2015-10-26 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADDSIS ROVESA
2015-10-20 07:54 - 2015-10-20 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-10-17 12:53 - 2015-10-17 12:53 - 00000712 _____ C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-10-17 06:38 - 2015-10-17 06:38 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-13 04:24 - 2015-10-13 04:24 - 04587520 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-03 22:13 - 2015-03-27 10:06 - 00063144 _____ C:\Windows\system32\lvcoinst.log
2015-11-03 22:13 - 2015-03-25 17:08 - 01717612 _____ C:\Windows\WindowsUpdate.log
2015-11-03 22:13 - 2015-03-25 14:43 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Skype
2015-11-03 22:13 - 2014-11-27 22:19 - 00006533 _____ C:\Windows\SysWOW64\Gms.log
2015-11-03 22:12 - 2015-07-09 09:10 - 00003592 _____ C:\Windows\System32\Tasks\WizMouse
2015-11-03 22:12 - 2015-03-25 13:57 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Dropbox
2015-11-03 22:12 - 2015-03-25 13:35 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-03 22:12 - 2015-03-25 12:28 - 00000000 ____D C:\Users\Oscar\OneDrive
2015-11-03 22:11 - 2015-03-25 12:20 - 00000000 ____D C:\Users\Oscar
2015-11-03 22:11 - 2014-11-27 23:44 - 00000332 _____ C:\Windows\Tasks\RtlLanOptimizerVistaStart.job
2015-11-03 22:11 - 2014-11-27 22:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-03 22:11 - 2013-08-22 08:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-03 21:53 - 2014-11-27 21:04 - 00491562 _____ C:\Windows\system32\prfh0404.dat
2015-11-03 21:53 - 2014-11-27 21:04 - 00146130 _____ C:\Windows\system32\prfc0404.dat
2015-11-03 21:53 - 2014-11-27 20:56 - 00816590 _____ C:\Windows\system32\prfh0416.dat
2015-11-03 21:53 - 2014-11-27 20:56 - 00169094 _____ C:\Windows\system32\prfc0416.dat
2015-11-03 21:53 - 2014-11-27 20:46 - 00841510 _____ C:\Windows\system32\perfh00A.dat
2015-11-03 21:53 - 2014-11-27 20:46 - 00176812 _____ C:\Windows\system32\perfc00A.dat
2015-11-03 21:53 - 2014-03-18 04:03 - 03530504 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-03 21:45 - 2015-06-21 09:35 - 00000940 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001UA.job
2015-11-03 21:25 - 2014-11-27 23:47 - 00000000 ____D C:\ProgramData\Temp
2015-11-03 21:24 - 2015-03-25 14:02 - 00000000 ____D C:\Programas
2015-11-03 21:02 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-03 21:00 - 2015-03-25 13:35 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-03 20:44 - 2015-04-06 02:03 - 00000000 ___SD C:\Windows\system32\GWX
2015-11-03 20:44 - 2015-03-25 15:03 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\uTorrent
2015-11-03 20:44 - 2015-03-25 14:48 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\vlc
2015-11-03 20:44 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\registration
2015-11-03 20:34 - 2013-08-22 07:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-11-03 20:17 - 2015-03-27 18:09 - 00000000 ____D C:\Users\Oscar\AppData\Local\DisplayFusion
2015-11-03 17:13 - 2015-03-25 15:57 - 00000000 ____D C:\Users\Oscar\AppData\Local\CrashDumps
2015-11-03 16:59 - 2015-03-25 12:30 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5FF5DA2D-519B-40E7-AD7E-3AD902F76F3F}
2015-11-03 12:59 - 2015-03-25 12:20 - 00000000 ____D C:\Users\Oscar\AppData\Local\Packages
2015-11-03 12:55 - 2015-03-25 21:06 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-02 09:47 - 2015-03-25 12:26 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2700374867-1607317419-1423608881-1001
2015-11-01 22:34 - 2015-07-16 12:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-01 22:24 - 2015-07-02 10:17 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2700374867-1607317419-1423608881-1001
2015-10-31 08:53 - 2015-09-17 09:22 - 00000000 ____D C:\Users\Oscar\Documents\Scores
2015-10-31 08:49 - 2015-08-04 21:37 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\TeamViewer
2015-10-31 08:49 - 2015-03-25 16:44 - 00000000 ____D C:\Windows\Minidump
2015-10-30 10:59 - 2015-07-03 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-29 16:08 - 2013-08-22 09:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-28 22:12 - 2015-09-18 09:03 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\XBox
2015-10-28 21:12 - 2015-07-03 18:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-28 14:11 - 2015-03-30 13:11 - 00000000 ____D C:\Users\Oscar\AppData\Local\Adobe
2015-10-28 11:04 - 2015-09-23 08:35 - 00641054 _____ C:\Windows\SysWOW64\worker.zip
2015-10-26 12:28 - 2015-08-04 21:15 - 00000000 ____D C:\ProgramasTeamViewer
2015-10-26 11:57 - 2015-03-25 16:04 - 00000000 ____D C:\Program Files (x86)\ADDSIS ROVESA
2015-10-25 02:06 - 2015-03-25 14:07 - 00000000 ____D C:\Users\Oscar\AppData\Local\SugarSync
2015-10-25 01:00 - 2015-06-21 09:35 - 00000888 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001Core.job
2015-10-24 21:42 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\AppReadiness
2015-10-24 21:31 - 2015-03-25 13:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-10-20 07:54 - 2015-03-25 13:35 - 00000000 ____D C:\Users\Oscar\AppData\Local\Google
2015-10-17 05:04 - 2015-03-25 14:06 - 00000000 ____D C:\Program Files (x86)\SugarSync
2015-10-16 04:35 - 2014-11-27 23:49 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-15 16:14 - 2015-03-25 16:33 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Nitro
2015-10-06 21:44 - 2015-03-25 14:43 - 00000000 ____D C:\ProgramData\Skype
2015-10-06 09:42 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\LiveKernelReports
 
==================== Files in the root of some directories =======
 
2015-09-17 09:23 - 2015-09-17 09:23 - 0000604 ____H () C:\Program Files (x86)\STLL Notifier
2015-11-02 11:40 - 2015-11-02 11:42 - 0022081 _____ () C:\Users\Oscar\AppData\Roaming\Comma Separated Values.ADR
2015-03-25 12:20 - 2015-03-25 19:32 - 0000020 _____ () C:\Users\Oscar\AppData\Roaming\db.ini
2015-10-28 14:11 - 2015-10-29 13:23 - 0000032 ___SH () C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
2014-08-19 22:06 - 2014-08-19 22:06 - 0000020 _____ () C:\ProgramData\db.ini
2014-11-27 22:20 - 2014-11-27 22:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Oscar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2i3axc.dll
C:\Users\Oscar\AppData\Local\Temp\sqlite3.dll
C:\Users\Oscar\AppData\Local\Temp\UNINSTAL.EXE
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-01 22:41
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Oscar (2015-11-03 22:15:56)
Running from D:\Cloud Files\Desktop-LAP
Windows 8.1 (X64) (2015-03-25 18:20:55)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2700374867-1607317419-1423608881-500 - Administrator - Disabled)
Guest (S-1-5-21-2700374867-1607317419-1423608881-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2700374867-1607317419-1423608881-1003 - Limited - Enabled)
Oscar (S-1-5-21-2700374867-1607317419-1423608881-1001 - Administrator - Enabled) => C:\Users\Oscar
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ADDSIS ROVESA (HKLM-x32\...\{0A5E55F3-6736-4BBC-AFAF-6F7873B81A89}) (Version: 1.1.3 - ADDSIS SISTEMAS)
ADDSIS ROVESA (HKLM-x32\...\{1B63F497-5DD5-47B0-B838-33E5CC33CEA3}) (Version: 1.0.8 - ADDSIS SISTEMAS)
ADDSIS ROVESA (HKLM-x32\...\{26830DE7-B881-4E24-848E-67308E3CE585}) (Version: 1.1.0 - ADDSIS SISTEMAS)
ADDSIS ROVESA (HKLM-x32\...\{44D688A3-3951-4968-9B44-6DB39BCA57C2}) (Version: 1.1.2 - ADDSIS SISTEMAS)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AmCap version 9.01 (HKLM-x32\...\{0F45BECF-4C85-4301-A8A4-D2E2AE2A2C08}_is1) (Version: 9.01 - Gigabyte, Inc.)
AmoK Exif Sorter 2.5.1 (remove only) (HKLM-x32\...\AmoKExifSorter2) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4427.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayFusion 7.3.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.1.0 - Binary Fortress Software)
DisplayLink Core Software (HKLM\...\{7BB949B9-EB47-47E4-814D-88F8CD301543}) (Version: 7.9.296.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{735DF30E-6474-4CE8-BA2E-5EB219ACE163}) (Version: 7.9.376.0 - DisplayLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Edraw Max 7.9 (HKLM-x32\...\Edraw Max_is1) (Version:  - EdrawSoft)
ELAN Touchpad 11.14.8.1_X64_WHQL (HKLM\...\Elantech) (Version: 11.14.8.1 - ELAN Microelectronic Corp.)
Ether One (HKLM\...\UDK-bb8eeb38-76a2-4226-9d84-430c7ee2362e) (Version:  - Epic Games, Inc.)
Ether One (HKLM-x32\...\Steam App 265950) (Version:  - White Paper Games)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIGABYTE Smart USB Backup 2.0.20141119 (HKLM-x32\...\GIGABYTE Smart USB Backup) (Version: 2.0.20141119 - GIGABYTE TECHNOLOGY CO.,LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HMA! Pro VPN 2.8.19.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.19.0 - Privax Ltd)
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 17.1.1434.2) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e63d3cb3-0b4d-44ca-aba0-ba433f2f37fd}) (Version: 17.13.0 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kutools for Outlook version 4.1.0.78 (HKLM-x32\...\{85146999-C414-42ED-9FAC-9915FC4C5AAC}_is1) (Version: 4.1.0.78 - ExtendOffice)
LanOptimizer (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - Realtek)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2013 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 en-US)) (Version: 31.7.0 - Mozilla)
Nitro Pro 9 (HKLM-x32\...\{365ea527-e0f5-47eb-8d9e-ecadeed4e39b}) (Version: 9.5.3.8 - Nitro)
Nitro Pro 9 (Version: 9.5.3.8 - Nitro) Hidden
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7348 - Realtek Semiconductor Corp.)
Remote Mouse version 2.70 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.70 - Remote Mouse)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype for Business Web App Plug-in (HKLM-x32\...\{7EA9A4CD-6875-4F3C-A4D4-42C924AD3CF8}) (Version: 15.8.20020.351 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Smart Manager V3 Ver 4.4.5 (HKLM\...\Smart Manager V3) (Version: Ver 4.4.5 - GIGABYTE)
Smart Switch v2.3.0 (HKLM-x32\...\Smart Switch) (Version: v2.3.0 - GIGABYTE TECHNOLOGY CO.,LTD.)
Smart Update v2.3.7 (HKLM-x32\...\Smart Update) (Version: v2.3.7 - GIGABYTE TECHNOLOGY CO.,LTD.)
Spotify (HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Stardock ObjectDock (HKLM-x32\...\Stardock ObjectDock) (Version: 2.20 - Stardock Software, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.56 - Stardock Software, Inc.)
SugarSync (HKLM-x32\...\SugarSync) (Version: 3.7.0.14.141281 - SugarSync, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{0F659036-14C7-4622-9505-35A0DC93526A}) (Version: 6.1.3.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{44C7DE90-5D9A-4590-AA2C-4F64B3F2D856}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version:  - Croteam)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winmail Reader 1.2.15 (HKLM-x32\...\Winmail Reader_is1) (Version:  - Kopf)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WizMouse v1.7.0.3 (HKLM-x32\...\WizMouse_is1) (Version:  - Antibody Software)
사진 갤러리 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{1542FC7D-8D51-43D5-B757-67C763F27BF4}\localserver32 -> C:\Users\Oscar\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.351\GatewayVersion-x64.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
30-09-2015 14:48:28 Instalado ADDSIS ROVESA
26-10-2015 11:52:16 Quitado ADDSIS ROVESA
26-10-2015 11:52:44 Instalado ADDSIS ROVESA
28-10-2015 13:37:30 Installed PDF Compressor
30-10-2015 18:49:14 Removed NXPowerLite Desktop 6
31-10-2015 09:13:40 Maintenance Day 
03-11-2015 20:41:50 Restore Operation
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {16CC8326-2CDB-482A-A81A-4D6487C98AA1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {1CC57487-9382-4C02-99CA-761DE8E969C7} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {22174AC8-8658-4127-87B8-7D21172E37FC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {263ACBEF-0D95-4239-A33F-279806EF2F67} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {29B6442A-6690-4094-A900-E1009E526679} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {2ED97199-790A-442D-A6FF-54CBA1546BBF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {3867FE22-ACDC-44B5-A211-C175C6502294} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-28] (Microsoft Corporation)
Task: {51F8BEE9-1D6A-4113-AC06-BB537675645C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {79F530E3-D96C-4A3C-9222-6F9C521B1746} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {8069B46A-9138-434B-9373-1A7BBD9C8625} - System32\Tasks\{3F03BE32-D8DD-408B-8FE6-D1FEF8B3CBDB} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {9FFAFB18-421F-4A38-B9FB-06625CD0E75D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {A93F352D-F0DE-46F2-9602-FAFBDC6F8095} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2700374867-1607317419-1423608881-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {B0FB3D7A-D6F5-43FF-88B6-5E10759D33CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {C5EBFD97-DA8B-44CE-9369-FEE944B69646} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {E03D3CDA-8EE5-42D5-85D6-3F9D04908DC7} - System32\Tasks\WizMouse => C:\Programas\WizMouse\WizMouseLaunch.exe [2013-09-22] ()
Task: {E147B789-BD0D-4B06-BD11-D94000F194B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001Core => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {E4F29F0D-8EAB-411E-AFAA-91FB2BE60834} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001UA => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {EC8F904B-7FF0-4B28-95EF-82AC8B534FF2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {FFCCE491-4583-4555-843A-2E4467832AFC} - System32\Tasks\RtlLanOptimizerVistaStart => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe [2013-01-18] (Realtek Semiconductor)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001Core.job => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001UA.job => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RtlLanOptimizerVistaStart.job => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-11-27 22:25 - 2015-05-27 22:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-28 22:12 - 2015-11-01 23:11 - 02316728 _____ () C:\ProgramData\System32\SafeGuard64.dll
2015-07-03 18:39 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00019456 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
2014-08-01 14:23 - 2014-08-01 14:23 - 00418312 _____ () C:\Programas\NitroPDF\Nitro_UpdateService.exe
2015-09-24 07:09 - 2015-09-24 07:09 - 00171952 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
2014-03-31 04:19 - 2014-03-31 04:19 - 00019456 _____ () C:\Program Files\GIGABYTE\Smart Switch\ElevateService.exe
2015-10-28 19:00 - 2015-10-28 19:00 - 06712760 _____ () C:\Users\Oscar\AppData\Roaming\XBox\XBLive.exe
2015-07-03 18:54 - 2015-09-01 10:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-07 03:53 - 2015-07-07 03:53 - 01612520 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll
2015-03-25 15:28 - 2013-09-22 12:27 - 00119000 _____ () C:\Programas\WizMouse\wizmouse.exe
2014-04-07 18:13 - 2014-04-07 18:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00009728 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\OSD\IsMetroUI.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00486400 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\OSD\Skin\OSD_Skin.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00204800 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\GetDispDevs.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00095744 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\PCIeCtl.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 04670464 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\Skin\Main_Skin.dll
2015-11-03 20:52 - 2015-11-03 20:52 - 01708032 _____ () D:\Cloud Files\Desktop-LAP\adwcleaner_5.017.exe
2015-03-25 21:06 - 2015-03-25 21:06 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-25 21:06 - 2015-03-25 21:06 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-28 11:54 - 2015-10-28 11:54 - 02998664 _____ () C:\Program Files\AVAST Software\Avast\defs\15102801\algo.dll
2015-10-28 22:12 - 2015-11-01 23:11 - 01536952 _____ () C:\ProgramData\System32\SafeGuard32.dll
2015-04-04 22:02 - 2015-06-24 05:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-23 22:00 - 2015-10-20 08:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 22:00 - 2015-10-20 08:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00052736 _____ () C:\Program Files (x86)\SugarSync\librsync.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00769024 _____ () C:\Program Files (x86)\SugarSync\libGLESv2.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00875008 _____ () C:\Program Files (x86)\SugarSync\platforms\qwindows.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00047104 _____ () C:\Program Files (x86)\SugarSync\libEGL.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00021504 _____ () C:\Program Files (x86)\SugarSync\imageformats\qgif.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00020992 _____ () C:\Program Files (x86)\SugarSync\imageformats\qico.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00204800 _____ () C:\Program Files (x86)\SugarSync\imageformats\qjpeg.dll
2015-05-30 17:47 - 2013-11-19 21:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2015-11-03 22:12 - 2015-11-03 22:12 - 00071168 _____ () c:\users\oscar\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2i3axc.dll
2015-03-04 15:45 - 2015-09-23 17:07 - 00012800 _____ () C:\Users\Oscar\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 15:45 - 2015-09-23 17:07 - 00779776 _____ () C:\Users\Oscar\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 12:57 - 2015-09-23 17:07 - 00056320 _____ () C:\Users\Oscar\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 15:45 - 2015-09-23 17:07 - 00012288 _____ () C:\Users\Oscar\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-07-03 18:55 - 2015-07-03 18:55 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-07-03 18:39 - 2015-07-03 18:39 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-04-29 18:23 - 2014-04-29 18:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\ProgramData\Temp:C8B8CEBD
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Oscar\AppData\Local\DisplayFusion\Wallpaper_1.png
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "SystemTray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Welcome.lnk"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "BTMTrayAgent"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D08D9DAE1EAB6F612F08AF40ADD97038"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{580B67AF-1144-40ED-ACE4-90135903B94B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C29CC4BA-7F20-43C2-A645-476652BDF8DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B5D62432-E634-448E-8062-C7E8C0C7C38F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{76291D40-EC13-467E-9CEC-F15321F5369B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{867F2F4D-DBD9-4509-96E6-21214751CF27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E03012B6-1BFC-4BDA-9AAE-24CC17975653}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D2EF5A7-4C26-47ED-AAAB-E9F27CF947C4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4C79014C-A1BC-4AAD-8EF4-C9CEAF786040}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{915C8925-6448-43F1-847D-CCA0ECB23BCB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D2C9D73C-898B-4662-8D2F-A210F6D63519}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A14BC65B-5C10-4276-9D6D-A8065E7542DD}] => (Allow) LPort=2869
FirewallRules: [{E7840F02-37FB-417F-9FD9-C4995FB218E0}] => (Allow) LPort=1900
FirewallRules: [{206A6BD0-A0D1-4AC9-9682-2420A3A739F7}] => (Allow) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A0B63199-3755-46E9-AD19-324410A5B006}] => (Allow) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{35174C03-7BA9-4E01-87A3-DDCC9F9D01DE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D7860926-2A51-48BD-9299-067C2F785014}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A372DB20-1F47-477D-AF65-077A7D0AAC3E}] => (Allow) C:\Programas\Winamp\winamp.exe
FirewallRules: [{390B8FFF-654E-4297-83AD-3AE12AB1C357}] => (Allow) C:\Programas\Winamp\winamp.exe
FirewallRules: [TCP Query User{E4EC4ADF-3A79-40F4-9C37-A23E73FF2967}C:\users\oscar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\oscar\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6A78FB6E-9B75-45DE-9EDD-5925E7916BE7}C:\users\oscar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\oscar\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0A7B5960-29CA-4730-A915-D7827A9DDA54}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2CABE227-9788-4465-987D-94A87E1B7D4F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9A0AF619-1499-4A3F-9C0B-51F1B337273E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{21AC6590-F1FC-43DB-93CD-1BFEE149D8FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{ED2F5F66-48FA-4849-976E-CE0D79181F92}C:\users\oscar\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\oscar\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{06BA451A-01FE-45D4-B470-D27EAF71B065}C:\users\oscar\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\oscar\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{2B77E3AE-CCC6-4B33-9429-7D71EB4B680B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{57DCBA87-BB71-45BB-8AE4-DA3B135AD1C5}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{D1C04223-6551-47E2-8EE4-80986FD30151}D:\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Block) D:\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [UDP Query User{553ABA8A-65CE-454F-A817-84DE8C41C79A}D:\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Block) D:\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [{BFC06BB3-E4F1-4222-A0CB-89C550202E61}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{458D49FC-5104-4AB6-A949-6D775EF847E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9B8AFE42-950A-4239-ADC0-45494DAD3A9C}] => (Allow) LPort=5556
FirewallRules: [{BBD222E3-E5DD-401E-B532-95B472633232}] => (Allow) LPort=5558
FirewallRules: [{4AA572CD-0E5E-41F6-8BAF-D1E450D13FFF}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{521668B1-E93C-4A00-A5A9-19D4E178DBB0}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{58D240CD-0DF0-4730-8AEB-A27836B97057}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{23700E9E-7FD0-4E67-9E95-AACC025B7CCB}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{CC2EF175-92F4-4650-9CBC-507334CCC820}] => (Allow) C:\Users\Oscar\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{508B616C-2B55-4915-9CE6-58FDEBBF5EC2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{2F50C98B-4A1C-411A-897A-5E5C24EB9B9C}C:\users\oscar\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.351\pluginhost.exe] => (Allow) C:\users\oscar\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.351\pluginhost.exe
FirewallRules: [UDP Query User{E954B909-42F4-4AD7-A3D0-30B81569EF96}C:\users\oscar\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.351\pluginhost.exe] => (Allow) C:\users\oscar\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.351\pluginhost.exe
FirewallRules: [{92423BD3-FA8E-472F-80A3-2FF1D0C93AEF}] => (Allow) C:\ProgramasTeamViewer\TeamViewer.exe
FirewallRules: [{244E8004-08B2-47D8-A23A-5CCE8F7762B7}] => (Allow) C:\ProgramasTeamViewer\TeamViewer.exe
FirewallRules: [{EF2F552D-6125-4331-9283-7959E956A317}] => (Allow) C:\ProgramasTeamViewer\TeamViewer_Service.exe
FirewallRules: [{B68A6B7D-138D-4204-83BA-51BAFDA42DB4}] => (Allow) C:\ProgramasTeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C6C7D2A4-285B-4166-A7D4-E0384B52CB86}D:\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Allow) D:\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [UDP Query User{D60D994D-49A0-489C-9C9E-6C65EA62A749}D:\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Allow) D:\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [{CB46D747-C3F5-486D-9C15-D55C802E34E1}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{6E083A57-A8D6-44EF-B305-F37B86E0ADD0}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{598C2306-9DDB-4658-BDC1-E20C679C37CA}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{F423A1D9-D448-4927-A009-EEAFCC2D0B26}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{B0DE7117-048D-44E7-8308-8AC3C86C8C9F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A83DFC54-6353-4A2A-88E7-0F976B9A66F2}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{503B6623-3371-4EB3-85A1-5B6DB2ACEB33}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{73494036-2134-4951-A377-AEF819A38264}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7BC9E2B5-CF53-4C3E-BB27-7B9FFCAC1091}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8374435-32BD-4AE3-BC22-4F82008FD6B9}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B0E9BD47-BD54-4672-9FF8-4651631CAD82}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/03/2015 10:15:57 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000051832EA890).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/03/2015 10:13:57 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000051832EA9D0).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/03/2015 08:46:32 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Maintenance Day ). Additional information: 0x80070005.
 
