infected with svchost virus

[dougfy]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014

Ran by Admin (administrator) on OFFICE3 on 23-03-2014 11:42:02

Running from C:\Users\Admin\Downloads

Windows 7 Home Premium (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(AMD) C:\Windows\system32\atiesrxx.exe

(AMD) C:\Windows\system32\atieclxx.exe

(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe

(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe

() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe

(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe

() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe

() C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe

(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncManager.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe

(Microsoft Corporation) C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe

(Corel, Inc.) C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe

() C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe

(Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Lexmark International, Inc.) C:\Windows\system32\spool\DRIVERS\x64\3\lxeaserv.exe

( ) C:\Windows\system32\lxeacoms.exe

(CyberLink) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

(CyberLink Corp.) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

() C:\Windows\SysWOW64\WinMsgBalloonServer.exe

() C:\Windows\SysWOW64\WinMsgBalloonClient.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Devart) C:\Program Files\Devart\dbForge Studio for MySQL\dbforgemysql.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

(Microsoft Corporation) C:\Windows\system32\taskmgr.exe

(Microsoft Corporation) C:\Windows\System32\perfmon.exe

(www.xyplorer.com) C:\Program Files (x86)\XYplorer\XYplorer.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Intuit) C:\Program Files (x86)\TurboTax\Deluxe 2013\32bit\TurboTax.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld.exe

(Scooter Software) C:\Program Files (x86)\Beyond Compare 3\BCompare.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\eclipse\eclipse.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [smartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()

HKLM\...\Run: [lxeamon.exe] - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [770728 2010-05-05] ()

HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [139944 2009-04-29] ()

HKLM-x32\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()

HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [581480 2009-05-12] (Symantec Corporation)

HKLM-x32\...\Run: [updatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [vmware-tray] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [129584 2009-10-22] (VMware, Inc.)

HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Corel Photo Downloader] - C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [532808 2009-01-21] (Corel, Inc.)

HKLM-x32\...\Run: [Corel File Shell Monitor] - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16712 2009-01-21] ()

HKLM-x32\...\Run: [Lexmark S300-S400 Series] - C:\Program Files (x86)\Lexmark S300-S400 Series\fm3032.exe [316072 2009-04-29] ()

HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)

HKU\S-1-5-21-1478126896-2015222628-883510741-1001\...\Run: [sugarSync] - C:\Program Files (x86)\SugarSync\SugarSyncManager.exe [11241824 2014-01-24] (SugarSync, Inc.)

HKU\S-1-5-21-1478126896-2015222628-883510741-1001\...\Run: [igndlm.exe] - C:\Program Files (x86)\Download Manager\DLM.exe [1103216 2009-10-27] (IGN Entertainment)

HKU\S-1-5-21-1478126896-2015222628-883510741-1001\...\Run: [HP Photosmart 6510 series (NET)] - C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)

HKU\S-1-5-21-1478126896-2015222628-883510741-1001\...\Run: [skyDrive] - C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-19] (Microsoft Corporation)

Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://remote-sdjuniper.teradata.com/dana-na/auth/url_2/welcome.cgi

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

SearchScopes: HKCU - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File

BHO-x32: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - NuSphere ToolBar - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar64.dll No File

Toolbar: HKLM-x32 - NuSphere Debugger ToolBar - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar.dll ()

Toolbar: HKLM-x32 - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File

DPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab

DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

DPF: HKLM-x32 {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [320000] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Tcpip\Parameters: [DhcpNameServer] 69.43.143.41 69.43.169.41

 

FireFox:

========

FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default

FF DefaultSearchEngine: Google

FF Homepage: about:blank

FF NetworkProxy: "no_proxies_on", "*.local"

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/wpi,version=1.0 - C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)

FF Plugin-x32: @fileplanet.com/fpdlm - C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/wpi,version=1.1 - C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.7.1 - C:\Users\Admin\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll (Yahoo! Inc.)

FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Admin\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml

FF Extension: Xmarks - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\Extensions\foxmarks@kei.com [2013-05-20]

FF Extension: Office Launcher - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\Extensions\officelaunch@microsoft.com [2013-06-28]

FF Extension: Google Toolbar for Firefox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-10-18]

FF Extension: Firefox Sync - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\Extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef} [2011-10-12]

FF Extension: Add to Amazon Wish List Button - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\Extensions\amznUWL2@amazon.com.xpi [2012-08-20]

FF Extension: CSS Usage - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\Extensions\csscoverage@spaghetticoder.org.xpi [2013-04-03]

FF Extension: Firebug - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\Extensions\firebug@software.joehewitt.com.xpi [2012-07-04]

FF Extension: Addons Engine - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\Extensions\{539769b9-e392-11e2-8276-b8ac6f996f26}.xpi [2013-07-02]

FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension

FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-11-23]

 

Chrome: 

=======

CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]

CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]

CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]

CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]

CHR Extension: (BoogleMarks) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojigclpigghnkdhhkhgjobmoghdecae [2014-03-04]

CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-03]

CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]

 

==================== Services (Whitelisted) =================

 

R2 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [24645 2009-09-28] (Apache Software Foundation)

R2 cpextender; C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe [355496 2011-10-18] (Check Point Software Technologies)

R2 HPBtnSrv; C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [192512 2008-09-30] ()

R2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)

R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )

R2 lxea_device; C:\Windows\SysWOW64\lxeacoms.exe [598696 2010-04-14] ( )

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-03-28] (Robert McNeel & Associates)

S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)

R2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini [8968 2009-11-14] ()

R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)

S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)

S3 Tomcat6; C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe [78336 2010-03-09] (Apache Software Foundation)

S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [191024 2009-10-12] (VMware, Inc.)

S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4773768 2012-10-02] (RealVNC Ltd)

S4 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [X]

 

==================== Drivers (Whitelisted) ====================

 

S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2010-06-24] (Applian Technologies Inc.)

R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2010-06-24] (Applian Technologies Inc.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 VNA; C:\Windows\System32\DRIVERS\vna.sys [161256 2011-10-18] (Check Point Software Technologies)

S4 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [X]

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]

S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]

S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-03-23 11:42 - 2014-03-23 11:42 - 00025814 _____ () C:\Users\Admin\Downloads\FRST.txt

2014-03-22 16:08 - 2014-03-23 11:42 - 00000000 ____D () C:\FRST

2014-03-22 16:06 - 2014-03-22 16:07 - 02157056 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe

2014-03-21 15:59 - 2014-03-21 15:59 - 00000492 _____ () C:\Users\Admin\Desktop\newescan.txt

2014-03-21 08:30 - 2014-03-21 08:30 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu (3).exe

2014-03-20 05:30 - 2014-03-20 05:55 - 397692928 _____ () C:\Users\Admin\Downloads\kav_rescue_10.iso

2014-03-19 23:06 - 2014-03-21 09:48 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0

2014-03-18 18:10 - 2014-03-18 18:10 - 00032890 _____ () C:\ComboFix.txt

2014-03-18 17:01 - 2014-03-18 17:01 - 00001181 _____ () C:\CF-Submit.htm

2014-03-18 15:30 - 2014-03-18 15:30 - 00026501 _____ () C:\Users\Admin\Downloads\SQL-H Tasks-V03-14-2014.xlsx

2014-03-18 15:30 - 2014-03-18 15:30 - 00026501 _____ () C:\Users\Admin\Downloads\SQL-H Tasks-V03-14-2014 (1).xlsx

2014-03-18 10:22 - 2014-03-18 10:22 - 00001047 _____ () C:\Users\Admin\Desktop\scanner.txt

2014-03-18 05:38 - 2014-03-18 05:38 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu (2).exe

2014-03-17 19:59 - 2014-03-17 19:59 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-03-17 19:59 - 2014-03-17 19:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-03-17 19:59 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-03-17 19:41 - 2014-03-17 19:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-1.75.0.1300 (3).exe