Error: (11/03/2015 08:21:47 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000B8F78006D0).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/03/2015 08:19:47 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000B8F7800950).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/03/2015 08:17:47 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000B8F7800770).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/03/2015 08:15:48 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000B8F7800DB0).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/03/2015 05:47:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program OUTLOOK.EXE version 15.0.4763.1002 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1080
 
Start Time: 01d1168d1cbb5612
 
Termination Time: 29
 
Application Path: C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
 
Report Id: 2f09f7c5-8285-11e5-82c7-4851b7d3d58c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/03/2015 05:13:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EXCEL.EXE, version: 15.0.4763.1002, time stamp: 0x5615b1a7
Faulting module name: ntdll.dll, version: 6.3.9600.17936, time stamp: 0x55a68dd1
Exception code: 0xc0000374
Fault offset: 0x000e5904
Faulting process id: 0x3790
Faulting application start time: 0xEXCEL.EXE0
Faulting application path: EXCEL.EXE1
Faulting module path: EXCEL.EXE2
Report Id: EXCEL.EXE3
Faulting package full name: EXCEL.EXE4
Faulting package-relative application ID: EXCEL.EXE5
 
Error: (11/03/2015 05:12:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program OUTLOOK.EXE version 15.0.4763.1002 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2d98
 
Start Time: 01d116573382e3d4
 
Termination Time: 47
 
Application Path: C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
 
Report Id: 5472d672-8280-11e5-82c7-4851b7d3d58c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (11/03/2015 10:11:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:10:31 PM on ‎11/‎3/‎2015 was unexpected.
 
Error: (11/03/2015 10:09:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (11/03/2015 10:09:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (11/03/2015 10:09:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (11/03/2015 10:09:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (11/03/2015 10:09:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (11/03/2015 10:09:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (11/03/2015 10:09:40 PM) (Source: DCOM) (EventID: 10005) (User: OSCARROJAS)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (11/03/2015 10:09:01 PM) (Source: DCOM) (EventID: 10005) (User: OSCARROJAS)
Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (11/03/2015 10:09:01 PM) (Source: DCOM) (EventID: 10005) (User: OSCARROJAS)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4720HQ CPU @ 2.60GHz
Percentage of memory in use: 23%
Total physical RAM: 16297.91 MB
Available physical RAM: 12432.94 MB
Total Virtual: 18729.91 MB
Available Virtual: 14610.05 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:103.57 GB) (Free:27.42 GB) NTFS
Drive d: (Oscar Rojas) (Fixed) (Total:931.39 GB) (Free:623.52 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 58A13B48)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi sorry for the delay

If you still require assistance could you run a fresh FRST scan please
  • 0

#3
musicalogist

musicalogist

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Yes, I've tried running some other programs (those that will run), but I'm still stuck

 

Help would be very much appreciated

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Oscar (administrator) on OSCARROJAS (07-11-2015 23:05:10)
Running from D:\Cloud Files\Desktop-LAP
Loaded Profiles: Oscar (Available Profiles: Oscar)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Stardock Software, Inc) C:\Programas\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Programas\Stardock\Start8\Start8_64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Programas\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Binary Fortress Software) C:\Programas\DisplayFusion\DisplayFusionService.exe
() C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Nitro PDF Software) C:\Programas\NitroPDF\NitroPDFDriverService9x64.exe
() C:\Programas\NitroPDF\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ThreatTrack Security Inc.) C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
() C:\Program Files\GIGABYTE\Smart Switch\ElevateService.exe
(TeamViewer GmbH) C:\ProgramasTeamViewer\TeamViewer_Service.exe
(GIGABYTE) C:\Program Files\GIGABYTE\Smart Update\Update_Service.exe
() C:\Users\Oscar\AppData\Roaming\XBox\XBLive.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(GIGABYTE) C:\Program Files\GIGABYTE\Smart Update\GMSG.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
() C:\Programas\WizMouse\WizMouse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSync.exe
(Binary Fortress Software) C:\Programas\DisplayFusion\DisplayFusion.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Binary Fortress Software) C:\Programas\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Programas\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(GIGABYTE TECHNOLOGY CO., LTD.) C:\Program Files\GIGABYTE\SmartManagerV3\OSD\GBOSDV2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dropbox, Inc.) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
(GIGABYTE TECHNOLOGY CO., LTD.) C:\Program Files\GIGABYTE\SmartManagerV3\GBSMV2.exe
(ThreatTrack Security Inc.) C:\Program Files (x86)\VIPRE\SBAMTray.exe
(ThreatTrack Security Inc.) C:\Program Files (x86)\VIPRE\SBAMSvc.exe
(Stardock) C:\Programas\Stardock\ObjectDock\ObjectDock.exe
(Stardock) C:\Programas\Stardock\ObjectDock\Dock64.exe
(ThreatTrack Security Inc.) C:\Program Files (x86)\VIPRE\WebProxy.exe
(Stardock) C:\Programas\Stardock\ObjectDock\ObjectDockTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [SBRegRebootCleaner] => C:\Users\Oscar\AppData\Local\VIPRE\Setup\CartSdk\sbrc.exe [200560 2012-05-23] (GFI Software)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SBAMTray] => C:\Program Files (x86)\VIPRE\SBAMTray.exe [3000800 2015-09-29] (ThreatTrack Security Inc.)
HKLM-x32\...\RunOnce: [SmartUpdate] => C:\Program Files\GIGABYTE\Smart Update\urgent.exe [357888 2014-11-21] (GIGABYTE)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [GoogleChromeAutoLaunch_D08D9DAE1EAB6F612F08AF40ADD97038] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [SugarSync] => C:\Program Files (x86)\SugarSync\SugarSync.exe [18880528 2015-09-28] (SugarSync, Inc.)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Steam] => D:\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Spotify Web Helper] => C:\Users\Oscar\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-14] (Spotify Ltd)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [DisplayFusion] => C:\Programas\DisplayFusion\DisplayFusion.exe [8538648 2015-09-22] (Binary Fortress Software)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Spotify] => C:\Users\Oscar\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-14] (Spotify Ltd)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2050048 2015-03-09] (RemoteMouse.net)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Dropbox Update] => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Run: [SUPERAntiSpyware] => C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-10-23] (SUPERAntiSpyware)
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-09-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-09-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncSharedSyncing] -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-09-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncSynced] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2015-09-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [zz00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GBOSDV3.lnk [2014-11-27]
ShortcutTarget: GBOSDV3.lnk -> C:\Program Files\GIGABYTE\SmartManagerV3\OSD\GBOSDV2.exe (GIGABYTE TECHNOLOGY CO., LTD.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SystemTray.lnk [2014-11-27]
ShortcutTarget: SystemTray.lnk -> C:\Program Files\GIGABYTE\SmartManagerV3\SystemTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Welcome.lnk [2014-11-27]
ShortcutTarget: Welcome.lnk -> C:\Program Files\GIGABYTE\Smart USB Backup\Welcome.exe ()
Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2015-03-25]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Programas\Stardock\ObjectDock\ObjectDock.exe (Stardock)
GroupPolicy: Restriction - Chrome <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\ProgramData\System32\SafeGuard32.dll No File 
Winsock: Catalog5-x64 08 C:\ProgramData\System32\SafeGuard64.dll [2316728 2015-11-01] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0887eab7-d814-415e-b2a4-03dbed207e70}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{181FD1C2-996D-45CB-9E04-C6B32A4BF37A}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{181FD1C2-996D-45CB-9E04-C6B32A4BF37A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3f79b56b-ea1a-4b98-9403-b912dfe3b327}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{bb904a83-9a80-402e-ad05-c05ebafa64a1}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.mx/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = 
SearchScopes: HKU\.DEFAULT -> {9CE1D075-7FE9-4ABD-B4FE-BE5D41094EB8} URL = 
SearchScopes: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001 -> {9CE1D075-7FE9-4ABD-B4FE-BE5D41094EB8} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\x64\VSGx64.dll [2015-09-29] ()
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-18] (Oracle Corporation)
BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\VSG.dll [2015-09-29] ()
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-18] (Oracle Corporation)
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\x64\VSGx64.dll [2015-09-29] ()
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\VSG.dll [2015-09-29] ()
Toolbar: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001 -> VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - C:\Program Files (x86)\VIPRE\x64\VSGx64.dll [2015-09-29] ()
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-03] (Microsoft Corporation)
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\x64\VSGx64.dll [2015-09-29] ()
Handler-x32: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSG.dll [2015-09-29] ()
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Programas\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Programas\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Programas\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2700374867-1607317419-1423608881-1001: SkypeForBusinessPlugin-15.8 -> C:\Users\Oscar\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.351\npGatewayNpapi.dll [2015-03-13] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2700374867-1607317419-1423608881-1001: SkypeForBusinessPlugin64-15.8 -> C:\Users\Oscar\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.351\npGatewayNpapi-x64.dll [2015-03-13] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-25] [not signed]
StartMenuInternet: firefox.exe - firefox.exe
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR NewTab: Default -> "chrome-extension://mgmiemnjjchgkmgbeljfocdjjnpjnmcg/ntp.html"
CHR Profile: C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-09-15]
CHR Extension: (Google Docs) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Cast) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-10-11]
CHR Extension: (Adblock Plus) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-22]
CHR Extension: (Pushbullet) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-11-06]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-11-04]
CHR Extension: (Google Search) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-11-06]
CHR Extension: (Feedly Plus) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebcfphdkgdlcmcokcpnbplppmcgklolc [2015-08-22]
CHR Extension: (Google Sheets) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (PDF Compressor - Smallpdf.com) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gealeehfjeflamgnohlhabaefbfjfjgc [2015-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-11-06]
CHR Extension: (Avast Online Security) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02]
CHR Extension: (feedly) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-03-25]
CHR Extension: (Linkclump) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2015-03-25]
CHR Extension: (Awesome New Tab Page) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2015-11-06]
CHR Extension: (Google Play Books) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2015-05-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Programas\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 DisplayFusionService; C:\Programas\DisplayFusion\DisplayFusionService.exe [4608040 2015-09-22] (Binary Fortress Software)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [11071208 2015-07-07] (DisplayLink Corp.)
R2 ElevateService; C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe [19456 2014-11-25] () [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-10-08] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-29] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NitroDriverReadSpool9; C:\Programas\NitroPDF\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software)
R2 NitroUpdateService; C:\Programas\NitroPDF\Nitro_UpdateService.exe [418312 2014-08-01] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S3 OpenVPNService; C:\Programas\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-10-29] (The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 SBAMSvc; C:\Program Files (x86)\VIPRE\SBAMSvc.exe [4337696 2015-09-29] (ThreatTrack Security Inc.)
R2 SBPIMSvc; C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [212448 2015-09-29] (ThreatTrack Security Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [171952 2015-09-24] ()
R2 SmartSwitchService; C:\Program Files\GIGABYTE\Smart Switch\ElevateService.exe [19456 2014-03-31] () [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026944 2015-11-06] (Enigma Software Group USA, LLC.)
R2 Start8; C:\Programas\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
R2 TeamViewer; C:\ProgramasTeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
R2 Update_Service; C:\Program Files\GIGABYTE\Smart Update\Update_Service.exe [136704 2014-11-21] (GIGABYTE) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R3 WebProxy; C:\Program Files (x86)\VIPRE\WebProxy.exe [6339552 2015-09-29] (ThreatTrack Security Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
R2 XBox; C:\Users\Oscar\AppData\Roaming\XBox\XBLive.exe [6728120 2015-11-05] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
S3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.296.0.sys [58640 2015-07-08] ()
S3 dlcdcncm; C:\Windows\system32\DRIVERS\dlcdcncm62_x64.sys [91920 2015-07-07] (DisplayLink Corp.)
S3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [229648 2015-07-07] (DisplayLink Corp.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-10] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-11-06] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-11-06] ()
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [40584 2015-08-27] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222664 2014-09-15] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-29] (Intel Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2014-08-15] (Apple Inc.) [File not signed]
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3486488 2014-10-06] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows ® Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [429272 2014-11-27] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Programas\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Programas\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [90464 2015-09-29] (ThreatTrack Security Inc.)
R3 sbwtis; C:\Windows\system32\DRIVERS\sbwtis.sys [95608 2015-09-29] (ThreatTrack Security)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-06 21:05 - 2015-11-06 21:05 - 00000000 _____ C:\autoexec.bat
2015-11-06 21:04 - 2015-11-06 21:04 - 00003330 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2015-11-06 21:04 - 2015-11-06 21:04 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-11-06 21:04 - 2015-11-06 21:04 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Enigma Software Group
2015-11-06 21:04 - 2015-11-06 21:04 - 00000000 ____D C:\sh4ldr
2015-11-06 21:02 - 2015-11-06 21:02 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-11-06 21:02 - 2015-11-06 21:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-11-06 20:55 - 2015-11-06 20:55 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2015-11-06 20:55 - 2015-11-06 20:55 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2015-11-06 19:10 - 2015-11-06 20:42 - 00000516 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 709a4ea2-8c84-404f-925b-eb0eb702f146.job
2015-11-06 19:10 - 2015-11-06 20:42 - 00000516 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 42fdd69e-343b-4265-af18-f7a329019ac5.job
2015-11-06 19:10 - 2015-11-06 19:10 - 00003574 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 42fdd69e-343b-4265-af18-f7a329019ac5
2015-11-06 19:10 - 2015-11-06 19:10 - 00003492 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 709a4ea2-8c84-404f-925b-eb0eb702f146
2015-11-06 19:10 - 2015-11-06 19:10 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\SUPERAntiSpyware.com
2015-11-06 19:09 - 2015-11-06 19:09 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-11-06 19:09 - 2015-11-06 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-11-06 17:05 - 2015-11-06 17:05 - 00002966 _____ C:\Windows\System32\Tasks\VIPRE Upgrade Task
2015-11-06 17:05 - 2015-11-06 17:05 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-06 17:05 - 2015-08-27 06:31 - 00040584 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2015-11-06 17:05 - 2013-09-04 13:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2015-11-06 16:56 - 2015-11-07 23:02 - 00003408 _____ C:\Windows\SysWOW64\WebProxyOff.ini
2015-11-06 16:56 - 2015-11-07 23:02 - 00003408 _____ C:\Windows\system32\WebProxyOff.ini
2015-11-06 16:56 - 2015-11-06 18:52 - 00000000 ____D C:\ProgramData\VIPRE
2015-11-06 16:56 - 2015-11-06 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIPRE
2015-11-06 16:56 - 2015-11-06 16:56 - 00000000 ____D C:\ProgramData\Downloaded Installations
2015-11-06 16:56 - 2015-09-29 13:08 - 00047584 _____ (ThreatTrack Security Inc.) C:\Windows\system32\sbbd.exe
2015-11-06 16:49 - 2015-11-07 23:02 - 00002320 _____ C:\Windows\setupact.log
2015-11-06 16:49 - 2015-11-06 20:42 - 00001212 _____ C:\Windows\PFRO.log
2015-11-06 16:49 - 2015-11-06 16:49 - 00000000 _____ C:\Windows\setuperr.log
2015-11-06 16:48 - 2015-11-06 20:42 - 00000000 ____D C:\Program Files (x86)\VIPRE
2015-11-06 16:48 - 2015-11-06 16:48 - 00000423 _____ C:\Windows\system32\sbrc.dat
2015-11-06 16:47 - 2015-11-06 17:10 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\VIPRE
2015-11-06 16:47 - 2015-11-06 16:47 - 00000000 ____D C:\Users\Oscar\AppData\Local\VIPRE
2015-11-06 16:42 - 2015-11-06 22:00 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-06 16:42 - 2015-11-06 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-06 16:42 - 2015-11-06 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-06 16:42 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-06 16:42 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-06 15:29 - 2015-11-06 15:44 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-11-06 15:29 - 2015-11-06 15:29 - 00001414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-11-06 15:29 - 2015-11-06 15:29 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-11-06 15:29 - 2015-11-06 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-11-06 15:29 - 2015-11-06 15:29 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-11-06 15:29 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-11-06 15:27 - 2015-11-06 15:28 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Oscar\Downloads\spybot-2.4.exe
2015-11-06 14:10 - 2015-11-06 14:10 - 05481336 _____ (Avast Software s.r.o.) C:\Users\Oscar\Downloads\avast_free_antivirus_setup_online_cnet.exe
2015-11-03 22:17 - 2015-11-03 22:17 - 00000000 ____D C:\Users\Oscar\Documents\Simply Super Software
2015-11-03 22:15 - 2015-11-07 23:05 - 00000000 ____D C:\FRST
2015-11-03 21:25 - 2015-11-03 21:25 - 00000000 ____D C:\ProgramData\Licenses
2015-11-03 20:52 - 2015-11-06 13:48 - 00000000 ____D C:\AdwCleaner
2015-11-02 11:40 - 2015-11-02 11:42 - 00022081 _____ C:\Users\Oscar\AppData\Roaming\Comma Separated Values.ADR
2015-10-29 14:02 - 2015-11-03 22:32 - 00000000 ____D C:\Users\Oscar\AppData\LocalLow\uTorrent
2015-10-28 14:11 - 2015-10-29 13:23 - 00000032 ___SH C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
2015-10-28 14:08 - 2015-10-28 14:08 - 00000000 ____D C:\Users\Oscar\AppData\Local\ORPALIS
2015-10-28 14:05 - 2015-10-28 14:05 - 00000000 ____D C:\Users\Oscar\AppData\Local\Downloaded Installations
2015-10-28 14:04 - 2015-10-28 14:04 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\iSkysoft
2015-10-28 13:58 - 2015-10-28 13:58 - 00000000 ____D C:\ProgramData\wondershare
2015-10-28 13:58 - 2015-10-28 13:58 - 00000000 ____D C:\Program Files (x86)\Wondershare
2015-10-28 13:57 - 2015-10-28 13:58 - 00000000 ____D C:\Users\Public\Documents\iSkysoft
2015-10-28 13:38 - 2015-10-28 13:38 - 00000000 ____D C:\Users\Oscar\Documents\PDF Compressor Output
2015-10-28 13:38 - 2015-10-28 13:38 - 00000000 ____D C:\Users\Oscar\AppData\Local\iWesoft
2015-10-28 11:04 - 2015-10-28 11:04 - 00000000 ____D C:\Windows\SysWOW64\worker
2015-10-26 12:40 - 2015-10-26 12:40 - 00000000 ____D C:\ADDSIS ROVESA
2015-10-26 11:53 - 2015-10-26 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADDSIS ROVESA
2015-10-20 07:54 - 2015-10-20 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-10-17 12:53 - 2015-11-06 13:48 - 00000882 _____ C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-10-17 06:38 - 2015-10-17 06:38 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-13 04:24 - 2015-10-13 04:24 - 04587520 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-07 23:05 - 2015-03-25 12:30 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5FF5DA2D-519B-40E7-AD7E-3AD902F76F3F}
2015-11-07 23:04 - 2015-03-27 10:06 - 00071960 _____ C:\Windows\system32\lvcoinst.log
2015-11-07 23:04 - 2015-03-25 17:08 - 01195143 _____ C:\Windows\WindowsUpdate.log
2015-11-07 23:04 - 2015-03-25 14:43 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Skype
2015-11-07 23:04 - 2014-11-27 22:19 - 00006533 _____ C:\Windows\SysWOW64\Gms.log
2015-11-07 23:03 - 2015-03-25 13:57 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Dropbox
2015-11-07 23:03 - 2015-03-25 12:28 - 00000000 ____D C:\Users\Oscar\OneDrive
2015-11-07 23:02 - 2015-07-09 09:10 - 00003592 _____ C:\Windows\System32\Tasks\WizMouse
2015-11-07 23:02 - 2015-03-25 13:35 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 23:02 - 2014-11-27 23:44 - 00000332 _____ C:\Windows\Tasks\RtlLanOptimizerVistaStart.job
2015-11-07 23:02 - 2014-11-27 22:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-07 23:02 - 2013-08-22 08:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-06 23:00 - 2015-03-25 13:35 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-06 23:00 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-06 22:45 - 2015-06-21 09:35 - 00000940 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001UA.job
2015-11-06 21:43 - 2015-03-25 12:26 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2700374867-1607317419-1423608881-1001
2015-11-06 21:31 - 2015-03-25 15:57 - 00000000 ____D C:\Users\Oscar\AppData\Local\CrashDumps
2015-11-06 20:48 - 2014-11-27 21:04 - 00492804 _____ C:\Windows\system32\prfh0404.dat
2015-11-06 20:48 - 2014-11-27 21:04 - 00146336 _____ C:\Windows\system32\prfc0404.dat
2015-11-06 20:48 - 2014-11-27 20:56 - 00817832 _____ C:\Windows\system32\prfh0416.dat
2015-11-06 20:48 - 2014-11-27 20:56 - 00169300 _____ C:\Windows\system32\prfc0416.dat
2015-11-06 20:48 - 2014-11-27 20:46 - 00842752 _____ C:\Windows\system32\perfh00A.dat
2015-11-06 20:48 - 2014-11-27 20:46 - 00177018 _____ C:\Windows\system32\perfc00A.dat
2015-11-06 20:48 - 2014-03-18 04:03 - 03530504 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-06 20:42 - 2015-03-25 12:20 - 00000000 ____D C:\Users\Oscar
2015-11-06 19:09 - 2015-03-25 14:02 - 00000000 ____D C:\Programas
2015-11-06 18:53 - 2015-03-25 12:20 - 00000000 ____D C:\Users\Oscar\AppData\Local\Packages
2015-11-06 18:18 - 2013-08-22 08:44 - 00513136 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-06 16:21 - 2015-03-25 14:07 - 00000000 ____D C:\Users\Oscar\AppData\Local\SugarSync
2015-11-06 14:07 - 2015-03-25 15:03 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\uTorrent
2015-11-06 14:05 - 2015-03-25 12:21 - 00000000 ____D C:\Users\Oscar\AppData\Local\VirtualStore
2015-11-06 13:48 - 2015-03-25 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-06 13:48 - 2015-03-25 12:20 - 00001008 _____ C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-06 08:38 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-05 22:05 - 2015-03-27 18:09 - 00000000 ____D C:\Users\Oscar\AppData\Local\DisplayFusion
2015-11-05 15:29 - 2015-03-25 14:48 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\vlc
2015-11-05 10:53 - 2015-09-18 09:03 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\XBox
2015-11-04 05:12 - 2015-04-02 16:42 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-11-04 01:45 - 2015-06-21 09:35 - 00000888 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001Core.job
2015-11-03 21:25 - 2014-11-27 23:47 - 00000000 ____D C:\ProgramData\Temp
2015-11-03 20:44 - 2015-04-06 02:03 - 00000000 ___SD C:\Windows\system32\GWX
2015-11-03 20:44 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\registration
2015-11-03 20:34 - 2013-08-22 07:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-11-01 22:34 - 2015-07-16 12:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-01 22:24 - 2015-07-02 10:17 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2700374867-1607317419-1423608881-1001
2015-10-31 08:53 - 2015-09-17 09:22 - 00000000 ____D C:\Users\Oscar\Documents\Scores
2015-10-31 08:49 - 2015-08-04 21:37 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\TeamViewer
2015-10-31 08:49 - 2015-03-25 16:44 - 00000000 ____D C:\Windows\Minidump
2015-10-30 10:59 - 2015-07-03 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-29 16:08 - 2013-08-22 09:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-28 21:12 - 2015-07-03 18:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-28 14:11 - 2015-03-30 13:11 - 00000000 ____D C:\Users\Oscar\AppData\Local\Adobe
2015-10-28 11:04 - 2015-09-23 08:35 - 00641054 _____ C:\Windows\SysWOW64\worker.zip
2015-10-26 12:28 - 2015-08-04 21:15 - 00000000 ____D C:\ProgramasTeamViewer
2015-10-26 11:57 - 2015-03-25 16:04 - 00000000 ____D C:\Program Files (x86)\ADDSIS ROVESA
2015-10-24 21:31 - 2015-03-25 13:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-10-20 07:54 - 2015-03-25 13:35 - 00000000 ____D C:\Users\Oscar\AppData\Local\Google
2015-10-17 05:04 - 2015-03-25 14:06 - 00000000 ____D C:\Program Files (x86)\SugarSync
2015-10-16 04:35 - 2014-11-27 23:49 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-15 16:14 - 2015-03-25 16:33 - 00000000 ____D C:\Users\Oscar\AppData\Roaming\Nitro
 
==================== Files in the root of some directories =======
 
2015-09-17 09:23 - 2015-09-17 09:23 - 0000604 ____H () C:\Program Files (x86)\STLL Notifier
2015-11-02 11:40 - 2015-11-02 11:42 - 0022081 _____ () C:\Users\Oscar\AppData\Roaming\Comma Separated Values.ADR
2015-03-25 12:20 - 2015-03-25 19:32 - 0000020 _____ () C:\Users\Oscar\AppData\Roaming\db.ini
2015-10-28 14:11 - 2015-10-29 13:23 - 0000032 ___SH () C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
2014-08-19 22:06 - 2014-08-19 22:06 - 0000020 _____ () C:\ProgramData\db.ini
2014-11-27 22:20 - 2014-11-27 22:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Oscar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbcdl3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-01 22:41
 
==================== End of FRST.txt ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Oscar (2015-11-07 23:05:30)
Running from D:\Cloud Files\Desktop-LAP
Windows 8.1 (X64) (2015-03-25 18:20:55)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2700374867-1607317419-1423608881-500 - Administrator - Disabled)
Guest (S-1-5-21-2700374867-1607317419-1423608881-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2700374867-1607317419-1423608881-1003 - Limited - Enabled)
Oscar (S-1-5-21-2700374867-1607317419-1423608881-1001 - Administrator - Enabled) => C:\Users\Oscar
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ThreatTrack Security VIPRE (Enabled - Up to date) {BC4CE0B2-D6B5-59A2-9E54-9AA2C7DBE398}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: ThreatTrack Security VIPRE (Enabled - Up to date) {072D0156-F08F-562C-A4E4-A1D0BC5CA925}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ADDSIS ROVESA (HKLM-x32\...\{0A5E55F3-6736-4BBC-AFAF-6F7873B81A89}) (Version: 1.1.3 - ADDSIS SISTEMAS)
ADDSIS ROVESA (HKLM-x32\...\{1B63F497-5DD5-47B0-B838-33E5CC33CEA3}) (Version: 1.0.8 - ADDSIS SISTEMAS)
ADDSIS ROVESA (HKLM-x32\...\{26830DE7-B881-4E24-848E-67308E3CE585}) (Version: 1.1.0 - ADDSIS SISTEMAS)
ADDSIS ROVESA (HKLM-x32\...\{44D688A3-3951-4968-9B44-6DB39BCA57C2}) (Version: 1.1.2 - ADDSIS SISTEMAS)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AmCap version 9.01 (HKLM-x32\...\{0F45BECF-4C85-4301-A8A4-D2E2AE2A2C08}_is1) (Version: 9.01 - Gigabyte, Inc.)
AmoK Exif Sorter 2.5.1 (remove only) (HKLM-x32\...\AmoKExifSorter2) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4427.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayFusion 7.3.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.1.0 - Binary Fortress Software)
DisplayLink Core Software (HKLM\...\{7BB949B9-EB47-47E4-814D-88F8CD301543}) (Version: 7.9.296.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{735DF30E-6474-4CE8-BA2E-5EB219ACE163}) (Version: 7.9.376.0 - DisplayLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Edraw Max 7.9 (HKLM-x32\...\Edraw Max_is1) (Version:  - EdrawSoft)
ELAN Touchpad 11.14.8.1_X64_WHQL (HKLM\...\Elantech) (Version: 11.14.8.1 - ELAN Microelectronic Corp.)
Ether One (HKLM\...\UDK-bb8eeb38-76a2-4226-9d84-430c7ee2362e) (Version:  - Epic Games, Inc.)
Ether One (HKLM-x32\...\Steam App 265950) (Version:  - White Paper Games)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIGABYTE Smart USB Backup 2.0.20141119 (HKLM-x32\...\GIGABYTE Smart USB Backup) (Version: 2.0.20141119 - GIGABYTE TECHNOLOGY CO.,LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HMA! Pro VPN 2.8.19.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.19.0 - Privax Ltd)
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Wireless Bluetooth®(patch version 17.1.1434.2) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e63d3cb3-0b4d-44ca-aba0-ba433f2f37fd}) (Version: 17.13.0 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kutools for Outlook version 4.1.0.78 (HKLM-x32\...\{85146999-C414-42ED-9FAC-9915FC4C5AAC}_is1) (Version: 4.1.0.78 - ExtendOffice)
LanOptimizer (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - Realtek)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2013 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 en-US)) (Version: 31.7.0 - Mozilla)
Nitro Pro 9 (HKLM-x32\...\{365ea527-e0f5-47eb-8d9e-ecadeed4e39b}) (Version: 9.5.3.8 - Nitro)
Nitro Pro 9 (Version: 9.5.3.8 - Nitro) Hidden
NVIDIA 3D Vision Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7348 - Realtek Semiconductor Corp.)
Remote Mouse version 2.70 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.70 - Remote Mouse)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype for Business Web App Plug-in (HKLM-x32\...\{7EA9A4CD-6875-4F3C-A4D4-42C924AD3CF8}) (Version: 15.8.20020.351 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Smart Manager V3 Ver 4.4.5 (HKLM\...\Smart Manager V3) (Version: Ver 4.4.5 - GIGABYTE)
Smart Switch v2.3.0 (HKLM-x32\...\Smart Switch) (Version: v2.3.0 - GIGABYTE TECHNOLOGY CO.,LTD.)
Smart Update v2.3.7 (HKLM-x32\...\Smart Update) (Version: v2.3.7 - GIGABYTE TECHNOLOGY CO.,LTD.)
Spotify (HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
Stardock ObjectDock (HKLM-x32\...\Stardock ObjectDock) (Version: 2.20 - Stardock Software, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.56 - Stardock Software, Inc.)
SugarSync (HKLM-x32\...\SugarSync) (Version: 3.7.0.14.141281 - SugarSync, Inc.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1208 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{0F659036-14C7-4622-9505-35A0DC93526A}) (Version: 6.1.3.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{44C7DE90-5D9A-4590-AA2C-4F64B3F2D856}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version:  - Croteam)
VIPRE Antivirus (HKLM-x32\...\{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}) (Version: 9.0.1.4 - ThreatTrack Security Inc.)
VIPRE Antivirus (x32 Version: 9.0.1.4 - ThreatTrack Security, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winmail Reader 1.2.15 (HKLM-x32\...\Winmail Reader_is1) (Version:  - Kopf)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WizMouse v1.7.0.3 (HKLM-x32\...\WizMouse_is1) (Version:  - Antibody Software)
사진 갤러리 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{1542FC7D-8D51-43D5-B757-67C763F27BF4}\localserver32 -> C:\Users\Oscar\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.351\GatewayVersion-x64.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2700374867-1607317419-1423608881-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Oscar\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
30-09-2015 14:48:28 Instalado ADDSIS ROVESA
26-10-2015 11:52:16 Quitado ADDSIS ROVESA
26-10-2015 11:52:44 Instalado ADDSIS ROVESA
28-10-2015 13:37:30 Installed PDF Compressor
30-10-2015 18:49:14 Removed NXPowerLite Desktop 6
31-10-2015 09:13:40 Maintenance Day 
03-11-2015 20:41:50 Restore Operation
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0310919D-64FF-41CD-A0C0-A8EE058F27DB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {16CC8326-2CDB-482A-A81A-4D6487C98AA1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {1CC57487-9382-4C02-99CA-761DE8E969C7} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {22174AC8-8658-4127-87B8-7D21172E37FC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {263ACBEF-0D95-4239-A33F-279806EF2F67} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {29B6442A-6690-4094-A900-E1009E526679} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {2ED97199-790A-442D-A6FF-54CBA1546BBF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {3867FE22-ACDC-44B5-A211-C175C6502294} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-28] (Microsoft Corporation)
Task: {4DA6095D-B5A1-41B3-8125-AAAF463A901E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {51F8BEE9-1D6A-4113-AC06-BB537675645C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {6FBE5B37-69E4-4752-A9F5-DA5C84A54196} - System32\Tasks\VIPRE Upgrade Task => C:\PROGRAM FILES\COMMON FILES\AV\ThreatTrack Security VIPRE\Upgrade.exe [2015-08-14] (ThreatTrack Security Inc.)
Task: {79F530E3-D96C-4A3C-9222-6F9C521B1746} - \avast! Emergency Update -> No File <==== ATTENTION
Task: {7BD900F7-9CE0-47E4-938A-9B8905EB305B} - System32\Tasks\SUPERAntiSpyware Scheduled Task 709a4ea2-8c84-404f-925b-eb0eb702f146 => C:\Programas\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {8069B46A-9138-434B-9373-1A7BBD9C8625} - System32\Tasks\{3F03BE32-D8DD-408B-8FE6-D1FEF8B3CBDB} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {9FFAFB18-421F-4A38-B9FB-06625CD0E75D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {A5113EF6-3382-48AD-92A8-68FABC187170} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-11-06] (Enigma Software Group USA, LLC.)
Task: {A93F352D-F0DE-46F2-9602-FAFBDC6F8095} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2700374867-1607317419-1423608881-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {B0FB3D7A-D6F5-43FF-88B6-5E10759D33CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {C5EBFD97-DA8B-44CE-9369-FEE944B69646} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {CC80CD81-92BC-4883-81CE-0AEA7ABBC230} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {E03D3CDA-8EE5-42D5-85D6-3F9D04908DC7} - System32\Tasks\WizMouse => C:\Programas\WizMouse\WizMouseLaunch.exe [2013-09-22] ()
Task: {E147B789-BD0D-4B06-BD11-D94000F194B5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001Core => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {E4F29F0D-8EAB-411E-AFAA-91FB2BE60834} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001UA => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {EC8F904B-7FF0-4B28-95EF-82AC8B534FF2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {F943C36D-521E-407B-8141-20AD6769E7A8} - System32\Tasks\SUPERAntiSpyware Scheduled Task 42fdd69e-343b-4265-af18-f7a329019ac5 => C:\Programas\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {FFCCE491-4583-4555-843A-2E4467832AFC} - System32\Tasks\RtlLanOptimizerVistaStart => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe [2013-01-18] (Realtek Semiconductor)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001Core.job => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2700374867-1607317419-1423608881-1001UA.job => C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RtlLanOptimizerVistaStart.job => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 42fdd69e-343b-4265-af18-f7a329019ac5.job => C:\Programas\SUPERAntiSpyware\SASTask.exe C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 709a4ea2-8c84-404f-925b-eb0eb702f146.job => C:\Programas\SUPERAntiSpyware\SASTask.exe C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-11-27 22:25 - 2015-05-27 22:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-28 22:12 - 2015-11-01 23:11 - 02316728 _____ () C:\ProgramData\System32\SafeGuard64.dll
2015-07-03 18:39 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00019456 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
2014-08-01 14:23 - 2014-08-01 14:23 - 00418312 _____ () C:\Programas\NitroPDF\Nitro_UpdateService.exe
2015-09-24 07:09 - 2015-09-24 07:09 - 00171952 _____ () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
2014-03-31 04:19 - 2014-03-31 04:19 - 00019456 _____ () C:\Program Files\GIGABYTE\Smart Switch\ElevateService.exe
2015-10-28 19:00 - 2015-11-05 17:21 - 06728120 _____ () C:\Users\Oscar\AppData\Roaming\XBox\XBLive.exe
2015-07-03 18:54 - 2015-09-01 10:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-07 03:53 - 2015-07-07 03:53 - 01612520 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll
2015-03-25 15:28 - 2013-09-22 12:27 - 00119000 _____ () C:\Programas\WizMouse\wizmouse.exe
2014-04-07 18:13 - 2014-04-07 18:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00009728 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\OSD\IsMetroUI.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00486400 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\OSD\Skin\OSD_Skin.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00204800 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\GetDispDevs.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 00095744 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\PCIeCtl.dll
2014-11-25 06:18 - 2014-11-25 06:18 - 04670464 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\Skin\Main_Skin.dll
2015-10-28 22:12 - 2015-11-01 23:11 - 01536952 _____ () C:\ProgramData\System32\SafeGuard32.dll
2015-09-29 13:08 - 2015-09-29 13:08 - 00160768 _____ () C:\Program Files (x86)\VIPRE\unrar.dll
2015-11-06 15:29 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-11-06 15:29 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-11-06 15:29 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-11-06 15:29 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-11-06 15:29 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-04-04 22:02 - 2015-06-24 05:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00052736 _____ () C:\Program Files (x86)\SugarSync\librsync.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00769024 _____ () C:\Program Files (x86)\SugarSync\libGLESv2.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00875008 _____ () C:\Program Files (x86)\SugarSync\platforms\qwindows.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00047104 _____ () C:\Program Files (x86)\SugarSync\libEGL.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00021504 _____ () C:\Program Files (x86)\SugarSync\imageformats\qgif.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00020992 _____ () C:\Program Files (x86)\SugarSync\imageformats\qico.dll
2015-03-16 18:26 - 2015-09-28 16:11 - 00204800 _____ () C:\Program Files (x86)\SugarSync\imageformats\qjpeg.dll
2015-05-30 17:47 - 2013-11-19 21:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2015-11-07 23:02 - 2015-11-07 23:02 - 00071168 _____ () c:\users\oscar\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbcdl3.dll
2015-03-04 15:45 - 2015-09-23 17:07 - 00012800 _____ () C:\Users\Oscar\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 15:45 - 2015-09-23 17:07 - 00779776 _____ () C:\Users\Oscar\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 12:57 - 2015-09-23 17:07 - 00056320 _____ () C:\Users\Oscar\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 15:45 - 2015-09-23 17:07 - 00012288 _____ () C:\Users\Oscar\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-11-06 17:05 - 2015-06-26 02:13 - 00184184 _____ () C:\Program Files (x86)\VIPRE\Definitions\libBase64.dll
2015-11-06 17:05 - 2015-06-26 02:13 - 00175992 _____ () C:\Program Files (x86)\VIPRE\Definitions\libMachoUniv.dll
2015-10-23 22:00 - 2015-10-20 08:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 22:00 - 2015-10-20 08:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-07-03 18:55 - 2015-07-03 18:55 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-07-03 18:39 - 2015-07-03 18:39 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-04-29 18:23 - 2014-04-29 18:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\ProgramData\Temp:C8B8CEBD
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBPIMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebProxy => ""="service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Oscar\AppData\Local\DisplayFusion\Wallpaper_1.png
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "SystemTray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Welcome.lnk"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "BTMTrayAgent"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D08D9DAE1EAB6F612F08AF40ADD97038"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{580B67AF-1144-40ED-ACE4-90135903B94B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C29CC4BA-7F20-43C2-A645-476652BDF8DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B5D62432-E634-448E-8062-C7E8C0C7C38F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{76291D40-EC13-467E-9CEC-F15321F5369B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{867F2F4D-DBD9-4509-96E6-21214751CF27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E03012B6-1BFC-4BDA-9AAE-24CC17975653}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D2EF5A7-4C26-47ED-AAAB-E9F27CF947C4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4C79014C-A1BC-4AAD-8EF4-C9CEAF786040}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{915C8925-6448-43F1-847D-CCA0ECB23BCB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D2C9D73C-898B-4662-8D2F-A210F6D63519}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A14BC65B-5C10-4276-9D6D-A8065E7542DD}] => (Allow) LPort=2869
FirewallRules: [{E7840F02-37FB-417F-9FD9-C4995FB218E0}] => (Allow) LPort=1900
FirewallRules: [{206A6BD0-A0D1-4AC9-9682-2420A3A739F7}] => (Allow) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A0B63199-3755-46E9-AD19-324410A5B006}] => (Allow) C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{35174C03-7BA9-4E01-87A3-DDCC9F9D01DE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D7860926-2A51-48BD-9299-067C2F785014}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A372DB20-1F47-477D-AF65-077A7D0AAC3E}] => (Allow) C:\Programas\Winamp\winamp.exe
FirewallRules: [{390B8FFF-654E-4297-83AD-3AE12AB1C357}] => (Allow) C:\Programas\Winamp\winamp.exe
FirewallRules: [TCP Query User{E4EC4ADF-3A79-40F4-9C37-A23E73FF2967}C:\users\oscar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\oscar\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6A78FB6E-9B75-45DE-9EDD-5925E7916BE7}C:\users\oscar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\oscar\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0A7B5960-29CA-4730-A915-D7827A9DDA54}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2CABE227-9788-4465-987D-94A87E1B7D4F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9A0AF619-1499-4A3F-9C0B-51F1B337273E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{21AC6590-F1FC-43DB-93CD-1BFEE149D8FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{ED2F5F66-48FA-4849-976E-CE0D79181F92}C:\users\oscar\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\oscar\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{06BA451A-01FE-45D4-B470-D27EAF71B065}C:\users\oscar\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\oscar\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{2B77E3AE-CCC6-4B33-9429-7D71EB4B680B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{57DCBA87-BB71-45BB-8AE4-DA3B135AD1C5}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{D1C04223-6551-47E2-8EE4-80986FD30151}D:\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Block) D:\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [UDP Query User{553ABA8A-65CE-454F-A817-84DE8C41C79A}D:\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Block) D:\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [{BFC06BB3-E4F1-4222-A0CB-89C550202E61}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{458D49FC-5104-4AB6-A949-6D775EF847E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9B8AFE42-950A-4239-ADC0-45494DAD3A9C}] => (Allow) LPort=5556
FirewallRules: [{BBD222E3-E5DD-401E-B532-95B472633232}] => (Allow) LPort=5558
FirewallRules: [{4AA572CD-0E5E-41F6-8BAF-D1E450D13FFF}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{521668B1-E93C-4A00-A5A9-19D4E178DBB0}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{58D240CD-0DF0-4730-8AEB-A27836B97057}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{23700E9E-7FD0-4E67-9E95-AACC025B7CCB}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{CC2EF175-92F4-4650-9CBC-507334CCC820}] => (Allow) C:\Users\Oscar\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{508B616C-2B55-4915-9CE6-58FDEBBF5EC2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{2F50C98B-4A1C-411A-897A-5E5C24EB9B9C}C:\users\oscar\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.351\pluginhost.exe] => (Allow) C:\users\oscar\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.351\pluginhost.exe
FirewallRules: [UDP Query User{E954B909-42F4-4AD7-A3D0-30B81569EF96}C:\users\oscar\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.351\pluginhost.exe] => (Allow) C:\users\oscar\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.351\pluginhost.exe
FirewallRules: [{92423BD3-FA8E-472F-80A3-2FF1D0C93AEF}] => (Allow) C:\ProgramasTeamViewer\TeamViewer.exe
FirewallRules: [{244E8004-08B2-47D8-A23A-5CCE8F7762B7}] => (Allow) C:\ProgramasTeamViewer\TeamViewer.exe
FirewallRules: [{EF2F552D-6125-4331-9283-7959E956A317}] => (Allow) C:\ProgramasTeamViewer\TeamViewer_Service.exe
FirewallRules: [{B68A6B7D-138D-4204-83BA-51BAFDA42DB4}] => (Allow) C:\ProgramasTeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C6C7D2A4-285B-4166-A7D4-E0384B52CB86}D:\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Allow) D:\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [UDP Query User{D60D994D-49A0-489C-9C9E-6C65EA62A749}D:\steam\steamapps\common\ether one\binaries\win32\udk.exe] => (Allow) D:\steam\steamapps\common\ether one\binaries\win32\udk.exe
FirewallRules: [{CB46D747-C3F5-486D-9C15-D55C802E34E1}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{6E083A57-A8D6-44EF-B305-F37B86E0ADD0}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{598C2306-9DDB-4658-BDC1-E20C679C37CA}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{F423A1D9-D448-4927-A009-EEAFCC2D0B26}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{B0DE7117-048D-44E7-8308-8AC3C86C8C9F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A83DFC54-6353-4A2A-88E7-0F976B9A66F2}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{503B6623-3371-4EB3-85A1-5B6DB2ACEB33}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{73494036-2134-4951-A377-AEF819A38264}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7BC9E2B5-CF53-4C3E-BB27-7B9FFCAC1091}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8374435-32BD-4AE3-BC22-4F82008FD6B9}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B0E9BD47-BD54-4672-9FF8-4651631CAD82}] => (Allow) C:\Users\Oscar\AppData\Roaming\uTorrent\uTorrent.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/06/2015 09:57:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeClickToRun.exe, version: 15.0.4763.1002, time stamp: 0x5615b142
Faulting module name: SafeGuard64.dll_unloaded, version: 1.0.0.26, time stamp: 0x561cde83
Exception code: 0xc0000005
Fault offset: 0x000000000004deab
Faulting process id: 0x754
Faulting application start time: 0xOfficeClickToRun.exe0
Faulting application path: OfficeClickToRun.exe1
Faulting module path: OfficeClickToRun.exe2
Report Id: OfficeClickToRun.exe3
Faulting package full name: OfficeClickToRun.exe4
Faulting package-relative application ID: OfficeClickToRun.exe5
 