2014-03-17 16:10 - 2014-03-17 16:10 - 00001374 _____ () C:\Users\Admin\Desktop\threats.txt

2014-03-17 07:49 - 2014-03-17 07:49 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu (1).exe

2014-03-17 07:49 - 2014-03-17 07:49 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-03-15 09:26 - 2014-03-15 09:26 - 00000606 _____ () C:\Users\Admin\Documents\change_history.sql

2014-03-15 07:38 - 2014-03-15 07:38 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2012

2014-03-15 07:38 - 2014-03-15 07:38 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2012

2014-03-13 07:38 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-03-13 07:38 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-03-13 07:38 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-03-13 07:38 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-03-13 07:38 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-03-13 07:38 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe

2014-03-13 07:38 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe

2014-03-13 07:38 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe

2014-03-13 07:37 - 2014-03-18 18:16 - 00000000 ____D () C:\Qoobox

2014-03-13 07:36 - 2014-03-13 16:35 - 00000000 ____D () C:\Windows\erdnt

2014-03-13 07:33 - 2014-03-18 16:57 - 05190594 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe

2014-03-12 12:30 - 2014-03-12 12:30 - 00001975 _____ () C:\Users\Admin\Desktop\aswMBR2.txt

2014-03-12 09:38 - 2014-03-12 09:39 - 04745728 _____ (AVAST Software) C:\Users\Admin\Downloads\aswmbr (1).exe

2014-03-12 09:30 - 2014-03-12 09:30 - 00380416 _____ () C:\Users\Admin\Downloads\gkz26s23.exe

2014-03-12 08:55 - 2014-03-12 08:55 - 00028679 _____ () C:\Users\Admin\Desktop\dds.txt

2014-03-12 08:55 - 2014-03-12 08:55 - 00015421 _____ () C:\Users\Admin\Desktop\attach.txt

2014-03-12 08:50 - 2014-03-12 12:30 - 00000512 _____ () C:\Users\Admin\Desktop\MBR.dat

2014-03-12 08:50 - 2014-03-12 08:50 - 00002103 _____ () C:\Users\Admin\Desktop\aswMBR.txt

2014-03-12 06:38 - 2014-03-12 06:38 - 01243655 _____ () C:\Users\Admin\Downloads\ProcessExplorer.zip

2014-03-12 06:06 - 2014-03-12 06:06 - 00688992 ____R (Swearware) C:\Users\Admin\Desktop\dds.scr

2014-03-12 06:06 - 2014-03-12 06:06 - 00688992 _____ (Swearware) C:\Users\Admin\Desktop\dds.com

2014-03-12 05:58 - 2014-03-12 05:58 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu.exe

2014-03-12 05:55 - 2014-03-12 05:56 - 04745728 _____ (AVAST Software) C:\Users\Admin\Downloads\aswMBR.exe

2014-03-12 05:51 - 2014-03-12 05:52 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\tdsskiller.exe

2014-03-11 19:10 - 2014-03-11 19:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Runscanner.net

2014-03-11 19:08 - 2014-03-11 19:09 - 02248504 _____ (Runscanner.net) C:\Users\Admin\Downloads\runscanner.exe

2014-03-11 18:38 - 2014-03-11 18:38 - 00021238 _____ () C:\Users\Admin\Downloads\GetServicesInSvchost.zip

2014-03-11 16:40 - 2014-03-12 07:34 - 00249665 _____ () C:\Users\Admin\Downloads\UDA Development 3rd Party Analysis.pptx

2014-03-11 07:00 - 2014-03-11 07:00 - 00020890 _____ () C:\Users\Admin\Downloads\TD15.10_Suggested_Reviewer-Approver_List.xlsx

2014-03-10 06:12 - 2014-03-10 06:12 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-03-10 06:11 - 2014-03-10 06:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-10 06:11 - 2014-03-10 06:12 - 00000000 ____D () C:\Program Files\iTunes

2014-03-10 06:11 - 2014-03-10 06:11 - 00000000 ____D () C:\Program Files\iPod

2014-03-10 05:59 - 2014-03-10 05:59 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-03-09 14:46 - 2014-03-09 14:46 - 00269401 _____ () C:\Users\Admin\Downloads\TD 15.00 SQL-H Enhancements (Charucki) V5.pptx

2014-03-07 12:47 - 2014-03-07 12:47 - 00005579 _____ () C:\Users\Admin\Downloads\ptl.zip

2014-03-07 12:40 - 2014-03-07 12:40 - 00106400 _____ () C:\Users\Admin\Downloads\jdoc.zip

2014-03-04 19:50 - 2014-03-04 19:50 - 00587790 _____ () C:\Users\Admin\Downloads\PandaFalcon.tif

2014-03-04 10:09 - 2014-03-04 10:09 - 00019711 _____ () C:\Users\Admin\Downloads\SQL-H Tasks.xlsx

2014-03-03 11:02 - 2014-03-03 11:03 - 00276472 _____ () C:\Windows\Minidump\030314-50840-01.dmp

2014-03-03 11:02 - 2014-03-03 11:02 - 827094008 _____ () C:\Windows\MEMORY.DMP

2014-03-03 11:02 - 2014-03-03 11:02 - 00000000 ____D () C:\Windows\Minidump

2014-03-03 10:24 - 2014-03-03 10:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-03 10:24 - 2014-03-03 10:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-03 10:20 - 2014-03-03 10:23 - 13079688 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\Silverlight_x64.exe

2014-03-03 08:35 - 2014-03-15 08:24 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-03 08:12 - 2014-03-03 08:12 - 00007650 _____ () C:\Users\Admin_2.office3\AppData\Local\Resmon.ResmonCfg

2014-03-03 08:12 - 2014-03-03 08:12 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\Subversion

2014-03-03 07:56 - 2014-03-03 07:57 - 00000000 ____D () C:\Users\Admin_2.office3\Documents\Snagit

2014-03-03 07:55 - 2014-03-03 07:55 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\Hewlett-Packard

2014-03-03 07:54 - 2014-03-03 07:54 - 00127648 _____ () C:\Users\Admin_2.office3\AppData\Local\GDIPFONTCACHEV1.DAT

2014-03-03 07:54 - 2014-03-03 07:54 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\ATI

2014-03-03 07:54 - 2014-03-03 07:54 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\TechSmith

2014-03-03 07:54 - 2014-03-03 07:54 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\ATI

2014-03-03 07:53 - 2014-03-03 07:54 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\Google

2014-03-03 07:53 - 2014-03-03 07:53 - 00001411 _____ () C:\Users\Admin_2.office3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\Documents\Audible

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\S300-S400 Series

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\PictureMover

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\Apple Computer

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\Adobe

2014-03-03 07:52 - 2014-03-03 07:53 - 00001445 _____ () C:\Users\Admin_2.office3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-03-03 07:51 - 2014-03-03 07:58 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\Hewlett-Packard

2014-03-03 07:51 - 2014-03-03 07:53 - 00000000 ___RD () C:\Users\Admin_2.office3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-03 07:51 - 2014-03-03 07:53 - 00000000 ___RD () C:\Users\Admin_2.office3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-03 07:50 - 2014-03-03 07:50 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\VirtualStore

2014-03-03 07:28 - 2014-03-03 07:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-03-03 07:27 - 2014-03-03 07:26 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-03-03 07:26 - 2014-03-03 07:26 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-03-03 07:26 - 2014-03-03 07:26 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-03-03 07:26 - 2014-03-03 07:26 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-03-03 07:23 - 2014-03-03 07:23 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-7u51 (2).exe

2014-03-03 07:21 - 2014-03-03 07:21 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-7u51 (1).exe

2014-03-03 07:20 - 2014-03-03 07:20 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-7u51.exe

2014-02-28 14:51 - 2014-02-28 14:51 - 00001061 _____ () C:\Users\Admin\Desktop\dbForge Studio for MySQL.lnk

 

==================== One Month Modified Files and Folders =======

 