Error: (11/06/2015 09:47:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GfExperienceService.exe, version: 2.4.5.57, time stamp: 0x558a8c93
Faulting module name: SafeGuard64.dll_unloaded, version: 1.0.0.26, time stamp: 0x561cde83
Exception code: 0xc0000005
Fault offset: 0x000000000004deab
Faulting process id: 0x8ac
Faulting application start time: 0xGfExperienceService.exe0
Faulting application path: GfExperienceService.exe1
Faulting module path: GfExperienceService.exe2
Report Id: GfExperienceService.exe3
Faulting package full name: GfExperienceService.exe4
Faulting package-relative application ID: GfExperienceService.exe5
 
Error: (11/06/2015 09:31:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.5306, time stamp: 0x55668995
Faulting module name: SafeGuard64.dll, version: 1.0.0.26, time stamp: 0x561cde83
Exception code: 0xc0000005
Fault offset: 0x000000000013b3dc
Faulting process id: 0x15d8
Faulting application start time: 0xnvtray.exe0
Faulting application path: nvtray.exe1
Faulting module path: nvtray.exe2
Report Id: nvtray.exe3
Faulting package full name: nvtray.exe4
Faulting package-relative application ID: nvtray.exe5
 
Error: (11/06/2015 08:03:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeClickToRun.exe, version: 15.0.4763.1002, time stamp: 0x5615b142
Faulting module name: SafeGuard64.dll_unloaded, version: 1.0.0.26, time stamp: 0x561cde83
Exception code: 0xc0000005
Fault offset: 0x000000000004deab
Faulting process id: 0x734
Faulting application start time: 0xOfficeClickToRun.exe0
Faulting application path: OfficeClickToRun.exe1
Faulting module path: OfficeClickToRun.exe2
Report Id: OfficeClickToRun.exe3
Faulting package full name: OfficeClickToRun.exe4
Faulting package-relative application ID: OfficeClickToRun.exe5
 
Error: (11/06/2015 07:23:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GfExperienceService.exe, version: 2.4.5.57, time stamp: 0x558a8c93
Faulting module name: SafeGuard64.dll_unloaded, version: 1.0.0.26, time stamp: 0x561cde83
Exception code: 0xc0000005
Fault offset: 0x000000000004deab
Faulting process id: 0x880
Faulting application start time: 0xGfExperienceService.exe0
Faulting application path: GfExperienceService.exe1
Faulting module path: GfExperienceService.exe2
Report Id: GfExperienceService.exe3
Faulting package full name: GfExperienceService.exe4
Faulting package-relative application ID: GfExperienceService.exe5
 
Error: (11/06/2015 04:50:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.5306, time stamp: 0x55668995
Faulting module name: SafeGuard64.dll, version: 1.0.0.26, time stamp: 0x561cde83
Exception code: 0xc0000005
Fault offset: 0x000000000013b3dc
Faulting process id: 0x16fc
Faulting application start time: 0xnvtray.exe0
Faulting application path: nvtray.exe1
Faulting module path: nvtray.exe2
Report Id: nvtray.exe3
Faulting package full name: nvtray.exe4
Faulting package-relative application ID: nvtray.exe5
 
Error: (11/06/2015 04:47:44 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000CE73739B10).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/06/2015 04:45:44 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000CE73739A70).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/06/2015 04:43:44 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000CE73739A70).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
Error: (11/06/2015 04:41:44 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000CE7373A290).
 
 
Operation:
   Get Shadow Copy Properties
 
Context:
   Execution Context: Coordinator
 
 
System errors:
=============
Error: (11/07/2015 11:02:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (11/07/2015 11:02:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:12:34 PM on ‎11/‎6/‎2015 was unexpected.
 
Error: (11/07/2015 11:01:52 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841145088
 
Error: (11/06/2015 09:57:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office ClickToRun Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (11/06/2015 09:47:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA GeForce Experience Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/06/2015 08:42:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3
 
Error: (11/06/2015 08:42:14 PM) (Source: DCOM) (EventID: 10010) (User: OSCARROJAS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/06/2015 08:42:14 PM) (Source: DCOM) (EventID: 10010) (User: OSCARROJAS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (11/06/2015 08:03:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office ClickToRun Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (11/06/2015 07:23:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA GeForce Experience Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
CodeIntegrity:
===================================
  Date: 2015-11-06 16:48:47.765
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
 
  Date: 2015-11-06 16:48:47.764
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\ProgramData\System32\SafeGuard64.dll that did not meet the security requirements for Shared Sections.
 
  Date: 2015-11-06 14:25:57.640
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-06 14:25:57.131
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-06 14:25:56.603
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-06 14:25:56.065
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-06 14:25:55.499
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-06 14:25:51.300
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-06 14:25:50.790
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-11-06 14:25:50.279
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4720HQ CPU @ 2.60GHz
Percentage of memory in use: 22%
Total physical RAM: 16297.91 MB
Available physical RAM: 12651.01 MB
Total Virtual: 18729.91 MB
Available Virtual: 15057.48 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:103.57 GB) (Free:26.55 GB) NTFS
Drive d: (Oscar Rojas) (Fixed) (Total:931.39 GB) (Free:611.8 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 58A13B48)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
If this should fail we may have to work outside of windows

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:


CreateRestorePoint:
Winsock: Catalog5 08 C:\ProgramData\System32\SafeGuard32.dll No File
Winsock: Catalog5-x64 08 C:\ProgramData\System32\SafeGuard64.dll [2316728 2015-11-01] ()
CHR NewTab: Default -> "chrome-extension://mgmiemnjjchgkmgbeljfocdjjnpjnmcg/ntp.html"
2015-10-28 14:11 - 2015-10-29 13:23 - 00000032 ___SH C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
2015-10-28 14:11 - 2015-10-29 13:23 - 0000032 ___SH () C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Reboot to safe mode with networking - http://www.howtogeek...8-the-easy-way/- 1st option should work :)

Download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application
    tdss%20start.JPG
  • Then click on Change parameters.

    tdss%20Change%20param.JPG
  • Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.
  • Click the Start Scan button.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    tdss%20threat.JPG
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    tdss%20report.JPG
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Please copy and paste its contents on your next reply.
  • 0

#5
musicalogist

musicalogist

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Ok, I did that, below are the logs. 

 

TDSSKiller found suspicious objects (skipped), but not malicious

 

It looks like it worked, everything seems to be working fine. I'm now able to install and run avast. No problem with accessing the web pages.

 

How can I tell if everthing is ok now? What do you recommend for antivirus/others to be safe?

 

Thanks a lot!

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Oscar (2015-11-08 11:05:10) Run:1
Running from D:\Cloud Files\Desktop-LAP
Loaded Profiles: Oscar (Available Profiles: Oscar)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
Winsock: Catalog5 08 C:\ProgramData\System32\SafeGuard32.dll No File
Winsock: Catalog5-x64 08 C:\ProgramData\System32\SafeGuard64.dll [2316728 2015-11-01] ()
CHR NewTab: Default -> "chrome-extension://mgmiemnjjchgkmgbeljfocdjjnpjnmcg/ntp.html"
2015-10-28 14:11 - 2015-10-29 13:23 - 00000032 ___SH C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
2015-10-28 14:11 - 2015-10-29 13:23 - 0000032 ___SH () C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008" => key removed successfully
Chrome NewTab => removed successfully
C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat => moved successfully
"C:\Users\Oscar\AppData\Roaming\{A99FB86C-4807-4c30-8B95-FAE7D70C61BD}.dat" => not found.
C:\Windows => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2700374867-1607317419-1423608881-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
 
 
 
 
11:43:37.0337 0x0e08  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:43:37.0337 0x0e08  UEFI system
11:43:41.0678 0x0e08  ============================================================
11:43:41.0678 0x0e08  Current date / time: 2015/11/08 11:43:41.0678
11:43:41.0678 0x0e08  SystemInfo:
11:43:41.0678 0x0e08  
11:43:41.0678 0x0e08  OS Version: 6.3.9600 ServicePack: 0.0
11:43:41.0678 0x0e08  Product type: Workstation
11:43:41.0678 0x0e08  ComputerName: OSCARROJAS
11:43:41.0678 0x0e08  UserName: Oscar
11:43:41.0678 0x0e08  Windows directory: C:\Windows
11:43:41.0678 0x0e08  System windows directory: C:\Windows
11:43:41.0678 0x0e08  Running under WOW64
11:43:41.0678 0x0e08  Processor architecture: Intel x64
11:43:41.0678 0x0e08  Number of processors: 8
11:43:41.0678 0x0e08  Page size: 0x1000
11:43:41.0678 0x0e08  Boot type: Safe boot with network
11:43:41.0678 0x0e08  ============================================================
11:43:41.0740 0x0e08  KLMD registered as C:\Windows\system32\drivers\47676696.sys
11:43:41.0772 0x0e08  System UUID: {591B8E7A-D10A-ECB9-F0AC-DAB66CE2B86C}
11:43:41.0959 0x0e08  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:43:41.0975 0x0e08  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:43:41.0975 0x0e08  ============================================================
11:43:41.0975 0x0e08  \Device\Harddisk0\DR0:
11:43:41.0975 0x0e08  GPT partitions:
11:43:41.0975 0x0e08  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {23987DDF-347F-40A6-B1AF-6CBB7B6AF607}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
11:43:41.0975 0x0e08  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {267EAA36-EB13-4863-B426-C417B0B21853}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x82000
11:43:41.0975 0x0e08  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AA2144AA-5D29-47E1-A8EF-9D47F40D42D0}, Name: Microsoft reserved partition, StartLBA 0x118800, BlocksNum 0x40000
11:43:41.0975 0x0e08  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DDC84722-446F-4512-B108-39AF7084AEAC}, Name: Basic data partition, StartLBA 0x158800, BlocksNum 0xCF23800
11:43:41.0975 0x0e08  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DF58B5D5-092C-45D2-937B-EBC911449B74}, Name: Basic data partition, StartLBA 0xD07C000, BlocksNum 0x1E00000
11:43:41.0975 0x0e08  MBR partitions:
11:43:41.0975 0x0e08  \Device\Harddisk1\DR1:
11:43:41.0975 0x0e08  GPT partitions:
11:43:41.0975 0x0e08  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A519F814-2E1B-465E-AD41-D966121454B4}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
11:43:41.0975 0x0e08  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5F33E01E-7EB2-4C08-B353-CABB8894D226}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
11:43:41.0975 0x0e08  MBR partitions:
11:43:41.0975 0x0e08  ============================================================
11:43:41.0975 0x0e08  C: <-> \Device\Harddisk0\DR0\Partition4
11:43:41.0990 0x0e08  D: <-> \Device\Harddisk1\DR1\Partition2
11:43:41.0990 0x0e08  ============================================================
11:43:41.0990 0x0e08  Initialize success
11:43:41.0990 0x0e08  ============================================================
11:44:40.0957 0x0eac  ============================================================
11:44:40.0957 0x0eac  Scan started
11:44:40.0957 0x0eac  Mode: Manual; SigCheck; TDLFS; 
11:44:40.0957 0x0eac  ============================================================
11:44:40.0957 0x0eac  KSN ping started
11:44:42.0442 0x0eac  KSN ping finished: true
11:44:42.0775 0x0eac  ================ Scan system memory ========================
11:44:42.0775 0x0eac  System memory - ok
11:44:42.0776 0x0eac  ================ Scan services =============================
11:44:42.0783 0x0eac  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Programas\SUPERAntiSpyware\SASCORE64.EXE
11:44:42.0798 0x0eac  !SASCORE - ok
11:44:42.0823 0x0eac  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
11:44:42.0839 0x0eac  1394ohci - ok
11:44:42.0855 0x0eac  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
11:44:42.0855 0x0eac  3ware - ok
11:44:42.0875 0x0eac  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:44:42.0892 0x0eac  ACPI - ok
11:44:42.0896 0x0eac  [ CFA8E06DEFA40BA2702FA92A98BDAA86, CDAD728F6E65026C6B8F348FE09312D024674FB4FDE08749D836EF4FFCF99F0F ] acpials         C:\Windows\System32\drivers\acpials.sys
11:44:42.0902 0x0eac  acpials - ok
11:44:42.0906 0x0eac  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
11:44:42.0912 0x0eac  acpiex - ok
11:44:42.0915 0x0eac  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
11:44:42.0921 0x0eac  acpipagr - ok
11:44:42.0924 0x0eac  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
11:44:42.0925 0x0eac  AcpiPmi - ok
11:44:42.0925 0x0eac  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
11:44:42.0939 0x0eac  acpitime - ok
11:44:42.0943 0x0eac  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:44:42.0948 0x0eac  AdobeARMservice - ok
11:44:42.0965 0x0eac  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
11:44:42.0986 0x0eac  ADP80XX - ok
11:44:42.0994 0x0eac  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:44:43.0008 0x0eac  AeLookupSvc - ok
11:44:43.0020 0x0eac  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
11:44:43.0038 0x0eac  AFD - ok
11:44:43.0043 0x0eac  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:44:43.0049 0x0eac  agp440 - ok
11:44:43.0054 0x0eac  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
11:44:43.0062 0x0eac  ahcache - ok
11:44:43.0066 0x0eac  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
11:44:43.0074 0x0eac  ALG - ok
11:44:43.0075 0x0eac  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
11:44:43.0075 0x0eac  AmdK8 - ok
11:44:43.0091 0x0eac  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
11:44:43.0091 0x0eac  AmdPPM - ok
11:44:43.0103 0x0eac  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:44:43.0109 0x0eac  amdsata - ok
11:44:43.0117 0x0eac  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:44:43.0127 0x0eac  amdsbs - ok
11:44:43.0130 0x0eac  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:44:43.0136 0x0eac  amdxata - ok
11:44:43.0140 0x0eac  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
11:44:43.0147 0x0eac  AppID - ok
11:44:43.0152 0x0eac  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:44:43.0158 0x0eac  AppIDSvc - ok
11:44:43.0163 0x0eac  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
11:44:43.0171 0x0eac  Appinfo - ok
11:44:43.0185 0x0eac  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
11:44:43.0201 0x0eac  AppReadiness - ok
11:44:43.0224 0x0eac  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
11:44:43.0252 0x0eac  AppXSvc - ok
11:44:43.0258 0x0eac  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:44:43.0265 0x0eac  arcsas - ok
11:44:43.0269 0x0eac  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:44:43.0279 0x0eac  AsyncMac - ok
11:44:43.0283 0x0eac  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:44:43.0289 0x0eac  atapi - ok
11:44:43.0296 0x0eac  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:44:43.0307 0x0eac  AudioEndpointBuilder - ok
11:44:43.0325 0x0eac  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:44:43.0346 0x0eac  Audiosrv - ok
11:44:43.0352 0x0eac  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:44:43.0360 0x0eac  AxInstSV - ok
11:44:43.0372 0x0eac  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:44:43.0375 0x0eac  b06bdrv - ok
11:44:43.0391 0x0eac  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
11:44:43.0391 0x0eac  BasicDisplay - ok
11:44:43.0391 0x0eac  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
11:44:43.0391 0x0eac  BasicRender - ok
11:44:43.0406 0x0eac  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
11:44:43.0406 0x0eac  bcmfn2 - ok
11:44:43.0422 0x0eac  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
11:44:43.0438 0x0eac  BDESVC - ok
11:44:43.0441 0x0eac  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
11:44:43.0448 0x0eac  Beep - ok
11:44:43.0465 0x0eac  [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE             C:\Windows\System32\bfe.dll
11:44:43.0474 0x0eac  BFE - ok
11:44:43.0490 0x0eac  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
11:44:43.0521 0x0eac  BITS - ok
11:44:43.0537 0x0eac  [ E66FA967B5659C5725344582F250A6E9, 1C8DFF65E414EA3ADD8992F19E95F96FDBC557D101B29E3138DBCF364E7E4115 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:44:43.0568 0x0eac  Bluetooth Device Monitor - ok
11:44:43.0584 0x0eac  [ 13323CD3010EDFD7E72104E3EE415692, 9453CBC6D7F5CCFD915C8C3050B755B3493327B410E15D982FAAF59B6FDF245C ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:44:43.0599 0x0eac  Bluetooth OBEX Service - ok
11:44:43.0615 0x0eac  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:44:43.0615 0x0eac  bowser - ok
11:44:43.0615 0x0eac  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:44:43.0631 0x0eac  BrokerInfrastructure - ok
11:44:43.0631 0x0eac  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
11:44:43.0646 0x0eac  Browser - ok
11:44:43.0646 0x0eac  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
11:44:43.0662 0x0eac  BthAvrcpTg - ok
11:44:43.0662 0x0eac  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
11:44:43.0662 0x0eac  BthEnum - ok
11:44:43.0662 0x0eac  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
11:44:43.0678 0x0eac  BthHFEnum - ok
11:44:43.0678 0x0eac  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
11:44:43.0678 0x0eac  bthhfhid - ok
11:44:43.0693 0x0eac  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
11:44:43.0709 0x0eac  BthHFSrv - ok
11:44:43.0709 0x0eac  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
11:44:43.0724 0x0eac  BthLEEnum - ok
11:44:43.0724 0x0eac  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
11:44:43.0724 0x0eac  BTHMODEM - ok
11:44:43.0740 0x0eac  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
11:44:43.0740 0x0eac  BthPan - ok
11:44:43.0771 0x0eac  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:44:43.0787 0x0eac  BTHPORT - ok
11:44:43.0803 0x0eac  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
11:44:43.0803 0x0eac  bthserv - ok
11:44:43.0818 0x0eac  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:44:43.0818 0x0eac  BTHUSB - ok
11:44:43.0818 0x0eac  [ 70F8310E8B36DFCAD9A11720929E20ED, 1E591FE15F59474CD9D9241197F7EB784F331B800BA2DCF9F5680D4408CE0D9C ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
11:44:43.0834 0x0eac  btmaux - ok
11:44:43.0849 0x0eac  [ 94A99773CC88E25E61E99EB137D7C176, 02B113C6E6577C2A931B79D839B626CDB16A59C800BACC7B750A5F2597F527A2 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
11:44:43.0881 0x0eac  btmhsf - ok
11:44:43.0881 0x0eac  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:44:43.0896 0x0eac  cdfs - ok
11:44:43.0896 0x0eac  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
11:44:43.0896 0x0eac  cdrom - ok
11:44:43.0912 0x0eac  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:44:43.0912 0x0eac  CertPropSvc - ok
11:44:43.0928 0x0eac  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
11:44:43.0928 0x0eac  circlass - ok
11:44:43.0943 0x0eac  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
11:44:43.0943 0x0eac  CLFS - ok
11:44:43.0990 0x0eac  [ 9A5944952B122BBF68D0032EF440CFB5, D4046BA3F985A7F95F1A4A55B6F2976E292C861771CAC80CEC6DE4C82E8FDBB0 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
11:44:44.0053 0x0eac  ClickToRunSvc - ok
11:44:44.0053 0x0eac  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
11:44:44.0068 0x0eac  CmBatt - ok
11:44:44.0068 0x0eac  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:44:44.0084 0x0eac  CNG - ok
11:44:44.0099 0x0eac  [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64    C:\Windows\System32\drivers\lvbflt64.sys
11:44:44.0099 0x0eac  CompFilter64 - ok
11:44:44.0099 0x0eac  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
11:44:44.0099 0x0eac  CompositeBus - ok
11:44:44.0115 0x0eac  COMSysApp - ok
11:44:44.0115 0x0eac  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
11:44:44.0115 0x0eac  condrv - ok
11:44:44.0146 0x0eac  [ 7C3EF8B5521499E47D2C5402031831C4, C71DD1BC87DCD34F97D809B66F6081E17D3C135E8E185DE2451484543A08D23A ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:44:44.0146 0x0eac  cphs - ok
11:44:44.0162 0x0eac  cpuz136 - ok
11:44:44.0193 0x0eac  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:44:44.0193 0x0eac  CryptSvc - ok
11:44:44.0193 0x0eac  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\Windows\system32\drivers\dam.sys
11:44:44.0209 0x0eac  dam - ok
11:44:44.0224 0x0eac  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:44:44.0240 0x0eac  DcomLaunch - ok
11:44:44.0256 0x0eac  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
11:44:44.0271 0x0eac  defragsvc - ok
11:44:44.0271 0x0eac  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
11:44:44.0287 0x0eac  DeviceAssociationService - ok
11:44:44.0287 0x0eac  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
11:44:44.0303 0x0eac  DeviceInstall - ok
11:44:44.0303 0x0eac  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
11:44:44.0318 0x0eac  Dfsc - ok
11:44:44.0318 0x0eac  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:44:44.0334 0x0eac  Dhcp - ok
11:44:44.0366 0x0eac  [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:44:44.0389 0x0eac  DiagTrack - ok
11:44:44.0389 0x0eac  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
11:44:44.0405 0x0eac  disk - ok
11:44:44.0467 0x0eac  [ 049873231E244D795CE1F32BDE5DA7B2, 1EABBA118B0A0129E7CE4999D3157F02C701C4D5C118C03EDB1F8A038F48748A ] DisplayFusionService C:\Programas\DisplayFusion\DisplayFusionService.exe
11:44:44.0546 0x0eac  DisplayFusionService - ok
11:44:44.0717 0x0eac  [ 78C87C753568BEE9E70805209D8CBF0C, 4736973F1AFDA6EA07CBDC7CA620363B41DE1D59544943B8C6C65F3F56C38B26 ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
11:44:44.0923 0x0eac  DisplayLinkService - ok
11:44:44.0935 0x0eac  [ 6A23A67251FB95437FC87E1A60ABCBFB, 9DAEFCAD25AEBA6BF6442BA8A7BF649227FC5E502D5E2E6AA536D154D648DAAA ] DisplayLinkUsbIo_x64 C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.296.0.sys
11:44:44.0940 0x0eac  DisplayLinkUsbIo_x64 - ok
11:44:44.0944 0x0eac  [ 570CD7FC6AA2A9465374F98802B86EB9, B056849EA95142BE13BA1C9A68B59811E759299D089DB265D1C287114FD56A75 ] dlcdcncm        C:\Windows\system32\DRIVERS\dlcdcncm62_x64.sys
11:44:44.0949 0x0eac  dlcdcncm - ok
11:44:44.0959 0x0eac  [ 357D74F6A4D22E45F700285D0B72ED99, 8CC701E8D8636751C2C4D84F9FB74A167C41C2E1DD1EE9667FD19EB69D22053E ] dlkmd           C:\Windows\system32\drivers\dlkmd.sys
11:44:44.0969 0x0eac  dlkmd - ok
11:44:44.0972 0x0eac  [ E2CB30248E8AE8E70C05CD954342D4DC, CD6131A58F4954D38F7E8DF44A966D21A3722E2B0B05BFB9C2437D704DA22114 ] dlkmdldr        C:\Windows\system32\drivers\dlkmdldr.sys
11:44:44.0975 0x0eac  dlkmdldr - ok
11:44:44.0982 0x0eac  [ AF612C81078BF6F7543E78BBCEE9BCDE, DD3608FB0CE4E77FA7C724BCB5D295F8EC4E3238DC964DBFF8154E2A8856AEAF ] dlusbaudio      C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys
11:44:44.0989 0x0eac  dlusbaudio - ok
11:44:44.0993 0x0eac  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
11:44:44.0998 0x0eac  dmvsc - ok
11:44:45.0005 0x0eac  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:44:45.0008 0x0eac  Dnscache - ok
11:44:45.0008 0x0eac  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:44:45.0023 0x0eac  dot3svc - ok
11:44:45.0023 0x0eac  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
11:44:45.0039 0x0eac  DPS - ok
11:44:45.0039 0x0eac  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:44:45.0055 0x0eac  drmkaud - ok
11:44:45.0055 0x0eac  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
11:44:45.0070 0x0eac  DsmSvc - ok
11:44:45.0070 0x0eac  [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus   C:\Windows\System32\drivers\dtlitescsibus.sys
11:44:45.0070 0x0eac  dtlitescsibus - ok
11:44:45.0101 0x0eac  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:44:45.0133 0x0eac  DXGKrnl - ok
11:44:45.0133 0x0eac  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
11:44:45.0148 0x0eac  Eaphost - ok
11:44:45.0195 0x0eac  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:44:45.0273 0x0eac  ebdrv - ok
11:44:45.0273 0x0eac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
11:44:45.0273 0x0eac  EFS - ok
11:44:45.0289 0x0eac  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
11:44:45.0289 0x0eac  EhStorClass - ok
11:44:45.0289 0x0eac  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:44:45.0305 0x0eac  EhStorTcgDrv - ok
11:44:45.0305 0x0eac  [ 8E82ED3F61CE870301F4D18E9479A584, EFE8AB8BECA47F87A3572369A9B13FD90246A0893A6D1CC9D27533E7F6C95EBE ] ElevateService  C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
11:44:45.0305 0x0eac  ElevateService - detected UnsignedFile.Multi.Generic ( 1 )
11:44:47.0594 0x0eac  ElevateService ( UnsignedFile.Multi.Generic ) - warning
11:44:49.0345 0x0eac  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
11:44:49.0351 0x0eac  ErrDev - ok
11:44:49.0356 0x0eac  [ 7AEC5E76816178BF6C543A155D8208B6, 7A591CD484B92A88C01F6FA309BECD9D56B4EDE05875427D0D6CAF25E286D860 ] esgiguard       C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
11:44:49.0361 0x0eac  esgiguard - ok
11:44:49.0365 0x0eac  [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner      C:\Windows\system32\DRIVERS\EsgScanner.sys
11:44:49.0369 0x0eac  EsgScanner - ok
11:44:49.0380 0x0eac  [ C7B596ADA0BD0CE0E59AF84411589C0A, 5A7DDACFAF669F8EE9E8B47A54234D48AD292461ADB1B88EC7FFEE4FCFF8B245 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
11:44:49.0390 0x0eac  ETD - ok
11:44:49.0395 0x0eac  [ 7DDBB8551A393261B72315A521ADA06A, 918291ED84E1B516005B4D42614BE35CF08C41AFF91320DAFAE64FAFCEFE9CFB ] ETDService      C:\Program Files\Elantech\ETDService.exe
11:44:49.0401 0x0eac  ETDService - ok
11:44:49.0413 0x0eac  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
11:44:49.0429 0x0eac  EventSystem - ok
11:44:49.0444 0x0eac  [ 19650EC5626194CDD17E85A27B38D1E1, A08A592E949646988B1D16030758E776A64B2889C6FF027A0523573E000C3306 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:44:49.0458 0x0eac  EvtEng - ok
11:44:49.0467 0x0eac  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:44:49.0483 0x0eac  exfat - ok
11:44:49.0490 0x0eac  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:44:49.0500 0x0eac  fastfat - ok
11:44:49.0515 0x0eac  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
11:44:49.0532 0x0eac  Fax - ok
11:44:49.0537 0x0eac  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
11:44:49.0543 0x0eac  fdc - ok
11:44:49.0547 0x0eac  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:44:49.0554 0x0eac  fdPHost - ok
11:44:49.0557 0x0eac  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:44:49.0565 0x0eac  FDResPub - ok
11:44:49.0571 0x0eac  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
11:44:49.0579 0x0eac  fhsvc - ok
11:44:49.0585 0x0eac  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:44:49.0591 0x0eac  FileInfo - ok
11:44:49.0594 0x0eac  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:44:49.0604 0x0eac  Filetrace - ok
11:44:49.0607 0x0eac  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
11:44:49.0614 0x0eac  flpydisk - ok
11:44:49.0623 0x0eac  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:44:49.0636 0x0eac  FltMgr - ok
11:44:49.0662 0x0eac  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\Windows\system32\FntCache.dll
11:44:49.0693 0x0eac  FontCache - ok
11:44:49.0697 0x0eac  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:44:49.0704 0x0eac  FontCache3.0.0.0 - ok
11:44:49.0708 0x0eac  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:44:49.0715 0x0eac  FsDepends - ok
11:44:49.0719 0x0eac  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:44:49.0724 0x0eac  Fs_Rec - ok
11:44:49.0737 0x0eac  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:44:49.0754 0x0eac  fvevol - ok
11:44:49.0758 0x0eac  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
11:44:49.0765 0x0eac  FxPPM - ok
11:44:49.0770 0x0eac  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:44:49.0776 0x0eac  gagp30kx - ok
11:44:49.0780 0x0eac  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
11:44:49.0786 0x0eac  gencounter - ok
11:44:49.0807 0x0eac  [ 171CCFEB86294AFAA3609DB3899A841E, 0C2162A2D4A276182E922BBEF195CB936ABCBE6729C535CA23CDA9DAD0DDF491 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:44:49.0831 0x0eac  GfExperienceService - ok
11:44:49.0836 0x0eac  [ CF0B4FD1C219AD2F9A610866A94B2A4B, A0D3569B58D45DE7A05A15E7125BD86FCC4E87B81D8383E3621090B7F0CC8B3A ] gfiark          C:\Windows\system32\drivers\gfiark.sys
11:44:49.0841 0x0eac  gfiark - ok
11:44:49.0845 0x0eac  [ 16A23FF8621929ADC5B18DCCD5E206EE, 6204E3110503F76DC5970FDBD7340CE1265EE57196759E4D4DB187BAF119FF22 ] gfiutil         C:\Windows\system32\drivers\gfiutil.sys
11:44:49.0849 0x0eac  gfiutil - ok
11:44:49.0855 0x0eac  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
11:44:49.0864 0x0eac  GPIOClx0101 - ok
11:44:49.0892 0x0eac  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:44:49.0923 0x0eac  gpsvc - ok
11:44:49.0932 0x0eac  GPUZ - ok
11:44:49.0937 0x0eac  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:44:49.0943 0x0eac  gupdate - ok
11:44:49.0946 0x0eac  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:44:49.0950 0x0eac  gupdatem - ok
11:44:49.0959 0x0eac  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:44:49.0974 0x0eac  HdAudAddService - ok
11:44:49.0974 0x0eac  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
11:44:49.0974 0x0eac  HDAudBus - ok
11:44:49.0990 0x0eac  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
11:44:49.0990 0x0eac  HidBatt - ok
11:44:49.0990 0x0eac  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
11:44:50.0009 0x0eac  HidBth - ok
11:44:50.0013 0x0eac  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
11:44:50.0019 0x0eac  hidi2c - ok
11:44:50.0022 0x0eac  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
11:44:50.0026 0x0eac  HidIr - ok
11:44:50.0026 0x0eac  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
11:44:50.0026 0x0eac  hidserv - ok
11:44:50.0026 0x0eac  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
11:44:50.0042 0x0eac  HidUsb - ok
11:44:50.0042 0x0eac  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:44:50.0058 0x0eac  hkmsvc - ok
11:44:50.0058 0x0eec  Object required for P2P: [ 78C87C753568BEE9E70805209D8CBF0C ] DisplayLinkService
11:44:50.0058 0x0eac  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:44:50.0073 0x0eac  HomeGroupListener - ok
11:44:50.0073 0x0eac  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:44:50.0089 0x0eac  HomeGroupProvider - ok
11:44:50.0105 0x0eac  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:44:50.0105 0x0eac  HpSAMD - ok
11:44:50.0120 0x0eac  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:44:50.0151 0x0eac  HTTP - ok
11:44:50.0151 0x0eac  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:44:50.0151 0x0eac  hwpolicy - ok
11:44:50.0151 0x0eac  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
11:44:50.0167 0x0eac  hyperkbd - ok
11:44:50.0167 0x0eac  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
11:44:50.0167 0x0eac  HyperVideo - ok
11:44:50.0167 0x0eac  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
11:44:50.0183 0x0eac  i8042prt - ok
11:44:50.0183 0x0eac  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
11:44:50.0183 0x0eac  iaLPSSi_GPIO - ok
11:44:50.0198 0x0eac  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
11:44:50.0198 0x0eac  iaLPSSi_I2C - ok
11:44:50.0230 0x0eac  [ BA2C068FC92EF7232527FC66566F08FB, C25644A7F286F724181363C21D006A02D651D2B819086F7490B7F4B7869D1DF3 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
11:44:50.0245 0x0eac  iaStorA - ok
11:44:50.0261 0x0eac  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
11:44:50.0276 0x0eac  iaStorAV - ok
11:44:50.0276 0x0eac  [ 6C99DF5B6A6EB1D8D6F3FD60A0C614D6, 66147DE733FDAEF14660663764E90313E7A2CE3C6467ABAB99F71D00B96C4EB3 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:44:50.0276 0x0eac  IAStorDataMgrSvc - ok
11:44:50.0292 0x0eac  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:44:50.0308 0x0eac  iaStorV - ok
11:44:50.0308 0x0eac  [ F940AE47E43B4C74383268D5144C1129, C3D4BDDE08FEF2C56DA79D658549AE910528FFA809AAC5D1B6974B7CC5DD5EA2 ] iBtSiva         C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
11:44:50.0323 0x0eac  iBtSiva - ok
11:44:50.0323 0x0eac  [ E2766E3ABBB1DB41DE88BE476DBC028F, 2E2D7F639AA1A6730261930728436AEFDA93D3D9495A2FE6589D7C497CE99AC4 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
11:44:50.0323 0x0eac  ibtusb - ok
11:44:50.0339 0x0eac  IEEtwCollectorService - ok
11:44:50.0407 0x0eac  [ C5E23116B13704940651AD1694B1A37D, 2FF3E2D16799B0D896E1CE9AB22637FF290CD9D03EBE773EBC2C23281A9C6F8C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:44:50.0516 0x0eac  igfx - ok
11:44:50.0516 0x0eac  [ F5BBF0F3A5F2FE6B292038132D483A25, C4E3BF543E5F83A56FC6BD48A54191592F242EF64DFD7F5277E13BDD66554B4C ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
11:44:50.0532 0x0eac  igfxCUIService1.0.0.0 - ok
11:44:50.0548 0x0eac  [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT          C:\Windows\System32\ikeext.dll
11:44:50.0579 0x0eac  IKEEXT - ok
11:44:50.0579 0x0eac  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:44:50.0579 0x0eac  intaud_WaveExtensible - ok
11:44:50.0657 0x0eac  [ 3AB7D8548788C167F970E87B5D829901, 6C7FF62B0DD2364E174212D646AA098CB6F53442170E0BBE235B5B4303B38D53 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:44:50.0719 0x0eac  IntcAzAudAddService - ok
11:44:50.0735 0x0eac  [ 8AEEE0F4D210B61F917CFEA9653973C4, F09389C2A3E1DED402C08BF1A30BD79A342B0E55AD4996CF2E5189A004E6E62F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:44:50.0751 0x0eac  IntcDAud - ok
11:44:50.0766 0x0eac  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:44:50.0795 0x0eac  Intel® Capability Licensing Service TCP IP Interface - ok
11:44:50.0800 0x0eac  [ 9417DBC88A3A80F6177BCA204B16A016, A1CAEEDB634C5858D6C448F38BB1464F555D9AC1EC4340DFD0E10E69B4F3CF07 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
11:44:50.0805 0x0eac  Intel® ME Service - ok
11:44:50.0808 0x0eac  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:44:50.0813 0x0eac  intelide - ok
11:44:50.0817 0x0eac  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
11:44:50.0822 0x0eac  intelpep - ok