2014-03-23 11:42 - 2014-03-23 11:42 - 00025814 _____ () C:\Users\Admin\Downloads\FRST.txt

2014-03-23 11:42 - 2014-03-22 16:08 - 00000000 ____D () C:\FRST

2014-03-23 11:10 - 2014-02-11 07:05 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-23 11:01 - 2011-11-23 11:59 - 00000256 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job

2014-03-23 09:28 - 2010-02-12 12:35 - 00000000 ____D () C:\eclipse

2014-03-23 07:13 - 2010-02-22 09:43 - 00000000 ____D () C:\Users\Admin\Documents\TurboTax

2014-03-23 06:50 - 2009-08-30 15:02 - 01240045 _____ () C:\Windows\WindowsUpdate.log

2014-03-23 06:10 - 2010-01-31 09:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-23 03:16 - 2013-11-20 10:27 - 00004970 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for office3-Admin office3

2014-03-22 16:07 - 2014-03-22 16:06 - 02157056 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe

2014-03-21 17:06 - 2009-11-09 21:22 - 00007592 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg

2014-03-21 17:02 - 2009-07-13 21:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-03-21 17:02 - 2009-07-13 21:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-03-21 16:53 - 2009-11-09 22:05 - 00000000 ____D () C:\ProgramData\VMware

2014-03-21 16:51 - 2008-09-19 03:55 - 00014466 _____ () C:\Windows\SysWOW64\NapaSet.txt

2014-03-21 16:50 - 2013-06-28 10:50 - 00000000 ___RD () C:\Users\Admin\SkyDrive

2014-03-21 16:50 - 2010-03-25 14:11 - 00075782 _____ () C:\ProgramData\lxeascan.log

2014-03-21 16:49 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-03-21 16:49 - 2009-07-13 21:51 - 00069850 _____ () C:\Windows\setupact.log

2014-03-21 16:10 - 2010-08-17 19:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\TSVNCache

2014-03-21 16:06 - 2013-04-09 05:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps

2014-03-21 16:06 - 2011-10-18 06:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XYplorer

2014-03-21 15:59 - 2014-03-21 15:59 - 00000492 _____ () C:\Users\Admin\Desktop\newescan.txt

2014-03-21 09:48 - 2014-03-19 23:06 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0

2014-03-21 08:30 - 2014-03-21 08:30 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu (3).exe

2014-03-21 04:58 - 2009-11-09 21:18 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google

2014-03-20 05:55 - 2014-03-20 05:30 - 397692928 _____ () C:\Users\Admin\Downloads\kav_rescue_10.iso

2014-03-18 18:16 - 2014-03-13 07:37 - 00000000 ____D () C:\Qoobox

2014-03-18 18:10 - 2014-03-18 18:10 - 00032890 _____ () C:\ComboFix.txt

2014-03-18 18:04 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini

2014-03-18 17:14 - 2009-11-09 22:10 - 00643060 _____ () C:\Windows\PFRO.log

2014-03-18 17:01 - 2014-03-18 17:01 - 00001181 _____ () C:\CF-Submit.htm

2014-03-18 16:57 - 2014-03-13 07:33 - 05190594 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe

2014-03-18 15:30 - 2014-03-18 15:30 - 00026501 _____ () C:\Users\Admin\Downloads\SQL-H Tasks-V03-14-2014.xlsx

2014-03-18 15:30 - 2014-03-18 15:30 - 00026501 _____ () C:\Users\Admin\Downloads\SQL-H Tasks-V03-14-2014 (1).xlsx

2014-03-18 10:22 - 2014-03-18 10:22 - 00001047 _____ () C:\Users\Admin\Desktop\scanner.txt

2014-03-18 05:39 - 2009-11-18 16:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\SugarSync

2014-03-18 05:38 - 2014-03-18 05:38 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu (2).exe

2014-03-17 19:59 - 2014-03-17 19:59 - 00001111 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-03-17 19:59 - 2014-03-17 19:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-03-17 19:49 - 2014-03-17 19:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-1.75.0.1300 (3).exe

2014-03-17 16:10 - 2014-03-17 16:10 - 00001374 _____ () C:\Users\Admin\Desktop\threats.txt

2014-03-17 07:49 - 2014-03-17 07:49 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu (1).exe

2014-03-17 07:49 - 2014-03-17 07:49 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-03-15 16:44 - 2009-07-13 22:13 - 00876742 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-03-15 16:18 - 2009-12-06 16:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Corel

2014-03-15 15:52 - 2014-02-11 19:04 - 00000075 _____ () C:\Windows\system32\ckzdv.ohd

2014-03-15 09:26 - 2014-03-15 09:26 - 00000606 _____ () C:\Users\Admin\Documents\change_history.sql

2014-03-15 08:24 - 2014-03-03 08:35 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-15 07:40 - 2009-11-09 21:18 - 00000000 ____D () C:\Program Files\Google

2014-03-15 07:40 - 2009-11-09 21:18 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-15 07:38 - 2014-03-15 07:38 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2012

2014-03-15 07:38 - 2014-03-15 07:38 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2012

2014-03-15 07:37 - 2013-06-29 13:25 - 00000000 ____D () C:\ProgramData\Package Cache

2014-03-15 06:58 - 2009-08-10 17:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-03-15 06:54 - 2009-11-13 09:52 - 00000000 ____D () C:\Program Files (x86)\Yahoo!

2014-03-15 06:47 - 2009-11-10 14:43 - 00000000 ____D () C:\ProgramData\Amazon

2014-03-15 06:44 - 2009-11-10 08:49 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-03-15 06:43 - 2011-11-18 14:05 - 00000000 ___RD () C:\Users\Admin\Documents\My TiVo Recordings

2014-03-15 06:43 - 2011-11-18 14:05 - 00000000 ____D () C:\ProgramData\TiVo

2014-03-15 06:22 - 2013-08-18 16:46 - 00000000 ____D () C:\Program Files (x86)\OpenVPN

2014-03-15 06:21 - 2009-11-09 21:18 - 00000000 ____D () C:\ProgramData\Google

2014-03-15 06:20 - 2014-01-24 18:07 - 00000000 ____D () C:\Program Files (x86)\Trend Micro

2014-03-13 16:38 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Default

2014-03-13 16:35 - 2014-03-13 07:36 - 00000000 ____D () C:\Windows\erdnt

2014-03-13 16:30 - 2010-12-19 20:21 - 00000040 ___SH () C:\ProgramData\.zreglib

2014-03-13 10:20 - 2009-11-10 14:31 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-03-13 10:18 - 2009-07-13 19:34 - 19398656 _____ () C:\Windows\system32\config\SYSTEM.bak

2014-03-13 10:18 - 2009-07-13 19:34 - 122683392 _____ () C:\Windows\system32\config\SOFTWARE.bak

2014-03-13 10:18 - 2009-07-13 19:34 - 06291456 _____ () C:\Windows\system32\config\DEFAULT.bak

2014-03-13 10:18 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak

2014-03-13 10:18 - 2009-07-13 19:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak

2014-03-13 10:15 - 2009-11-09 21:09 - 00000000 ____D () C:\Users\Admin

2014-03-12 12:30 - 2014-03-12 12:30 - 00001975 _____ () C:\Users\Admin\Desktop\aswMBR2.txt

2014-03-12 12:30 - 2014-03-12 08:50 - 00000512 _____ () C:\Users\Admin\Desktop\MBR.dat

2014-03-12 09:39 - 2014-03-12 09:38 - 04745728 _____ (AVAST Software) C:\Users\Admin\Downloads\aswmbr (1).exe

2014-03-12 09:30 - 2014-03-12 09:30 - 00380416 _____ () C:\Users\Admin\Downloads\gkz26s23.exe

2014-03-12 08:55 - 2014-03-12 08:55 - 00028679 _____ () C:\Users\Admin\Desktop\dds.txt

2014-03-12 08:55 - 2014-03-12 08:55 - 00015421 _____ () C:\Users\Admin\Desktop\attach.txt