11:44:50.0825 0x0eac  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
11:44:50.0825 0x0eac  intelppm - ok
11:44:50.0825 0x0eac  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:44:50.0841 0x0eac  IpFilterDriver - ok
11:44:50.0856 0x0eac  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:44:50.0872 0x0eac  iphlpsvc - ok
11:44:50.0888 0x0eac  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
11:44:50.0888 0x0eac  IPMIDRV - ok
11:44:50.0888 0x0eac  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:44:50.0903 0x0eac  IPNAT - ok
11:44:50.0903 0x0eac  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:44:50.0903 0x0eac  IRENUM - ok
11:44:50.0919 0x0eac  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:44:50.0919 0x0eac  isapnp - ok
11:44:50.0919 0x0eac  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
11:44:50.0944 0x0eac  iScsiPrt - ok
11:44:50.0950 0x0eac  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
11:44:50.0957 0x0eac  iumsvc - ok
11:44:50.0960 0x0eac  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
11:44:50.0965 0x0eac  iwdbus - ok
11:44:50.0969 0x0eac  [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
11:44:50.0974 0x0eac  jhi_service - ok
11:44:50.0978 0x0eac  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
11:44:50.0984 0x0eac  kbdclass - ok
11:44:50.0988 0x0eac  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
11:44:50.0991 0x0eac  kbdhid - ok
11:44:50.0991 0x0eac  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
11:44:50.0991 0x0eac  kdnic - ok
11:44:50.0991 0x0eac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
11:44:51.0007 0x0eac  KeyIso - ok
11:44:51.0007 0x0eac  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:44:51.0007 0x0eac  KSecDD - ok
11:44:51.0022 0x0eac  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:44:51.0022 0x0eac  KSecPkg - ok
11:44:51.0038 0x0eac  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:44:51.0038 0x0eac  ksthunk - ok
11:44:51.0038 0x0eac  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:44:51.0054 0x0eac  KtmRm - ok
11:44:51.0069 0x0eac  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:44:51.0085 0x0eac  LanmanServer - ok
11:44:51.0085 0x0eac  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:44:51.0100 0x0eac  LanmanWorkstation - ok
11:44:51.0100 0x0eac  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
11:44:51.0116 0x0eac  LBTServ - ok
11:44:51.0116 0x0eac  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
11:44:51.0116 0x0eac  LEqdUsb - ok
11:44:51.0132 0x0eac  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
11:44:51.0147 0x0eac  lfsvc - ok
11:44:51.0147 0x0eac  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
11:44:51.0147 0x0eac  LHidEqd - ok
11:44:51.0163 0x0eac  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:44:51.0163 0x0eac  LHidFilt - ok
11:44:51.0163 0x0eac  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:44:51.0179 0x0eac  lltdio - ok
11:44:51.0179 0x0eac  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:44:51.0194 0x0eac  lltdsvc - ok
11:44:51.0194 0x0eac  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:44:51.0194 0x0eac  lmhosts - ok
11:44:51.0210 0x0eac  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:44:51.0210 0x0eac  LMouFilt - ok
11:44:51.0210 0x0eac  [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:44:51.0225 0x0eac  LMS - ok
11:44:51.0225 0x0eac  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:44:51.0241 0x0eac  LSI_SAS - ok
11:44:51.0241 0x0eac  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:44:51.0241 0x0eac  LSI_SAS2 - ok
11:44:51.0257 0x0eac  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
11:44:51.0257 0x0eac  LSI_SAS3 - ok
11:44:51.0257 0x0eac  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
11:44:51.0272 0x0eac  LSI_SSS - ok
11:44:51.0288 0x0eac  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
11:44:51.0304 0x0eac  LSM - ok
11:44:51.0304 0x0eac  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:44:51.0319 0x0eac  luafv - ok
11:44:51.0319 0x0eac  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
11:44:51.0335 0x0eac  LVRS64 - ok
11:44:51.0413 0x0eac  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
11:44:51.0460 0x0eec  Object send P2P result: true
11:44:51.0507 0x0eac  LVUVC64 - ok
11:44:51.0507 0x0eac  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
11:44:51.0522 0x0eac  megasas - ok
11:44:51.0522 0x0eac  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
11:44:51.0554 0x0eac  megasr - ok
11:44:51.0554 0x0eac  [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
11:44:51.0554 0x0eac  MEIx64 - ok
11:44:51.0569 0x0eac  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
11:44:51.0569 0x0eac  MMCSS - ok
11:44:51.0569 0x0eac  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
11:44:51.0585 0x0eac  Modem - ok
11:44:51.0585 0x0eac  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
11:44:51.0585 0x0eac  monitor - ok
11:44:51.0600 0x0eac  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
11:44:51.0600 0x0eac  mouclass - ok
11:44:51.0600 0x0eac  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
11:44:51.0616 0x0eac  mouhid - ok
11:44:51.0632 0x0eac  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:44:51.0647 0x0eac  mountmgr - ok
11:44:51.0647 0x0eac  [ C61EE1594B023725B77915F79E656618, A4AD1952E16C7D2A5BC03E6C339BE0B08165A3231443B6A883E5868FBE13E31F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:44:51.0647 0x0eac  MozillaMaintenance - ok
11:44:51.0663 0x0eac  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:44:51.0663 0x0eac  mpsdrv - ok
11:44:51.0679 0x0eac  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:44:51.0694 0x0eac  MpsSvc - ok
11:44:51.0710 0x0eac  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:44:51.0710 0x0eac  MRxDAV - ok
11:44:51.0725 0x0eac  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:44:51.0741 0x0eac  mrxsmb - ok
11:44:51.0741 0x0eac  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:44:51.0757 0x0eac  mrxsmb10 - ok
11:44:51.0757 0x0eac  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:44:51.0772 0x0eac  mrxsmb20 - ok
11:44:51.0772 0x0eac  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
11:44:51.0772 0x0eac  MsBridge - ok
11:44:51.0788 0x0eac  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
11:44:51.0788 0x0eac  MSDTC - ok
11:44:51.0804 0x0eac  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:44:51.0804 0x0eac  Msfs - ok
11:44:51.0804 0x0eac  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
11:44:51.0819 0x0eac  msgpiowin32 - ok
11:44:51.0819 0x0eac  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:44:51.0819 0x0eac  mshidkmdf - ok
11:44:51.0819 0x0eac  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
11:44:51.0835 0x0eac  mshidumdf - ok
11:44:51.0835 0x0eac  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:44:51.0835 0x0eac  msisadrv - ok
11:44:51.0850 0x0eac  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:44:51.0850 0x0eac  MSiSCSI - ok
11:44:51.0850 0x0eac  msiserver - ok
11:44:51.0850 0x0eac  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:44:51.0866 0x0eac  MSKSSRV - ok
11:44:51.0866 0x0eac  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
11:44:51.0882 0x0eac  MsLldp - ok
11:44:51.0882 0x0eac  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:44:51.0882 0x0eac  MSPCLOCK - ok
11:44:51.0882 0x0eac  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:44:51.0897 0x0eac  MSPQM - ok
11:44:51.0897 0x0eac  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:44:51.0913 0x0eac  MsRPC - ok
11:44:51.0913 0x0eac  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
11:44:51.0929 0x0eac  mssmbios - ok
11:44:51.0929 0x0eac  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:44:51.0929 0x0eac  MSTEE - ok
11:44:51.0929 0x0eac  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
11:44:51.0944 0x0eac  MTConfig - ok
11:44:51.0944 0x0eac  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
11:44:51.0944 0x0eac  Mup - ok
11:44:51.0960 0x0eac  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
11:44:51.0960 0x0eac  mvumis - ok
11:44:51.0975 0x0eac  [ F3A35C246D210DFC0FF1E01D7C259E2C, A68BA49E4C387D29B790CE9BDD2114B20775864673E9224F615EA05BA9653BD1 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:44:51.0975 0x0eac  MyWiFiDHCPDNS - ok
11:44:51.0991 0x0eac  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
11:44:52.0007 0x0eac  napagent - ok
11:44:52.0007 0x0eac  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:44:52.0022 0x0eac  NativeWifiP - ok
11:44:52.0022 0x0eac  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
11:44:52.0038 0x0eac  NcaSvc - ok
11:44:52.0038 0x0eac  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
11:44:52.0054 0x0eac  NcbService - ok
11:44:52.0054 0x0eac  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
11:44:52.0069 0x0eac  NcdAutoSetup - ok
11:44:52.0085 0x0eac  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:44:52.0116 0x0eac  NDIS - ok
11:44:52.0116 0x0eac  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:44:52.0116 0x0eac  NdisCap - ok
11:44:52.0132 0x0eac  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:44:52.0132 0x0eac  NdisImPlatform - ok
11:44:52.0132 0x0eac  [ 8DC4CF52E4BA1C85EDEF32A8F9444EDA, 5E6D01591211DF13ED035707125668DB91F2E6A2BA5FDC9B03B71413F00AE279 ] ndisrd          C:\Windows\system32\DRIVERS\ndisrd.sys
11:44:52.0147 0x0eac  ndisrd - ok
11:44:52.0147 0x0eac  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:44:52.0147 0x0eac  NdisTapi - ok
11:44:52.0159 0x0eac  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:44:52.0167 0x0eac  Ndisuio - ok
11:44:52.0170 0x0eac  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
11:44:52.0177 0x0eac  NdisVirtualBus - ok
11:44:52.0184 0x0eac  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:44:52.0195 0x0eac  NdisWan - ok
11:44:52.0200 0x0eac  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
11:44:52.0210 0x0eac  NdisWanLegacy - ok
11:44:52.0214 0x0eac  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:44:52.0221 0x0eac  NDProxy - ok
11:44:52.0226 0x0eac  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
11:44:52.0234 0x0eac  Ndu - ok
11:44:52.0238 0x0eac  [ 96B4C0CE935F934C86662820294F7533, 118987F8A2EC912E1FF9060E9EF512C571343E66D356B09622F60044142345FC ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
11:44:52.0242 0x0eac  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:44:53.0426 0x0eac  Detect skipped due to KSN trusted
11:44:53.0426 0x0eac  Net Driver HPZ12 - ok
11:44:53.0426 0x0eac  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
11:44:53.0426 0x0eac  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
11:44:57.0001 0x0eac  Detect skipped due to KSN trusted
11:44:57.0001 0x0eac  Netaapl - ok
11:44:57.0001 0x0eac  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:44:57.0001 0x0eac  NetBIOS - ok
11:44:57.0017 0x0eac  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:44:57.0032 0x0eac  NetBT - ok
11:44:57.0032 0x0eac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
11:44:57.0032 0x0eac  Netlogon - ok
11:44:57.0048 0x0eac  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
11:44:57.0048 0x0eac  Netman - ok
11:44:57.0063 0x0eac  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
11:44:57.0079 0x0eac  netprofm - ok
11:44:57.0079 0x0eac  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:44:57.0095 0x0eac  NetTcpPortSharing - ok
11:44:57.0095 0x0eac  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
11:44:57.0110 0x0eac  netvsc - ok
11:44:57.0157 0x0eac  [ A59F81164585250885E81D72F4BEC060, EA9649E024D044E70BE2DF90AD2DB194D7EBAEA55C33D85F3F907D1A7E0E48BD ] NETwNb64        C:\Windows\system32\DRIVERS\Netwbw02.sys
11:44:57.0235 0x0eac  NETwNb64 - ok
11:44:57.0298 0x0eac  [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew02.sys
11:44:57.0392 0x0eac  NETwNe64 - ok
11:44:57.0392 0x0eac  [ F76EFDDBEB1F07F37917CA07965B2903, 65FF7239D770B7C158D7B92A9C267CA9DFCFF6F36BB0617FE1C35D442A49E335 ] NitroDriverReadSpool9 C:\Programas\NitroPDF\NitroPDFDriverService9x64.exe
11:44:57.0407 0x0eac  NitroDriverReadSpool9 - ok
11:44:57.0407 0x0eac  [ 00A7C3AF3EDD4F5F2B2B1CE7D7FDD674, 88633C3D4628AF3F9438C16738640B4CD68B83CD9407C94D8EA8C2AAAA8D023F ] NitroUpdateService C:\Programas\NitroPDF\Nitro_UpdateService.exe
11:44:57.0423 0x0eac  NitroUpdateService - ok
11:44:57.0438 0x0eac  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:44:57.0438 0x0eac  NlaSvc - ok
11:44:57.0470 0x0eac  [ C2AACB686395B90E856B2AF85A5F1DA2, D9D80EB6E18D021CE3BDF1B70A6A3AE3E126C9561C168150CF0D5445B45E41B3 ] nlsX86cc        C:\Windows\SysWOW64\NLSSRV32.EXE
11:44:57.0470 0x0eac  nlsX86cc - ok
11:44:57.0501 0x0eac  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:44:57.0501 0x0eac  Npfs - ok
11:44:57.0501 0x0eac  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
11:44:57.0517 0x0eac  npsvctrig - ok
11:44:57.0517 0x0eac  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
11:44:57.0532 0x0eac  nsi - ok
11:44:57.0532 0x0eac  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:44:57.0532 0x0eac  nsiproxy - ok
11:44:57.0563 0x0eac  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:44:57.0610 0x0eac  Ntfs - ok
11:44:57.0610 0x0eac  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
11:44:57.0626 0x0eac  Null - ok
11:44:57.0782 0x0eac  [ 017E0B4AEFCB291E7CF1CD4BF120A7A8, 5C4B8D1AF91DE041F48E06E58ED71EFDD168942259F39012EB1CC957908B554C ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:44:57.0989 0x0eac  nvlddmkm - ok
11:44:58.0024 0x0eac  [ 4B1E6975B565883985FB43C3FD6C88C6, D4CCA860A9AFDF5D729885896B3034A55C4778FE0A333C06B8B71C20BF73A48A ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:44:58.0055 0x0eac  NvNetworkService - ok
11:44:58.0072 0x0eac  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:44:58.0079 0x0eac  nvraid - ok
11:44:58.0085 0x0eac  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:44:58.0093 0x0eac  nvstor - ok
11:44:58.0098 0x0eac  [ DD8043B662B1F0CFC037976E38271975, A129975AE17677783A76E8DBEC6D01709BC40202672AAB5BB72A8E19A285C4C9 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:44:58.0101 0x0eac  NvStreamKms - ok
11:44:58.0102 0x0eac  NvStreamSvc - ok
11:44:58.0107 0x0eac  [ 5141D408272B3681ED6A0E8CCF771EF9, C55304DC5EE588F747DF3B26ED08DE12106B79C686DCD22030F5523FC3F62727 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:44:58.0139 0x0eac  nvsvc - ok
11:44:58.0139 0x0eac  [ 17D21ADA263B31EEDB7EA344AEA4F2E7, 7F6DE0A27DAE8040AC5EA806759A91A61E6AA24717627083508195D21B95FA37 ] NVSWCFilter     C:\Windows\System32\drivers\nvswcfilter.sys
11:44:58.0139 0x0eac  NVSWCFilter - ok
11:44:58.0139 0x0eac  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
11:44:58.0139 0x0eac  nvvad_WaveExtensible - ok
11:44:58.0154 0x0eac  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:44:58.0154 0x0eac  nv_agp - ok
11:44:58.0154 0x0eac  [ 2EB5B86440EB012C483D68E728F4AEAD, 29B0569107D492F6CA627D96E0F4A173F6CE13AC659C0A3EE93D29EB8A7CC8B6 ] OpenVPNService  C:\Programas\HMA! Pro VPN\bin\openvpnserv.exe
11:44:58.0170 0x0eac  OpenVPNService - ok
11:44:58.0170 0x0eac  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:44:58.0170 0x0eac  ose - ok
11:44:58.0185 0x0eac  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:44:58.0201 0x0eac  p2pimsvc - ok
11:44:58.0201 0x0eac  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
11:44:58.0217 0x0eac  p2psvc - ok
11:44:58.0217 0x0eac  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
11:44:58.0239 0x0eac  Parport - ok
11:44:58.0244 0x0eac  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:44:58.0250 0x0eac  partmgr - ok
11:44:58.0261 0x0eac  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:44:58.0264 0x0eac  PcaSvc - ok
11:44:58.0279 0x0eac  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
11:44:58.0279 0x0eac  pci - ok
11:44:58.0295 0x0eac  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:44:58.0295 0x0eac  pciide - ok
11:44:58.0295 0x0eac  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:44:58.0310 0x0eac  pcmcia - ok
11:44:58.0310 0x0eac  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:44:58.0310 0x0eac  pcw - ok
11:44:58.0310 0x0eac  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\Windows\system32\drivers\pdc.sys
11:44:58.0326 0x0eac  pdc - ok
11:44:58.0342 0x0eac  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:44:58.0357 0x0eac  PEAUTH - ok
11:44:58.0373 0x0eac  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:44:58.0389 0x0eac  PerfHost - ok
11:44:58.0428 0x0eac  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
11:44:58.0460 0x0eac  pla - ok
11:44:58.0475 0x0eac  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:44:58.0475 0x0eac  PlugPlay - ok
11:44:58.0475 0x0eac  [ 028E6651E11162AE4F4D0283D78A2EC4, EE34CB8BF5BE95E1841A14111D55170BEEEC8C19B6396763A474CC96E5889D9F ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
11:44:58.0491 0x0eac  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:45:02.0037 0x0eac  Detect skipped due to KSN trusted
11:45:02.0037 0x0eac  Pml Driver HPZ12 - ok
11:45:02.0048 0x0eac  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:45:02.0055 0x0eac  PNRPAutoReg - ok
11:45:02.0064 0x0eac  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:45:02.0074 0x0eac  PNRPsvc - ok
11:45:02.0085 0x0eac  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:45:02.0091 0x0eac  PolicyAgent - ok
11:45:02.0091 0x0eac  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
11:45:02.0107 0x0eac  Power - ok
11:45:02.0107 0x0eac  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:45:02.0122 0x0eac  PptpMiniport - ok
11:45:02.0169 0x0eac  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
11:45:02.0216 0x0eac  PrintNotify - ok
11:45:02.0232 0x0eac  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
11:45:02.0232 0x0eac  Processor - ok
11:45:02.0247 0x0eac  [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc         C:\Windows\system32\profsvc.dll
11:45:02.0247 0x0eac  ProfSvc - ok
11:45:02.0263 0x0eac  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:45:02.0263 0x0eac  Psched - ok
11:45:02.0279 0x0eac  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
11:45:02.0279 0x0eac  QWAVE - ok
11:45:02.0279 0x0eac  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:45:02.0294 0x0eac  QWAVEdrv - ok
11:45:02.0294 0x0eac  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:45:02.0294 0x0eac  RasAcd - ok
11:45:02.0310 0x0eac  [ 3EE5097945A7F680E320953271EB2D4F, 0B9F2B458177A654F65C5E862B7C55B35E20271B76D5E20A20F30D3223A1216F ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:45:02.0310 0x0eac  RasAgileVpn - ok
11:45:02.0310 0x0eac  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
11:45:02.0326 0x0eac  RasAuto - ok
11:45:02.0326 0x0eac  [ 1BD3022FD6E450B00DE560265638FD2A, 3878B443053DFFED62641BE8736891F426C7121EB8C4DB38FF0F218697133A6D ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:45:02.0341 0x0eac  Rasl2tp - ok
11:45:02.0341 0x0eac  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
11:45:02.0357 0x0eac  RasMan - ok
11:45:02.0372 0x0eac  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:45:02.0372 0x0eac  RasPppoe - ok
11:45:02.0372 0x0eac  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:45:02.0388 0x0eac  RasSstp - ok
11:45:02.0388 0x0eac  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:45:02.0404 0x0eac  rdbss - ok
11:45:02.0404 0x0eac  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
11:45:02.0423 0x0eac  rdpbus - ok
11:45:02.0428 0x0eac  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:45:02.0428 0x0eac  RDPDR - ok
11:45:02.0428 0x0eac  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:45:02.0444 0x0eac  RdpVideoMiniport - ok
11:45:02.0444 0x0eac  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:45:02.0459 0x0eac  rdyboost - ok
11:45:02.0475 0x0eac  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
11:45:02.0491 0x0eac  ReFS - ok
11:45:02.0506 0x0eac  [ 6A3307BA4B0F9017BF4736CF21E37E29, EEE06177D690585E08AEA8DDEBE18586C03E7A81BB68EA0189AB09A7907FA96D ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:45:02.0506 0x0eac  RegSrvc - ok
11:45:02.0506 0x0eac  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:45:02.0537 0x0eac  RemoteAccess - ok
11:45:02.0556 0x0eac  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:45:02.0567 0x0eac  RemoteRegistry - ok
11:45:02.0574 0x0eac  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
11:45:02.0584 0x0eac  RFCOMM - ok
11:45:02.0590 0x0eac  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:45:02.0598 0x0eac  RpcEptMapper - ok
11:45:02.0601 0x0eac  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
11:45:02.0609 0x0eac  RpcLocator - ok
11:45:02.0628 0x0eac  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
11:45:02.0646 0x0eac  RpcSs - ok
11:45:02.0650 0x0eac  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:45:02.0658 0x0eac  rspndr - ok
11:45:02.0675 0x0eac  [ 28BEF2E6CCB3BA4AB67B832FF6F82BF6, DBC02CE0BC044166DD3F79977AC61C4FA2509114665AFF038C89576E6C0CC4E7 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
11:45:02.0692 0x0eac  RTL8168 - ok
11:45:02.0696 0x0eac  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
11:45:02.0702 0x0eac  s3cap - ok
11:45:02.0705 0x0eac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
11:45:02.0711 0x0eac  SamSs - ok
11:45:02.0713 0x0eac  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Programas\SUPERAntiSpyware\SASDIFSV64.SYS
11:45:02.0717 0x0eac  SASDIFSV - ok
11:45:02.0718 0x0eac  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Programas\SUPERAntiSpyware\SASKUTIL64.SYS
11:45:02.0721 0x0eac  SASKUTIL - ok
11:45:02.0790 0x0eac  [ CB852CB9C17F20D3EDDFBF5873F6AC8B, 31FE2A24E1D62B2A46A9DAFF843CAD2EE119E76CF170C834414D9AB09DCBE123 ] SBAMSvc         C:\Program Files (x86)\VIPRE\SBAMSvc.exe
11:45:02.0870 0x0eac  SBAMSvc - ok
11:45:02.0878 0x0eac  [ 5DC482A70471C6C36BB515736EFD8300, 8E2250A7061BF40257CB97984DEBC1897E23CAB6A6F1908ACBE712817228E264 ] sbapifs         C:\Windows\system32\DRIVERS\sbapifs.sys
11:45:02.0883 0x0eac  sbapifs - ok
11:45:02.0889 0x0eac  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:45:02.0896 0x0eac  sbp2port - ok
11:45:02.0901 0x0eac  [ C7448AE3E05B4F552ED094AFBF6FC719, 10DBF1A646625ADB711392303E15ACEE82974D0B46BD875381978D5355F421A4 ] SBPIMSvc        C:\Program Files (x86)\VIPRE\SBPIMSvc.exe
11:45:02.0907 0x0eac  SBPIMSvc - ok
11:45:02.0911 0x0eac  [ 62BD702DA5C16A71E992FF75EC981A3C, 594ABFCF48868C6814D76754EC7EFE6A57976A65E5027FEABCE03F4E6EC9535F ] sbwtis          C:\Windows\system32\DRIVERS\sbwtis.sys
11:45:02.0916 0x0eac  sbwtis - ok
11:45:02.0922 0x0eac  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:45:02.0932 0x0eac  SCardSvr - ok
11:45:02.0937 0x0eac  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
11:45:02.0940 0x0eac  ScDeviceEnum - ok
11:45:02.0940 0x0eac  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:45:02.0940 0x0eac  scfilter - ok
11:45:02.0972 0x0eac  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
11:45:03.0003 0x0eac  Schedule - ok
11:45:03.0003 0x0eac  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:45:03.0018 0x0eac  SCPolicySvc - ok
11:45:03.0018 0x0eac  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
11:45:03.0018 0x0eac  ScreamBAudioSvc - ok
11:45:03.0018 0x0eac  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
11:45:03.0034 0x0eac  sdbus - ok
11:45:03.0065 0x0eac  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:45:03.0097 0x0eac  SDScannerService - ok
11:45:03.0097 0x0eac  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
11:45:03.0112 0x0eac  sdstor - ok
11:45:03.0143 0x0eac  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:45:03.0175 0x0eac  SDUpdateService - ok
11:45:03.0175 0x0eac  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:45:03.0190 0x0eac  SDWSCService - ok
11:45:03.0190 0x0eac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:45:03.0190 0x0eac  secdrv - ok
11:45:03.0206 0x0eac  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
11:45:03.0206 0x0eac  seclogon - ok
11:45:03.0206 0x0eac  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
11:45:03.0222 0x0eac  SENS - ok
11:45:03.0222 0x0eac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsAlsDriver C:\Windows\System32\drivers\WUDFRd.sys
11:45:03.0237 0x0eac  SensorsAlsDriver - ok
11:45:03.0237 0x0eac  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:45:03.0253 0x0eac  SensrSvc - ok
11:45:03.0253 0x0eac  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
11:45:03.0253 0x0eac  SerCx - ok
11:45:03.0268 0x0eac  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
11:45:03.0268 0x0eac  SerCx2 - ok
11:45:03.0268 0x0eac  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
11:45:03.0284 0x0eac  Serenum - ok
11:45:03.0284 0x0eac  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
11:45:03.0284 0x0eac  Serial - ok
11:45:03.0300 0x0eac  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
11:45:03.0300 0x0eac  sermouse - ok
11:45:03.0315 0x0eac  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
11:45:03.0315 0x0eac  SessionEnv - ok
11:45:03.0331 0x0eac  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
11:45:03.0331 0x0eac  sfloppy - ok
11:45:03.0347 0x0eac  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:45:03.0362 0x0eac  SharedAccess - ok
11:45:03.0362 0x0eac  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:45:03.0393 0x0eac  ShellHWDetection - ok
11:45:03.0393 0x0eac  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:45:03.0393 0x0eac  SiSRaid2 - ok
11:45:03.0393 0x0eac  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:45:03.0409 0x0eac  SiSRaid4 - ok
11:45:03.0409 0x0eac  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:45:03.0425 0x0eac  SkypeUpdate - ok
11:45:03.0425 0x0eac  [ F9938B149CAB569E3AB7BE00B0E76DF1, D3910781502E17E0D101F93CBD5AC56035684750DEA770787604EA062D889244 ] SkypeUpdateEx   C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
11:45:03.0440 0x0eac  SkypeUpdateEx - ok
11:45:03.0440 0x0eac  [ D842920AE971B962730EB7D608B50B1A, B46959CD7C2A6014BFBF29198CA7DB68B011838FB42100FA8F2897A0525BC6E6 ] SmartSwitchService C:\Program Files\GIGABYTE\Smart Switch\ElevateService.exe
11:45:03.0440 0x0eac  SmartSwitchService - detected UnsignedFile.Multi.Generic ( 1 )
11:45:06.0771 0x0eac  Detect skipped due to KSN trusted
11:45:06.0771 0x0eac  SmartSwitchService - ok
11:45:06.0771 0x0eac  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
11:45:06.0771 0x0eac  smphost - ok
11:45:06.0786 0x0eac  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:45:06.0786 0x0eac  SNMPTRAP - ok
11:45:06.0802 0x0eac  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
11:45:06.0818 0x0eac  spaceport - ok
11:45:06.0818 0x0eac  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
11:45:06.0818 0x0eac  SpbCx - ok
11:45:06.0833 0x0eac  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\Windows\System32\spoolsv.exe
11:45:06.0849 0x0eac  Spooler - ok
11:45:06.0962 0x0eac  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\Windows\system32\sppsvc.exe
11:45:07.0104 0x0eac  sppsvc - ok
11:45:07.0127 0x0eac  [ 7A3E3D2D71D91D309B2F26F30B3798A6, F5CB4D9045C67DE22DFE1D82553F0E15AA53617D005EF329E0756DAA720D6C7D ] SpyHunter 4 Service C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
11:45:07.0146 0x0eac  SpyHunter 4 Service - ok
11:45:07.0157 0x0eac  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:45:07.0169 0x0eac  srv - ok
11:45:07.0184 0x0eac  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:45:07.0201 0x0eac  srv2 - ok
11:45:07.0208 0x0eac  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:45:07.0217 0x0eac  srvnet - ok
11:45:07.0225 0x0eac  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:45:07.0235 0x0eac  SSDPSRV - ok
11:45:07.0241 0x0eac  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:45:07.0249 0x0eac  SstpSvc - ok
11:45:07.0254 0x0eac  [ 16B2984D7D17ABD2B26DC353C679E520, 51880EF880D1627E666F422185A32AF9A9EB42265688EABB1ABD0A408B09E446 ] Start8          C:\Programas\Stardock\Start8\Start8Srv.exe
11:45:07.0260 0x0eac  Start8 - ok
11:45:07.0276 0x0eac  [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:45:07.0293 0x0eac  Steam Client Service - ok
11:45:07.0303 0x0eac  [ 2E273A5E7A22A2E4EAFB05D6D5D856EB, 80C0380B1244154D5D7A602C50255C01CDA3912EA6EA484A3F438941CC812FD0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:45:07.0312 0x0eac  Stereo Service - ok
11:45:07.0316 0x0eac  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:45:07.0321 0x0eac  stexstor - ok
11:45:07.0335 0x0eac  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
11:45:07.0353 0x0eac  stisvc - ok
11:45:07.0358 0x0eac  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
11:45:07.0365 0x0eac  storahci - ok
11:45:07.0368 0x0eac  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:45:07.0374 0x0eac  storflt - ok
11:45:07.0378 0x0eac  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
11:45:07.0384 0x0eac  stornvme - ok
11:45:07.0387 0x0eac  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
11:45:07.0394 0x0eac  StorSvc - ok
11:45:07.0397 0x0eac  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:45:07.0403 0x0eac  storvsc - ok
11:45:07.0406 0x0eac  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
11:45:07.0413 0x0eac  svsvc - ok
11:45:07.0416 0x0eac  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
11:45:07.0421 0x0eac  swenum - ok
11:45:07.0435 0x0eac  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
11:45:07.0454 0x0eac  swprv - ok
11:45:07.0477 0x0eac  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
11:45:07.0503 0x0eac  SysMain - ok
11:45:07.0511 0x0eac  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:45:07.0522 0x0eac  SystemEventsBroker - ok
11:45:07.0528 0x0eac  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:45:07.0537 0x0eac  TabletInputService - ok
11:45:07.0540 0x0eac  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
11:45:07.0544 0x0eac  tap0901 - ok
11:45:07.0552 0x0eac  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:45:07.0564 0x0eac  TapiSrv - ok
11:45:07.0605 0x0eac  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:45:07.0656 0x0eac  Tcpip - ok
11:45:07.0695 0x0eac  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:45:07.0742 0x0eac  TCPIP6 - ok
11:45:07.0748 0x0eac  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:45:07.0755 0x0eac  tcpipreg - ok
11:45:07.0760 0x0eac  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:45:07.0767 0x0eac  tdx - ok
11:45:07.0851 0x0eac  [ 8305FB462C325A67628E0556DF244B8B, 4ABD5D14E64BE07DD9332E39C3B902A40BD1E763A075F68F0048A7FAEB3019D5 ] TeamViewer      C:\ProgramasTeamViewer\TeamViewer_Service.exe
11:45:07.0950 0x0eac  TeamViewer - ok
11:45:07.0961 0x0eac  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
11:45:07.0966 0x0eac  terminpt - ok
11:45:07.0987 0x0eac  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
11:45:08.0011 0x0eac  TermService - ok
11:45:08.0015 0x0eac  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
11:45:08.0023 0x0eac  Themes - ok
11:45:08.0026 0x0eac  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:45:08.0033 0x0eac  THREADORDER - ok
11:45:08.0040 0x0eac  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
11:45:08.0051 0x0eac  TimeBroker - ok
11:45:08.0056 0x0eac  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
11:45:08.0065 0x0eac  TPM - ok
11:45:08.0069 0x0eac  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
11:45:08.0077 0x0eac  TrkWks - ok
11:45:08.0081 0x0eac  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:45:08.0088 0x0eac  TrustedInstaller - ok
11:45:08.0092 0x0eac  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:45:08.0098 0x0eac  TsUsbFlt - ok
11:45:08.0101 0x0eac  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
11:45:08.0107 0x0eac  TsUsbGD - ok
11:45:08.0112 0x0eac  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:45:08.0122 0x0eac  tunnel - ok
11:45:08.0125 0x0eac  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:45:08.0131 0x0eac  uagp35 - ok
11:45:08.0135 0x0eac  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
11:45:08.0142 0x0eac  UASPStor - ok
11:45:08.0148 0x0eac  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
11:45:08.0157 0x0eac  UCX01000 - ok
11:45:08.0165 0x0eac  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:45:08.0175 0x0eac  udfs - ok
11:45:08.0178 0x0eac  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
11:45:08.0183 0x0eac  UEFI - ok
11:45:08.0188 0x0eac  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:45:08.0194 0x0eac  UI0Detect - ok
11:45:08.0198 0x0eac  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:45:08.0204 0x0eac  uliagpkx - ok
11:45:08.0207 0x0eac  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
11:45:08.0214 0x0eac  umbus - ok
11:45:08.0216 0x0eac  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
11:45:08.0222 0x0eac  UmPass - ok
11:45:08.0229 0x0eac  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:45:08.0241 0x0eac  UmRdpService - ok
11:45:08.0245 0x0eac  [ D7D93320082424FBB25854937D274251, ED4538DE975C4B814EB6B19379A4382881AD696383E574760BE48DC76B24E015 ] Update_Service  C:\Program Files\GIGABYTE\Smart Update\Update_Service.exe
11:45:08.0248 0x0eac  Update_Service - detected UnsignedFile.Multi.Generic ( 1 )
11:45:12.0012 0x0eac  Update_Service ( UnsignedFile.Multi.Generic ) - warning
11:45:12.0012 0x0eac  Force sending object to P2P due to detect: Update_Service
11:45:12.0137 0x0fb4  Object required for P2P: [ 8305FB462C325A67628E0556DF244B8B ] TeamViewer
11:45:13.0686 0x0fb4  Object send P2P result: true
11:45:13.0686 0x0eac  Object send P2P result: true
11:45:15.0282 0x0eac  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
11:45:15.0297 0x0eac  upnphost - ok
11:45:15.0297 0x0eac  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
11:45:15.0313 0x0eac  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
11:45:19.0625 0x0eac  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
11:45:19.0625 0x0eac  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:45:19.0640 0x0eac  usbaudio - ok
11:45:19.0640 0x0eac  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
11:45:19.0640 0x0eac  usbccgp - ok
11:45:19.0656 0x0eac  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
11:45:19.0656 0x0eac  usbcir - ok
11:45:19.0656 0x0eac  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
11:45:19.0671 0x0eac  usbehci - ok
11:45:19.0687 0x0eac  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
11:45:19.0703 0x0eac  usbhub - ok
11:45:19.0703 0x0eac  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
11:45:19.0718 0x0eac  USBHUB3 - ok
11:45:19.0718 0x0eac  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
11:45:19.0734 0x0eac  usbohci - ok
11:45:19.0734 0x0eac  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
11:45:19.0734 0x0eac  usbprint - ok
11:45:19.0750 0x0eac  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
11:45:19.0763 0x0eac  USBSTOR - ok
11:45:19.0767 0x0eac  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
11:45:19.0772 0x0eac  usbuhci - ok
11:45:19.0779 0x0eac  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:45:19.0790 0x0eac  usbvideo - ok
11:45:19.0799 0x0eac  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
11:45:19.0811 0x0eac  USBXHCI - ok
11:45:19.0814 0x0eac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
11:45:19.0820 0x0eac  VaultSvc - ok
11:45:19.0821 0x0eac  VBoxAswDrv - ok
11:45:19.0823 0x0eac  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:45:19.0823 0x0eac  vdrvroot - ok
11:45:19.0854 0x0eac  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
11:45:19.0883 0x0eac  vds - ok
11:45:19.0890 0x0eac  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
11:45:19.0899 0x0eac  VerifierExt - ok
11:45:19.0913 0x0eac  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
11:45:19.0923 0x0eac  vhdmp - ok
11:45:19.0923 0x0eac  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:45:19.0923 0x0eac  viaide - ok
11:45:19.0939 0x0eac  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:45:19.0939 0x0eac  vmbus - ok
11:45:19.0939 0x0eac  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
11:45:19.0954 0x0eac  VMBusHID - ok
11:45:19.0954 0x0eac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
11:45:19.0970 0x0eac  vmicguestinterface - ok
11:45:19.0985 0x0eac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
11:45:20.0001 0x0eac  vmicheartbeat - ok
11:45:20.0001 0x0eac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:45:20.0017 0x0eac  vmickvpexchange - ok
11:45:20.0032 0x0eac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
11:45:20.0032 0x0eac  vmicrdv - ok
11:45:20.0048 0x0eac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
11:45:20.0064 0x0eac  vmicshutdown - ok
11:45:20.0064 0x0eac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
11:45:20.0079 0x0eac  vmictimesync - ok
11:45:20.0095 0x0eac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
11:45:20.0110 0x0eac  vmicvss - ok
11:45:20.0110 0x0eac  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:45:20.0110 0x0eac  volmgr - ok
11:45:20.0126 0x0eac  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:45:20.0142 0x0eac  volmgrx - ok
11:45:20.0142 0x0eac  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:45:20.0157 0x0eac  volsnap - ok
11:45:20.0157 0x0eac  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
11:45:20.0173 0x0eac  vpci - ok
11:45:20.0173 0x0eac  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:45:20.0173 0x0eac  vsmraid - ok
11:45:20.0204 0x0eac  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\Windows\system32\vssvc.exe
11:45:20.0235 0x0eac  VSS - ok
11:45:20.0235 0x0eac  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
11:45:20.0251 0x0eac  VSTXRAID - ok
11:45:20.0251 0x0eac  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:45:20.0267 0x0eac  vwifibus - ok
11:45:20.0267 0x0eac  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:45:20.0282 0x0eac  vwififlt - ok
11:45:20.0282 0x0eac  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:45:20.0282 0x0eac  vwifimp - ok
11:45:20.0298 0x0eac  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
11:45:20.0314 0x0eac  W32Time - ok
11:45:20.0314 0x0eac  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
11:45:20.0314 0x0eac  WacomPen - ok
11:45:20.0314 0x0eac  [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:45:20.0329 0x0eac  WANARP - ok
11:45:20.0329 0x0eac  [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:45:20.0329 0x0eac  Wanarpv6 - ok
11:45:20.0360 0x0eac  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
11:45:20.0399 0x0eac  wbengine - ok
11:45:20.0411 0x0eac  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:45:20.0424 0x0eac  WbioSrvc - ok
11:45:20.0434 0x0eac  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
11:45:20.0446 0x0eac  Wcmsvc - ok
11:45:20.0456 0x0eac  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:45:20.0470 0x0eac  wcncsvc - ok
11:45:20.0473 0x0eac  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:45:20.0480 0x0eac  WcsPlugInService - ok
11:45:20.0484 0x0eac  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
11:45:20.0489 0x0eac  WdBoot - ok
11:45:20.0506 0x0eac  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:45:20.0524 0x0eac  Wdf01000 - ok
11:45:20.0532 0x0eac  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
11:45:20.0542 0x0eac  WdFilter - ok
11:45:20.0546 0x0eac  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:45:20.0555 0x0eac  WdiServiceHost - ok
11:45:20.0557 0x0eac  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:45:20.0565 0x0eac  WdiSystemHost - ok
11:45:20.0570 0x0eac  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
11:45:20.0577 0x0eac  WdNisDrv - ok
11:45:20.0578 0x0eac  WdNisSvc - ok
11:45:20.0585 0x0eac  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
11:45:20.0595 0x0eac  WebClient - ok
11:45:20.0693 0x0eac  [ 82265472E6E89E0C6E108015D27A713E, 318B38E4797F173806A970A31A963527D8DD0784178B408C05BEEC3CC3847134 ] WebProxy        C:\Program Files (x86)\VIPRE\WebProxy.exe
11:45:20.0802 0x0eac  WebProxy - ok
11:45:20.0802 0x0eac  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:45:20.0818 0x0eac  Wecsvc - ok
11:45:20.0818 0x0eac  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
11:45:20.0833 0x0eac  WEPHOSTSVC - ok
11:45:20.0833 0x0eac  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:45:20.0833 0x0eac  wercplsupport - ok
11:45:20.0849 0x0eac  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
11:45:20.0849 0x0eac  WerSvc - ok
11:45:20.0865 0x0eac  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
11:45:20.0865 0x0eac  WFPLWFS - ok
11:45:20.0865 0x0eac  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
11:45:20.0880 0x0eac  WiaRpc - ok
11:45:20.0880 0x0eac  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:45:20.0880 0x0eac  WIMMount - ok
11:45:20.0880 0x0eac  WinDefend - ok
11:45:20.0911 0x0eac  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:45:20.0927 0x0eac  WinHttpAutoProxySvc - ok
11:45:20.0927 0x0eac  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:45:20.0943 0x0eac  Winmgmt - ok
11:45:20.0990 0x0eac  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:45:21.0036 0x0eac  WinRM - ok
11:45:21.0036 0x0eac  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:45:21.0052 0x0eac  WinUsb - ok
11:45:21.0083 0x0eac  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
11:45:21.0115 0x0eac  WlanSvc - ok
11:45:21.0146 0x0eac  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
11:45:21.0177 0x0eac  wlidsvc - ok
11:45:21.0177 0x0eac  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
11:45:21.0177 0x0eac  WmiAcpi - ok
11:45:21.0193 0x0eac  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:45:21.0193 0x0eac  wmiApSrv - ok
11:45:21.0193 0x0eac  WMPNetworkSvc - ok
11:45:21.0208 0x0eac  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
11:45:21.0208 0x0eac  Wof - ok
11:45:21.0240 0x0eac  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
11:45:21.0271 0x0eac  workfolderssvc - ok
11:45:21.0286 0x0eac  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
11:45:21.0286 0x0eac  wpcfltr - ok
11:45:21.0286 0x0eac  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:45:21.0302 0x0eac  WPCSvc - ok
11:45:21.0302 0x0eac  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:45:21.0302 0x0eac  WPDBusEnum - ok
11:45:21.0302 0x0eac  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
11:45:21.0318 0x0eac  WpdUpFltr - ok
11:45:21.0318 0x0eac  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:45:21.0318 0x0eac  ws2ifsl - ok
11:45:21.0333 0x0eac  [ B81732E39ACF6C4B5BCC24EEBF2C1C7C, 76B3E4F652208E6E713E84B985E8CFC13443FC3FAA4B9A79F1EEEF1400DC550F ] WsAppService    C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe
11:45:21.0333 0x0eac  WsAppService - ok
11:45:21.0349 0x0eac  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:45:21.0349 0x0eac  wscsvc - ok
11:45:21.0365 0x0eac  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
11:45:21.0365 0x0eac  WSDPrintDevice - ok
11:45:21.0365 0x0eac  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\Windows\System32\drivers\WSDScan.sys
11:45:21.0365 0x0eac  WSDScan - ok
11:45:21.0380 0x0eac  WSearch - ok
11:45:21.0427 0x0eac  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
11:45:21.0515 0x0eac  WSService - ok
11:45:21.0573 0x0eac  [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv        C:\Windows\system32\wuaueng.dll
11:45:21.0635 0x0eac  wuauserv - ok
11:45:21.0651 0x0eac  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:45:21.0651 0x0eac  WudfPf - ok
11:45:21.0667 0x0eac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
11:45:21.0667 0x0eac  WUDFRd - ok
11:45:21.0667 0x0eac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\Windows\System32\drivers\WUDFRd.sys
11:45:21.0682 0x0eac  WUDFSensorLP - ok
11:45:21.0682 0x0eac  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:45:21.0698 0x0eac  wudfsvc - ok
11:45:21.0698 0x0eac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
11:45:21.0714 0x0eac  WUDFWpdFs - ok
11:45:21.0714 0x0eac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
11:45:21.0714 0x0eac  WUDFWpdMtp - ok
11:45:21.0729 0x0eac  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:45:21.0745 0x0eac  WwanSvc - ok
11:45:21.0839 0x0eac  [ 9398A6D2A71BBA7D3E90FAC6EF9A4C74, B450199173D800DFFD5BFD2E7190D51269E3F458227073771A8E336EBA0D1A04 ] XBox            C:\Users\Oscar\AppData\Roaming\XBox\XBLive.exe
11:45:21.0964 0x0eac  XBox - ok
11:45:22.0026 0x0eac  [ 40F0E0C098F68B06995B36C7175325F0, 5E0D11326CADBB64C7C88A633A834A7FB22306DD13A33F19880257E57B013DCA ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:45:22.0089 0x0eac  ZeroConfigService - ok
11:45:22.0089 0x0eac  ================ Scan global ===============================
11:45:22.0104 0x0eac  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
11:45:22.0104 0x0eac  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
11:45:22.0120 0x0eac  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
11:45:22.0120 0x0eac  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
11:45:22.0135 0x0eac  [ Global ] - ok
11:45:22.0135 0x0eac  ================ Scan MBR ==================================
11:45:22.0135 0x0eac  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:45:22.0151 0x0eac  \Device\Harddisk0\DR0 - ok
11:45:22.0167 0x0eac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:45:22.0245 0x0eac  \Device\Harddisk1\DR1 - ok
11:45:22.0245 0x0eac  ================ Scan VBR ==================================
11:45:22.0245 0x0eac  [ 027770B88BEB2DCF07679B114E982779 ] \Device\Harddisk0\DR0\Partition1
11:45:22.0245 0x0eac  \Device\Harddisk0\DR0\Partition1 - ok
11:45:22.0245 0x0eac  [ 79D0580154C94E1B097B565B90996285 ] \Device\Harddisk0\DR0\Partition2
11:45:22.0245 0x0eac  \Device\Harddisk0\DR0\Partition2 - ok
11:45:22.0245 0x0eac  [ B7406814B77B72F768FF9ECA95B2D62A ] \Device\Harddisk0\DR0\Partition3
11:45:22.0245 0x0eac  \Device\Harddisk0\DR0\Partition3 - ok
11:45:22.0245 0x0eac  [ F5386E8FC2DE16959AD8DB5EAF6BF160 ] \Device\Harddisk0\DR0\Partition4
11:45:22.0245 0x0eac  \Device\Harddisk0\DR0\Partition4 - ok
11:45:22.0245 0x0eac  [ BD666EBBE943FCABC056694CB9E03557 ] \Device\Harddisk0\DR0\Partition5
11:45:22.0245 0x0eac  \Device\Harddisk0\DR0\Partition5 - ok
11:45:22.0245 0x0eac  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
11:45:22.0245 0x0eac  \Device\Harddisk1\DR1\Partition1 - ok
11:45:22.0276 0x0eac  [ B6A46CDAF1B7B68CC262DEFBC2C838BA ] \Device\Harddisk1\DR1\Partition2
11:45:22.0339 0x0eac  \Device\Harddisk1\DR1\Partition2 - ok
11:45:22.0339 0x0eac  ================ Scan generic autorun ======================
11:45:22.0339 0x0eac  [ 3AFB53497E47A09FE736ACFC6B8D62A0, 5C10C23E0E9F4F1B086E20DB68312106429B9913B80C3E2B9823B829796FC32F ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
11:45:22.0339 0x0eac  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:45:22.0339 0x0eac  IAStorIcon ( UnsignedFile.Multi.Generic ) - warning
11:45:22.0535 0x0eac  [ FD2BA533158566CD5A82318D8189C773, 45B265442EAC828442C7A8DCC543A87B86FA494238A6EF7CF2A8D7C68A613F53 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:45:22.0769 0x0eac  RtHDVCpl - ok
11:45:22.0800 0x0eac  [ EC7059FE43C74A6281ECC08253B6D5DB, AE14E00733C0AC394457BFCD4A5ECD884286038BE2C7AAE34E3D32F3F992F29F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:45:22.0831 0x0eac  RtHDVBg_Dolby - ok
11:45:22.0878 0x0eac  [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:45:22.0925 0x0eac  NvBackend - ok
11:45:22.0925 0x0eac  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
11:45:22.0941 0x0eac  ShadowPlay - ok
11:45:22.0941 0x0eac  BTMTrayAgent - ok
11:45:22.0988 0x0eac  [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
11:45:23.0050 0x0eac  EvtMgr6 - ok
11:45:23.0050 0x0eac  [ 1A9D1452ABBC7C6DA6F6EC874669B7E9, 9631C458F21A5C3965B55D533C6CE61817F4BB8B8B063E62F95D959CC37705CF ] C:\Users\Oscar\AppData\Local\VIPRE\Setup\CartSdk\sbrc.exe
11:45:23.0050 0x0eac  SBRegRebootCleaner - ok
11:45:23.0066 0x0eac  [ A2221900B57AEC20577996744FA4A56A, AFEF9176DBA86CDB16A7E84AD0DF6433D4F5865948774FB6B619CBEBEC004592 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
11:45:23.0066 0x0eac  RemoteControl10 - ok
11:45:23.0128 0x0eac  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
11:45:23.0191 0x0eac  SDTray - ok
11:45:23.0238 0x0eac  [ B3DCBD932BAC5D853CD48F53D4EACDE0, 13D179CFB8CEA1B3FF9BFEDE16E08C64C1CCF2D0AE28812ED057A51A8513100D ] C:\Program Files (x86)\VIPRE\SBAMTray.exe
11:45:23.0300 0x0eac  SBAMTray - ok
11:45:23.0300 0x0eac  [ 1ADD59B8E130475AA9289EA32F17257B, D90B58187CDBC5877AF64FD9DD88FB355FB69DE4461EF693C08AE6D92FC4988E ] C:\Program Files\GIGABYTE\Smart Update\urgent.exe
11:45:23.0316 0x0eac  SmartUpdate - detected UnsignedFile.Multi.Generic ( 1 )
11:45:23.0316 0x0eac  SmartUpdate ( UnsignedFile.Multi.Generic ) - warning
11:45:23.0331 0x0eac  [ 0BE64FAB577BFA54443C680343AEC85F, E734355E9D195A60C41CA17073F5F5E2FFED0314A00DE78F1208C15ACFE611CA ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
11:45:23.0347 0x0eac  GoogleChromeAutoLaunch_D08D9DAE1EAB6F612F08AF40ADD97038 - ok
11:45:23.0675 0x0eac  [ 72864378E9DC506B5B8C4C4CABC0CEE8, B12CC30F7E9D67E6D52C1FDE80DCE9B0B06C13C275B2EB342C0BF1F32187B1CE ] C:\Program Files (x86)\SugarSync\SugarSync.exe
11:45:24.0003 0x0eac  SugarSync - ok
11:45:24.0128 0x0eac  [ D5218EE66173405B26B716EBA68133F6, 265820925538A075E753701DC36F89702B3E4C0BE73B8166138495092F339E43 ] D:\Steam\steam.exe
11:45:24.0175 0x0eac  Steam - ok
11:45:24.0222 0x0eac  [ F34001FB7E4EA94D404339CD8B15D84C, 7E76FD43729CE6B6F29C2ED4F6B41BE3232390D9E6224F65AB506C0846BB557D ] C:\Users\Oscar\AppData\Roaming\Spotify\SpotifyWebHelper.exe
11:45:24.0253 0x0eac  Spotify Web Helper - ok
11:45:24.0410 0x0eac  [ B05E1CE24CC555E189FCEB1AD07DFCED, 074E7F84C64B6BB54EE3F1BA4EF1804FA33A21ADB1E80904BF56706AA5EB457D ] C:\Program Files\CCleaner\CCleaner64.exe
11:45:24.0559 0x0eac  CCleaner Monitoring - ok
11:45:24.0684 0x0eac  [ C18CD08106E0650AA63F8A403DE797B2, 7F64C17ADE13996A57D5FAE41405458DFDB8DC63366710B75B610345D92F81FA ] C:\Programas\DisplayFusion\DisplayFusion.exe
11:45:24.0840 0x0eac  DisplayFusion - ok
11:45:24.0950 0x0eac  [ 09C24A487DA063B6626FEDF8FD5B80E0, 34E909D5FACAD7ED78D09FB8103198BEF81323F69F20E4EDF44E54C6D39D3948 ] C:\Users\Oscar\AppData\Roaming\Spotify\Spotify.exe
11:45:25.0075 0x0eac  Spotify - ok
11:45:25.0122 0x0eac  [ 3747BCBACCD672BE5A38E55CB305DC07, FF66C2AD3C3524142E467EA131491B2A707C810682E7BF18BD7F0157F8EE737C ] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
11:45:25.0153 0x0eac  Remote Mouse - detected UnsignedFile.Multi.Generic ( 1 )
11:45:25.0153 0x0eac  Remote Mouse ( UnsignedFile.Multi.Generic ) - warning
11:45:25.0153 0x0eac  Force sending object to P2P due to detect: C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
11:45:25.0168 0x0eac  Object send P2P result: false
11:45:25.0168 0x0eac  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Oscar\AppData\Local\Dropbox\Update\DropboxUpdate.exe
11:45:25.0168 0x0eac  Dropbox Update - ok
11:45:25.0168 0x0eac  Skype - ok
11:45:25.0278 0x0eac  [ A00185C4FB5C31DB5B328A5925060B70, 29AABBA876A6B0BF0F5AF1B957249963043A287F773EE5E3B1C5CF5D0F01FD4A ] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
11:45:25.0418 0x0eac  SUPERAntiSpyware - ok
11:45:25.0434 0x0eac  AV detected via SS2: ThreatTrack Security VIPRE, C:\Program Files (x86)\VIPRE\SBAMWSC.EXE ( 9.0.1.4 ), 0x40000 ( disabled : updated )
11:45:25.0434 0x0eac  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
11:45:25.0434 0x0eac  Win FW state via NFP2: enabled ( trusted )
11:45:25.0434 0x0eac  ============================================================
11:45:25.0434 0x0eac  Scan finished
11:45:25.0434 0x0eac  ============================================================
11:45:25.0434 0x0ea4  Detected object count: 6
11:45:25.0434 0x0ea4  Actual detected object count: 6
11:45:53.0473 0x0ea4  ElevateService ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:53.0473 0x0ea4  ElevateService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:45:53.0473 0x0ea4  Update_Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:53.0473 0x0ea4  Update_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:45:53.0473 0x0ea4  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:53.0473 0x0ea4  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:45:53.0473 0x0ea4  IAStorIcon ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:53.0473 0x0ea4  IAStorIcon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:45:53.0473 0x0ea4  SmartUpdate ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:53.0473 0x0ea4  SmartUpdate ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:45:53.0473 0x0ea4  Remote Mouse ( UnsignedFile.Multi.Generic ) - skipped by user
11:45:53.0473 0x0ea4  Remote Mouse ( UnsignedFile.Multi.Generic ) - User select action: Skip 
 