2014-03-12 08:50 - 2014-03-12 08:50 - 00002103 _____ () C:\Users\Admin\Desktop\aswMBR.txt

2014-03-12 07:34 - 2014-03-11 16:40 - 00249665 _____ () C:\Users\Admin\Downloads\UDA Development 3rd Party Analysis.pptx

2014-03-12 06:38 - 2014-03-12 06:38 - 01243655 _____ () C:\Users\Admin\Downloads\ProcessExplorer.zip

2014-03-12 06:06 - 2014-03-12 06:06 - 00688992 ____R (Swearware) C:\Users\Admin\Desktop\dds.scr

2014-03-12 06:06 - 2014-03-12 06:06 - 00688992 _____ (Swearware) C:\Users\Admin\Desktop\dds.com

2014-03-12 05:58 - 2014-03-12 05:58 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu.exe

2014-03-12 05:56 - 2014-03-12 05:55 - 04745728 _____ (AVAST Software) C:\Users\Admin\Downloads\aswMBR.exe

2014-03-12 05:52 - 2014-03-12 05:51 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\tdsskiller.exe

2014-03-11 19:10 - 2014-03-11 19:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Runscanner.net

2014-03-11 19:09 - 2014-03-11 19:08 - 02248504 _____ (Runscanner.net) C:\Users\Admin\Downloads\runscanner.exe

2014-03-11 18:38 - 2014-03-11 18:38 - 00021238 _____ () C:\Users\Admin\Downloads\GetServicesInSvchost.zip

2014-03-11 07:00 - 2014-03-11 07:00 - 00020890 _____ () C:\Users\Admin\Downloads\TD15.10_Suggested_Reviewer-Approver_List.xlsx

2014-03-10 06:12 - 2014-03-10 06:12 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-03-10 06:12 - 2014-03-10 06:11 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-10 06:12 - 2014-03-10 06:11 - 00000000 ____D () C:\Program Files\iTunes

2014-03-10 06:11 - 2014-03-10 06:11 - 00000000 ____D () C:\Program Files\iPod

2014-03-10 06:05 - 2009-11-10 08:47 - 00000000 ____D () C:\ProgramData\Apple

2014-03-10 05:59 - 2014-03-10 05:59 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2014-03-09 14:46 - 2014-03-09 14:46 - 00269401 _____ () C:\Users\Admin\Downloads\TD 15.00 SQL-H Enhancements (Charucki) V5.pptx

2014-03-07 12:47 - 2014-03-07 12:47 - 00005579 _____ () C:\Users\Admin\Downloads\ptl.zip

2014-03-07 12:40 - 2014-03-07 12:40 - 00106400 _____ () C:\Users\Admin\Downloads\jdoc.zip

2014-03-04 20:37 - 2010-03-21 15:15 - 00017440 _____ () C:\Users\Admin\AppData\Roaming\Devart Error Report.txt

2014-03-04 19:50 - 2014-03-04 19:50 - 00587790 _____ () C:\Users\Admin\Downloads\PandaFalcon.tif

2014-03-04 10:09 - 2014-03-04 10:09 - 00019711 _____ () C:\Users\Admin\Downloads\SQL-H Tasks.xlsx

2014-03-03 11:03 - 2014-03-03 11:02 - 00276472 _____ () C:\Windows\Minidump\030314-50840-01.dmp

2014-03-03 11:02 - 2014-03-03 11:02 - 827094008 _____ () C:\Windows\MEMORY.DMP

2014-03-03 11:02 - 2014-03-03 11:02 - 00000000 ____D () C:\Windows\Minidump

2014-03-03 11:00 - 2011-03-29 12:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\webex

2014-03-03 10:24 - 2014-03-03 10:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-03 10:24 - 2014-03-03 10:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-03 10:23 - 2014-03-03 10:20 - 13079688 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\Silverlight_x64.exe

2014-03-03 08:12 - 2014-03-03 08:12 - 00007650 _____ () C:\Users\Admin_2.office3\AppData\Local\Resmon.ResmonCfg

2014-03-03 08:12 - 2014-03-03 08:12 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\Subversion

2014-03-03 08:12 - 2014-02-11 18:00 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\TSVNCache

2014-03-03 07:58 - 2014-03-03 07:51 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\Hewlett-Packard

2014-03-03 07:57 - 2014-03-03 07:56 - 00000000 ____D () C:\Users\Admin_2.office3\Documents\Snagit

2014-03-03 07:55 - 2014-03-03 07:55 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\Hewlett-Packard

2014-03-03 07:54 - 2014-03-03 07:54 - 00127648 _____ () C:\Users\Admin_2.office3\AppData\Local\GDIPFONTCACHEV1.DAT

2014-03-03 07:54 - 2014-03-03 07:54 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\ATI

2014-03-03 07:54 - 2014-03-03 07:54 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\TechSmith

2014-03-03 07:54 - 2014-03-03 07:54 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\ATI

2014-03-03 07:54 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\Google

2014-03-03 07:53 - 2014-03-03 07:53 - 00001411 _____ () C:\Users\Admin_2.office3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\Documents\Audible

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\S300-S400 Series

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\PictureMover

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\Apple Computer

2014-03-03 07:53 - 2014-03-03 07:53 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Roaming\Adobe

2014-03-03 07:53 - 2014-03-03 07:52 - 00001445 _____ () C:\Users\Admin_2.office3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-03-03 07:53 - 2014-03-03 07:51 - 00000000 ___RD () C:\Users\Admin_2.office3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-03 07:53 - 2014-03-03 07:51 - 00000000 ___RD () C:\Users\Admin_2.office3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-03 07:50 - 2014-03-03 07:50 - 00000000 ____D () C:\Users\Admin_2.office3\AppData\Local\VirtualStore

2014-03-03 07:50 - 2014-02-11 17:59 - 00000000 ____D () C:\Users\Admin_2.office3

2014-03-03 07:28 - 2014-03-03 07:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-03-03 07:26 - 2014-03-03 07:27 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-03-03 07:26 - 2014-03-03 07:26 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-03-03 07:26 - 2014-03-03 07:26 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-03-03 07:26 - 2014-03-03 07:26 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-03-03 07:26 - 2009-11-09 22:04 - 00000000 ____D () C:\Program Files (x86)\Java

2014-03-03 07:23 - 2014-03-03 07:23 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-7u51 (2).exe

2014-03-03 07:21 - 2014-03-03 07:21 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-7u51 (1).exe

2014-03-03 07:20 - 2014-03-03 07:20 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\chromeinstall-7u51.exe

2014-03-02 17:01 - 2009-11-09 22:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\VMware

2014-02-28 14:51 - 2014-02-28 14:51 - 00001061 _____ () C:\Users\Admin\Desktop\dbForge Studio for MySQL.lnk

2014-02-28 14:50 - 2009-11-10 21:51 - 00000000 ____D () C:\Users\Admin\Documents\dbForge Studio for MySQL

2014-02-28 10:22 - 2010-03-25 14:29 - 00000000 ____D () C:\ProgramData\Lx_cats

2014-02-21 20:46 - 2010-06-08 20:29 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForAdmin

2014-02-21 20:46 - 2010-06-08 20:29 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForAdmin.job

2014-02-21 11:24 - 2010-03-27 09:04 - 00033669 _____ () C:\ProgramData\lxeaJSW.log

2014-02-21 11:21 - 2010-08-17 11:52 - 00005189 _____ () C:\ProgramData\lxeaDiagnostics.log

 

Alureon:

C:\Users\Admin\AppData\Local\Temp\sibmqci\stuearx\wow.dll

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-03-20 00:37

 

==================== End Of Log ============================

[dougfy]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014

Ran by Admin at 2014-03-23 11:43:07

Running from C:\Users\Admin\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden

ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)

Activate Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.1.20.0 - Symantec)

Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)

Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8900 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 1.5.2.8900 - Adobe Systems Inc.) Hidden

Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden

Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden

Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden

Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )

Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.49 - NOS Microsystems Ltd.)

Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.169 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin 64-bit (HKLM\...\Adobe Flash Player Plugin) (Version: 11.1.102.63 - Adobe Systems Incorporated)

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)

Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden

Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Adobe Reader 9.5.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)

Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden

Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Aimersoft DRM Media Converter(Build 1.5.3.0) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version:  - Aimersoft Software)

Aimersoft DVD Ripper(Build 2.7.4.0) (HKLM-x32\...\Aimersoft DVD Ripper_is1) (Version:  - Aimersoft Software)

Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)

AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden

AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)

Apache HTTP Server 2.2.14 (HKLM-x32\...\{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}) (Version: 2.2.14 - Apache Software Foundation)

Apache Tomcat 6.0 (remove only) (HKLM\...\Apache Tomcat 6.0) (Version:  - )

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ATI Catalyst Install Manager (HKLM\...\{B75608B9-19B7-346D-2D8D-75A86E91F3E2}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.12 - Audible, Inc.)

Beyond Compare Version 3.1.7 (HKLM-x32\...\BeyondCompare3_is1) (Version:  - Scooter Software)

Canon DIGITAL CAMERA Solution Disk Software Guide (HKLM-x32\...\Software Guide) (Version: 1.4.0.1 - Canon Inc.)

CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)

CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)

Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)

Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)

Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)

Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSELPH300HS_IXUS220HS) (Version: 1.0.0.1 - Canon Inc.)

Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.4.0.3 - Canon Inc.)

Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)

Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)

Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)

Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)

Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)

Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Core Implementation (x32 Version: 2009.0520.1631.27815 - ATI) Hidden

Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0520.1631.27815 - ATI) Hidden

Catalyst Control Center Graphics Full New (x32 Version: 2009.0520.1631.27815 - ATI) Hidden

Catalyst Control Center Graphics Light (x32 Version: 2009.0520.1631.27815 - ATI) Hidden

Catalyst Control Center HydraVision Full (x32 Version: 2009.0520.1631.27815 - ATI) Hidden

Catalyst Control Center Localization All (x32 Version: 2009.0520.1631.27815 - ATI) Hidden

CCC Help Chinese Standard (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Chinese Traditional (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Czech (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Danish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Dutch (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help English (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Finnish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help French (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help German (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Greek (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Hungarian (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Italian (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Japanese (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Korean (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Norwegian (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Polish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Portuguese (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Russian (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Spanish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Swedish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Thai (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

CCC Help Turkish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden

ccc-core-static (x32 Version: 2009.0520.1631.27815 - ATI) Hidden

ccc-utility64 (Version: 2009.0520.1631.27815 - ATI) Hidden

Check Point SSL Network Extender Service (HKLM-x32\...\{658ad7c8-e1ad-476a-b35a-1f23c6fe5887}) (Version: 7.01.0000 - CheckPoint)

Chrome Embedded Browser version 3.1547.32 (HKLM-x32\...\Chrome Embedded Browser_is1) (Version: 3.1547.32 - NuSphere Corp.)

Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden

Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)

Corel PaintShop Pro X5 (HKLM-x32\...\_{1563C6F2-E9B5-42DE-9EA6-207C9A8C2DFB}) (Version: 15.2.0.12 - Corel Corporation)

Corel PaintShop Pro X5 (x32 Version: 15.2.0.12 - Corel Corporation) Hidden

Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated) <==== ATTENTION

Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden

CSE HTML Validator Lite v11.02 (HKLM-x32\...\CSEHTMLVALIDATORLITE110_is1) (Version:  - AI Internet Solutions LLC)

CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)

CyberLink DVD Suite Deluxe (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden

Devart dbForge Studio for MySQL, v5.0 Professional Edition (HKLM-x32\...\DevartStudioMySql_is1) (Version: 5.0.82 - Devart)

Devart dbForge Studio for MySQL, v6.1 Professional Edition (HKLM\...\DevartStudioMySql_is1) (Version: 6.1.164 - Devart)

DHTML Menu Studio (HKLM-x32\...\DHTML Menu Studio Professional_is1) (Version: 5.0.0.146 - Xtreeme GmbH)

DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden

Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)

Download Manager 2.3.10 (HKLM-x32\...\Download Manager) (Version: 2.3.10 - IGN Entertainment, Inc.)

Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Flash DVD Ripper (HKLM-x32\...\Flash DVD Ripper) (Version: 0.92 - dvdripsys)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.896 - Citrix Online, a division of Citrix Systems, Inc.)

HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)

HP Customer Experience Enhancements (HKLM-x32\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)

HP Easy Backup (HKLM-x32\...\{67431FA8-4B89-42DD-A68E-30D77F6C8D99}_is1) (Version: 1.0.8.0 - Hewlett-Packard)

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)

HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)

HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)

HP MediaSmart DVD (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden

HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)

HP MediaSmart Movie Themes (x32 Version: 3.0.3102 - Hewlett-Packard) Hidden

HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3205 - Hewlett-Packard)

HP MediaSmart Music/Photo/Video (x32 Version: 3.0.3205 - Hewlett-Packard) Hidden

HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)

HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)

HP Photosmart 6510 series Basic Device Software (HKLM\...\{EB0D4D8B-A604-42D3-84D8-CCAFA75F753E}) (Version: 24.0.342.0 - Hewlett-Packard Co.)

HP Photosmart 6510 series Help (HKLM-x32\...\{A2F95F8C-CDA9-4B08-BAD1-CA9656E4EC14}) (Version: 140.0.2.2 - Hewlett Packard)

HP Photosmart 6510 series Product Improvement Study (HKLM\...\{7EC37923-61DD-4C31-A602-8A9F0C5CF2A1}) (Version: 24.0.342.0 - Hewlett-Packard Co.)

HP Photosmart Prem C410 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{C1164ED0-EF08-4B0B-8084-3BDAEAAEFD8D}) (Version: 14.0 - HP)

HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)

HP Remote Solution (x32 Version: 1.1.9.0 - TopSeed) Hidden

HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)

HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)

HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)

HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden

HydraVision (x32 Version: 4.2.98.0 - ATI Technologies Inc.) Hidden

ICA (x32 Version: 15.2.0.12 - Corel Corporation) Hidden

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

IntelliJ IDEA 10.0.2 (HKLM-x32\...\IntelliJ IDEA 10.0.2) (Version: 103.72 - JetBrains s.r.o.)

IPM_PSP_COM (x32 Version: 15.2.0.12 - Corel Corporation) Hidden

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)

Java 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)

Java SE Development Kit 6 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)

Juniper Networks Cache Cleaner 6.4.0 (HKCU\...\Juniper_Networks_Cache_Cleaner 6.4.0) (Version: 6.4.0.14619 - Juniper Networks)

Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 7.0.0.17289 - Juniper Networks)

Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.2.4.9429 - Juniper Networks)

Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)

Juniper Terminal Services Client (HKCU\...\Juniper_Term_Services) (Version: 7.0.0.17289 - Juniper Networks)

kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)

LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden

Lexmark Printable Web (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )

Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version:  - Lexmark International, Inc.)

Lexmark Toolbar (HKLM-x32\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.3.37.0 - )

Lexmark Tools for Office (HKLM-x32\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.29.0.0 - )

LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden

Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)

Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden

Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (x32 Version: 2.0.30717.9005 - Microsoft Corporation) Hidden

Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4551.1011 - Microsoft Corporation)

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)

Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)

Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)

Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Professional - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden

Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)

Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Express 2012 for Windows Desktop (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Web Platform Installer 2.0 (HKLM\...\{59996900-0E6C-45B7-8C39-C64CB98462E4}) (Version: 2.1.1 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)

Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)

Mozilla Embedded Browser version 26.0.0 (HKLM-x32\...\Mozilla Embedded Browser_is1) (Version: 26.0.0 - NuSphere Corp.)

Mozilla Firefox 13.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 en-US)) (Version: 13.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySQL Server 5.1 (HKLM-x32\...\{AFAC4AF7-C3E4-4E15-8118-18CD0896DF3B}) (Version: 5.1.40 - MySQL AB)

NetBeans IDE 6.8 (HKLM-x32\...\nbi-nb-base-6.8.0.0.0) (Version: 6.8 - NetBeans.org)

Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden

NuSphere PhpED version 12.0 (HKLM-x32\...\NuSphere PhpED_is1) (Version: 12.0 - NuSphere Corp.)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden

OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)

Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden

PHP 5.2.11 (HKLM-x32\...\{89C096A7-9A21-4402-9CD5-A09DA89551F0}) (Version: 5.2.11 - The PHP Group)

Php Documentor version 2.0 for NuSphere PhpED (HKLM-x32\...\PHP Documentor_is1) (Version: 12.0 - NuSphere Corp.)

php-4.4.9 for NuSphere PhpED (HKLM-x32\...\PHP_is1) (Version: 12.0 - NuSphere Corp.)

php-5.2.17 for NuSphere PhpED (HKLM-x32\...\PHP5_is1) (Version: 12.0 - NuSphere Corp.)

php-5.3.0 for NuSphere PhpED (HKLM-x32\...\PHP53_is1) (Version: 5.9 - NuSphere Corp.)

php-5.4.23 for NuSphere PhpED (HKLM-x32\...\PHP54_is1) (Version: 12.0 - NuSphere Corp.)

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)

Plato DVD Ripper Professional 6.66.13 (HKLM-x32\...\Plato DVD Ripper Professional_is1) (Version:  - Plato Global Creativity)

Polystyle 2.0zo (trial) for NuSphere PhpED (HKLM-x32\...\POLYSTYLE_is1) (Version: 5.9 - NuSphere Corp.)

Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)

Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden

PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)

PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden

PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden

Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)

PS_AIO_07_C410_SW_Min (x32 Version: 140.0.273.000 - Hewlett-Packard) Hidden

PSPPContent (x32 Version: 15.2.0.12 - Corel Corporation) Hidden

PSPPHelp (x32 Version: 15.2.0.12 - Corel Corporation) Hidden

PSPPro64 (Version: 15.2.0.12 - Corel Corporation) Hidden

Python 2.6.4 (HKLM-x32\...\{E7394A0F-3F80-45B1-87FC-ABCD51893246}) (Version: 2.6.4150 - Python Software Foundation)

Python 3.1.1 (64-bit) (HKLM\...\{7FF90460-89B7-435B-B583-B37B2815CCC8}) (Version: 3.1.1150 - Python Software Foundation)

Quicken 2009 (HKLM-x32\...\{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}) (Version: 18.1.6.25 - Intuit)

Quicken 2011 (HKLM-x32\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 2.4.1540.26 - AMD)

RAIDXpert (x32 Version: 2.4.1540.26 - AMD) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5882 - Realtek Semiconductor Corp.)

Replay Media Catcher 4 (HKLM\...\{7105B74C-1124-40BC-919D-1B9A8F4517C5}) (Version: 4.0.4 - Applian Technologies)

Rhinoceros 5 Evaluation (64-bit) (HKLM\...\{0F82307B-A772-4460-868B-CF84C0A5861D}) (Version: 5.2.30328.21415 - Robert McNeel & Associates)

Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)

Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden

Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)

Setup (x32 Version: 15.2.0.12 - Corel Corporation) Hidden

Sid Meier's Railroads! (HKLM-x32\...\{141154CC-B23D-40E0-8242-1A747CA9B482}) (Version: 1.10 - Firaxis Games)

SMA WebBox.RPC (HKLM-x32\...\{6E97BB54-3A8D-407E-9FC0-DF55773AABC1}) (Version: 1.0.0 - SMA Technologie AG)

Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden

SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.97.122348 - SugarSync, Inc.)

Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Sun GlassFish Enterprise Server v3 (HKLM-x32\...\nbi-glassfish-mod-sun-3.0.0.74.2) (Version:  - )

Sunny Data Control (HKLM-x32\...\Sunny Data Control) (Version:  - )

Sunny Explorer (HKLM-x32\...\{C3AE7777-69E1-4929-A7E6-2B347E62AC67}) (Version: 1.1.11 - SMA Solar Technology AG)

Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

tools-freebsd (x32 Version: 8.1.3.9911 - VMware, Inc.) Hidden

tools-linux (x32 Version: 8.1.3.9911 - VMware, Inc.) Hidden

tools-netware (x32 Version: 8.1.3.9911 - VMware, Inc.) Hidden

tools-solaris (x32 Version: 8.1.3.9911 - VMware, Inc.) Hidden

tools-windows (x32 Version: 8.1.3.9911 - VMware, Inc.) Hidden

tools-winPre2k (x32 Version: 8.1.3.9911 - VMware, Inc.) Hidden

TortoiseSVN 1.6.10.19898 (64 bit) (HKLM\...\{36A415C2-7181-421D-92C9-8255766E0FF3}) (Version: 1.6.19898 - TortoiseSVN)

TurboTax 2009 (HKLM-x32\...\TurboTax 2009) (Version:  - Intuit, Inc)

TurboTax 2009 wcaiper (x32 Version: 009.000.0862 - Intuit Inc.) Hidden

TurboTax 2009 WinPerFedFormset (x32 Version: 009.000.2068 - Intuit Inc.) Hidden

TurboTax 2009 WinPerReleaseEngine (x32 Version: 009.000.0328 - Intuit Inc.) Hidden

TurboTax 2009 WinPerTaxSupport (x32 Version: 009.000.0238 - Intuit Inc.) Hidden

TurboTax 2009 wrapper (x32 Version: 009.000.0145 - Intuit Inc.) Hidden

TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)

TurboTax 2010 wcaiper (x32 Version: 010.000.1291 - Intuit Inc.) Hidden

TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.4012 - Intuit Inc.) Hidden

TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0457 - Intuit Inc.) Hidden

TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0213 - Intuit Inc.) Hidden

TurboTax 2010 wrapper (x32 Version: 010.000.0157 - Intuit Inc.) Hidden

TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)

TurboTax 2011 wcaiper (x32 Version: 011.000.1647 - Intuit Inc.) Hidden

TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2999 - Intuit Inc.) Hidden

TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0474 - Intuit Inc.) Hidden

TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0214 - Intuit Inc.) Hidden

TurboTax 2011 wrapper (x32 Version: 011.000.0121 - Intuit Inc.) Hidden

TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)

TurboTax 2012 wcaiper (x32 Version: 012.000.1430 - Intuit Inc.) Hidden

TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2083 - Intuit Inc.) Hidden

TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451 - Intuit Inc.) Hidden

TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179 - Intuit Inc.) Hidden

TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden

TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)

TurboTax 2013 wcaiper (x32 Version: 013.000.1236 - Intuit Inc.) Hidden

TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1911 - Intuit Inc.) Hidden

TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0492 - Intuit Inc.) Hidden

TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0168 - Intuit Inc.) Hidden

TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden

UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.0.9.6.1 - uvnc bvba)

UltraVNC 1.0.6.5 (HKLM-x32\...\Ultravnc2_is1) (Version: 1.0.6.5 - 1.0.6.5)

Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)

Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)

VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 7.0.0.9911 - VMware, Inc)

VMware Workstation (x32 Version: 7.0.0.9911 - VMware, Inc.) Hidden

VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)

VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)

VNC Server 5.0.3 (HKLM\...\RealVNC_is1) (Version: 5.0.3 - RealVNC Ltd)

VNC Viewer 5.0.3 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.3 - RealVNC Ltd)

Vue 11 Infinite PLE 64bit (HKLM-x32\...\Vue 11 Infinite PLE 64bit) (Version: 11 - e-on software)

Vue 5 Esprit (HKLM-x32\...\Esprit) (Version: 5 - e-on software)

Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden

WinZip 14.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}) (Version: 14.0.8688 - WinZip Computing, S.L. )

wxPython 2.8.10.1 (unicode) for Python 2.6 (HKLM\...\wxPython2.8-unicode-py26_is1) (Version: 2.8.10.1-unicode - Total Control Software)

XYplorer 10.40 (HKLM-x32\...\XYplorer) (Version: 10.40 - Donald Lessau)

Yahoo! BrowserPlus 2.7.1 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)

[Psychotic]

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

• Execute TDSSKiller.exe by doubleclicking on it.
• Press Start Scan
  
• If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  
• Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt
  

Please post the contents of that log in your next reply.

[dougfy]

==================== Restore Points  =========================

 

03-03-2014 14:25:55 Installed Java 7 Update 51

13-03-2014 14:39:11 ComboFix created restore point

15-03-2014 13:20:12 Removed HiJackThis

15-03-2014 13:44:04 Removed VoiceOver Kit

15-03-2014 13:44:27 Removed Bonjour

15-03-2014 13:46:53 Configured Amazon Unbox Video

15-03-2014 13:50:35 Removed Snagit 10

15-03-2014 13:52:32 Removed iTeleport Connect

15-03-2014 13:53:22 Removed TidySongs

15-03-2014 14:35:49 Windows Update

18-03-2014 23:58:44 ComboFix created restore point

 

==================== Hosts content: ==========================

 

2009-07-13 19:34 - 2014-03-18 18:04 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {01D91FC3-51B4-44E6-AC78-664617AEC937} - System32\Tasks\HPCeeScheduleForAdmin => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-05-26] (Hewlett-Packard)

Task: {031FFAB9-C56A-47A3-8966-C5579556E1EA} - System32\Tasks\Security Center Update - 2736065859 => C:\Users\Admin\AppData\Roaming\Wemygo\emitun.exe <==== ATTENTION

Task: {04C816CA-DF08-44ED-AD73-DC4EB9A7C787} - System32\Tasks\Security Center Update - 706396651 => C:\Users\Admin\AppData\Roaming\Zuubossy\tozeg.exe <==== ATTENTION

Task: {07CE8D45-A812-461B-9BE7-58FA12B74333} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)

Task: {0B44194F-0C59-4420-935E-95298FEDD38C} - System32\Tasks\Security Center Update - 3411692055 => C:\Users\Admin\AppData\Roaming\Ucxocyp\ergik.exe <==== ATTENTION

Task: {11E39CAC-4FD5-4E0D-9B7D-902252F36104} - System32\Tasks\Security Center Update - 681099924 => C:\Users\Admin\AppData\Roaming\Qeekda\owpiif.exe <==== ATTENTION

Task: {1E0DBEE6-BDB7-40DB-BA1C-5D8C449A83E8} - System32\Tasks\Security Center Update - 1444189381 => C:\Users\Admin\AppData\Roaming\Dydixo\hyhoaqp.exe <==== ATTENTION

Task: {1F694312-4189-4FDE-B475-18F572BB4034} - System32\Tasks\Security Center Update - 3871434678 => C:\Users\Admin\AppData\Roaming\Itefsaq\affeyb.exe <==== ATTENTION

Task: {217BF03C-2115-4CF9-AC8D-C9CC974846EB} - System32\Tasks\Security Center Update - 3954953451 => C:\Users\Admin\AppData\Roaming\Vuuzwaak\reuxiqa.exe <==== ATTENTION

Task: {2D7B81D7-7763-4ECF-85FE-7BD6BC2047FA} - System32\Tasks\Security Center Update - 3944441187 => C:\Users\Admin\AppData\Roaming\Mafopym\fuewqe.exe <==== ATTENTION

Task: {3175C2C4-8B41-4A06-B620-8473B6508293} - System32\Tasks\Security Center Update - 1182235102 => C:\Users\Admin\AppData\Roaming\Wylaucu\ciuviz.exe <==== ATTENTION

Task: {31B731D8-AD8D-44C5-B8DD-DB1BE277462B} - System32\Tasks\Security Center Update - 1472345837 => C:\Users\Admin\AppData\Roaming\Ufukde\omixxi.exe <==== ATTENTION

Task: {3395C9A7-1AC3-49F6-BA5A-1C2D8AFB8EB1} - System32\Tasks\Security Center Update - 3395661542 => C:\Users\Admin\AppData\Roaming\Bezayrs\fautkib.exe <==== ATTENTION

Task: {380E10CF-6B07-4DE1-A374-FC9FF78485B8} - System32\Tasks\Security Center Update - 3115137963 => C:\Users\Admin\AppData\Roaming\Erulzu\iwxio.exe <==== ATTENTION

Task: {46EAFE0B-7E02-4AC8-A587-A3DB8FB60400} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-08-05] (CyberLink)

Task: {4C0058AF-4158-4EA0-B1DB-385E7C1359F1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for office3-Admin office3 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2013-12-13] (Microsoft Corporation)

Task: {4CBCBB31-B3F2-4FAB-9784-AA007C7423B2} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)

Task: {5493430C-0D47-4B3D-B639-B2BEB7499755} - System32\Tasks\Security Center Update - 1176687730 => C:\Users\Admin\AppData\Roaming\Latayt\veusot.exe <==== ATTENTION

Task: {5530497B-85B7-48BE-8236-3A5C484BFA40} - System32\Tasks\Security Center Update - 1241623169 => C:\Users\Admin\AppData\Roaming\Ywocykb\oxmuo.exe <==== ATTENTION

Task: {584859CA-3CBB-4BD4-BC50-7F80A5AA737E} - System32\Tasks\Security Center Update - 2758105530 => C:\Users\Admin\AppData\Roaming\Kiuvudew\uvzuaco.exe <==== ATTENTION

Task: {625E6E49-8D4C-4E8A-AE0C-1C8CA2C4548D} - System32\Tasks\Security Center Update - 3610152834 => C:\Users\Admin\AppData\Roaming\Aculhocu\fazyox.exe <==== ATTENTION

Task: {62DCB956-1B70-4963-8954-05CCEE7C59EA} - System32\Tasks\Security Center Update - 2275076264 => C:\Users\Admin\AppData\Roaming\Gahibixy\anyvi.exe <==== ATTENTION

Task: {63FC893B-9F78-4EFB-986C-A98AFFFA0E58} - System32\Tasks\Security Center Update - 1378894183 => C:\Users\Admin\AppData\Roaming\Itxigavo\tayccie.exe <==== ATTENTION

Task: {65A7EEFF-95A7-4AFF-9EB7-768D7FAF7566} - System32\Tasks\Security Center Update - 3721701206 => C:\Users\Admin\AppData\Roaming\Gaecalax\daomezk.exe <==== ATTENTION

Task: {65CAC0C5-43BC-4151-8B02-F17249EE96FB} - System32\Tasks\Security Center Update - 1633832563 => C:\Users\Admin\AppData\Roaming\Oluzegb\tixemio.exe <==== ATTENTION

Task: {6A603FD4-02CA-4DBB-BC1E-3E718E199985} - System32\Tasks\Security Center Update - 4272621193 => C:\Users\Admin\AppData\Roaming\Feycvoem\laudiq.exe <==== ATTENTION

Task: {6B76181A-50FC-42E4-B73D-1DE918A5B46E} - System32\Tasks\Security Center Update - 8649554 => C:\Users\Admin\AppData\Roaming\Yvodloy\ytvyu.exe <==== ATTENTION

Task: {6F53B3B8-54A4-4E97-B577-7190FA764C46} - System32\Tasks\Security Center Update - 3329014062 => C:\Users\Admin\AppData\Roaming\Megepi\ygdot.exe <==== ATTENTION

Task: {7710C820-7094-47A7-8199-A2172F87AAA5} - System32\Tasks\Security Center Update - 1749041498 => C:\Users\Admin\AppData\Roaming\Olnifidu\abaxylg.exe <==== ATTENTION

Task: {792AC7E5-A494-4C2A-A5D1-BFCB841344B7} - System32\Tasks\Security Center Update - 1296942126 => C:\Users\Admin\AppData\Roaming\Evezozug\elefs.exe <==== ATTENTION

Task: {7A1C43B0-1831-4E9F-A06A-F66EF23804BB} - System32\Tasks\Security Center Update - 1629852788 => C:\Users\Admin\AppData\Roaming\Voykvyah\vyeppe.exe <==== ATTENTION

Task: {8434DDB8-4424-4023-BA5E-34FE794369E0} - System32\Tasks\Security Center Update - 2099076786 => C:\Users\Admin\AppData\Roaming\Ruhoge\wyywci.exe <==== ATTENTION

Task: {85E6CBA5-61DB-4C8B-A32F-7C41567BD308} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()

Task: {8A12E498-4B32-4AB4-8E8F-8C10A239FCC3} - System32\Tasks\Security Center Update - 815855698 => C:\Users\Admin\AppData\Roaming\Irnomee\urbuo.exe <==== ATTENTION

Task: {8A1895E6-5904-4BEF-A46F-672D6C5DE0B6} - System32\Tasks\Security Center Update - 2342533223 => C:\Users\Admin\AppData\Roaming\Eldiyx\erviy.exe <==== ATTENTION

Task: {8A314A3C-C13C-4B84-965F-089A818A098D} - System32\Tasks\Security Center Update - 677259027 => C:\Users\Admin\AppData\Roaming\Axqyukb\divyogr.exe <==== ATTENTION

Task: {8CB5855D-608D-4213-B292-AC14CC577B1B} - System32\Tasks\Security Center Update - 805193728 => C:\Users\Admin\AppData\Roaming\Huotoz\hicee.exe <==== ATTENTION

Task: {8E9E2C72-BAEE-4A38-A472-06AA84B23D2C} - System32\Tasks\Security Center Update - 3370276355 => C:\Users\Admin\AppData\Roaming\Enypsage\voxaed.exe <==== ATTENTION

Task: {911604EE-DA21-4D56-B8BC-B2DB700CF00F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-02] (Microsoft Corporation)

Task: {9575D23A-4CF7-4678-8141-FCC52A5DAFF6} - System32\Tasks\GreatArcadeHits => C:\Users\Admin\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION

Task: {9A600629-3026-48FA-928B-299BB74CC9DB} - System32\Tasks\Security Center Update - 2827265108 => C:\Users\Admin\AppData\Roaming\Dairycz\puloog.exe <==== ATTENTION

Task: {9DF006EC-76DE-40CF-B8E0-1098824719BC} - System32\Tasks\Security Center Update - 2721507468 => C:\Users\Admin\AppData\Roaming\Uqnuertu\odipa.exe <==== ATTENTION

Task: {A0552377-9308-46A3-AD63-D3EE6D0BF386} - System32\Tasks\HPCustParticipation HP Photosmart 6510 series => C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.)

Task: {A9A2D1A9-FCE6-4018-A16C-7ECF6861FEE3} - System32\Tasks\Security Center Update - 1811950257 => C:\Users\Admin\AppData\Roaming\Ymboyny\ytzuuk.exe <==== ATTENTION

Task: {ADEDDD9E-892B-4DF1-9F74-E61A0FEC0251} - System32\Tasks\Security Center Update - 4092694008 => C:\Users\Admin\AppData\Roaming\Faisyro\angyyqy.exe <==== ATTENTION

Task: {AF03992B-9F81-4ACD-861B-BCA78B4326B8} - System32\Tasks\Security Center Update - 520819304 => C:\Users\Admin\AppData\Roaming\Guubnu\innyalc.exe <==== ATTENTION

Task: {AF1D32E5-3875-4365-AD08-2A9A99F3249F} - System32\Tasks\Security Center Update - 4189867309 => C:\Users\Admin\AppData\Roaming\Vomafa\yspupe.exe <==== ATTENTION

Task: {B031BCA8-E333-4283-9490-DCC6F1A3C9FF} - System32\Tasks\Security Center Update - 3440882438 => C:\Users\Admin\AppData\Roaming\Ihzoolv\ebzunoi.exe <==== ATTENTION

Task: {B08DE647-CF17-4D8A-8479-8C8E048C908B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31] (Google Inc.)

Task: {B0D60E3A-0FC2-4BA7-85CF-60C82CBD942E} - System32\Tasks\Security Center Update - 4112005159 => C:\Users\Admin\AppData\Roaming\Uvylyhi\fyyku.exe <==== ATTENTION

Task: {BD47F682-E518-4ECB-B217-93E2DCB52F2D} - System32\Tasks\Security Center Update - 385443552 => C:\Users\Admin\AppData\Roaming\Avwuofo\enyto.exe <==== ATTENTION

Task: {C1E42295-68A4-44CC-BB0F-24A4DF2AE3BC} - System32\Tasks\Security Center Update - 3920828216 => C:\Users\Admin\AppData\Roaming\Avvake\riaqpa.exe <==== ATTENTION

Task: {C29B208A-458C-4B14-9FCE-805DB98A425E} - System32\Tasks\Security Center Update - 4288038319 => C:\Users\Admin\AppData\Roaming\Curuqiy\awizyzk.exe <==== ATTENTION

Task: {C44410DC-BBED-4F29-8767-32AAE0F79756} - System32\Tasks\Security Center Update - 1431152682 => C:\Users\Admin\AppData\Roaming\Orylbau\ursezi.exe <==== ATTENTION

Task: {C8BB5898-7FCB-4E26-91A5-1FAF65B56BEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31] (Google Inc.)

Task: {CE4468BD-5249-4C85-906E-385C93DF3DD8} - System32\Tasks\hpUrlLauncher.exe_{DAA9729C-98DB-408A-B66A-BAFA2C816AD4} => C:\Program Files\HP\HP Photosmart 6510 series\Bin\utils\hpUrlLauncher.exe [2011-05-25] (Hewlett-Packard Co.)

Task: {D5D4DEA0-C304-4E18-A9EA-7C4764DEDF21} - System32\Tasks\Security Center Update - 409024435 => C:\Users\Admin\AppData\Roaming\Uwabru\rezox.exe <==== ATTENTION

Task: {D7EAA01D-8452-4710-8D01-636DF30A6557} - System32\Tasks\Security Center Update - 1568841979 => C:\Users\Admin\AppData\Roaming\Dykimoyr\heoka.exe <==== ATTENTION

Task: {DA366A8F-080C-42CC-99A3-378DA65C53FF} - System32\Tasks\Security Center Update - 4146477803 => C:\Users\Admin\AppData\Roaming\Umxiguk\exwupa.exe <==== ATTENTION

Task: {DB57E288-7CED-4C9F-86FB-A26D628D2F14} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-OFFICE3 => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)

Task: {DEE873E7-E861-46C2-A188-467D66CB64CF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-12-13] (Microsoft Corporation)

Task: {E160177E-34E1-419C-AD1F-69CD0B8BB8DF} - System32\Tasks\Security Center Update - 2948294779 => C:\Users\Admin\AppData\Roaming\Izasny\osirq.exe <==== ATTENTION

Task: {E4CE7562-2209-4D74-AD01-0D0FD6EF5E49} - System32\Tasks\Security Center Update - 4258391513 => C:\Users\Admin\AppData\Roaming\Sexilog\xipesio.exe <==== ATTENTION

Task: {E5BF1E26-B8DB-494E-9061-1F9DA0C18A7F} - System32\Tasks\Security Center Update - 143572091 => C:\Users\Admin\AppData\Roaming\Ezkuiqyf\xoimor.exe <==== ATTENTION

Task: {E7EEECF8-21E5-4F98-803A-057497F62F95} - System32\Tasks\Security Center Update - 2425075436 => C:\Users\Admin\AppData\Roaming\Yblyucda\daneevb.exe <==== ATTENTION

Task: {EB8B3792-2A74-4AD