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nope this one would have caught any AV

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0

#7
musicalogist

musicalogist

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/8/2015
Scan Time: 12:08 PM
Logfile: logmlwb.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.11.08.05
Rootkit Database: v2015.11.04.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Oscar
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 355209
Time Elapsed: 4 min, 23 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 19
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK.1, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK.1, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK.1, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 3
PUP.Optional.OpenCandy, C:\Users\Oscar\AppData\Local\Temp\HYDC1B7.tmp.1447005288\HTA\install.1447005288.zip, Quarantined, [0b8a4d2e96f551e5830b34c0cb36ab55], 
PUP.Optional.OpenCandy, C:\Users\Oscar\AppData\Local\Temp\HYDC1B7.tmp.1447005288\HTA\3rdparty\OCComSDK.dll, Quarantined, [1b7a65165437db5b127c29cbdf228c74], 
PUP.Optional.OpenCandy, C:\Users\Oscar\AppData\Local\Temp\HYDC1B7.tmp.1447005288\HTA\3rdparty\OCSetupHlp.dll, Quarantined, [375e8af1206b7abc8868223d9a6a827e], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is it still behaving ?

Any further problems
  • 0

#9
musicalogist

musicalogist

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Everything appears to be working well...


  • 0

#10
musicalogist

musicalogist

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

A second malwarebytes scan shows nothing

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/8/2015
Scan Time: 2:48 PM
Logfile: 2.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.11.08.05
Rootkit Database: v2015.11.04.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Oscar
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356842
Time Elapsed: 4 min, 46 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP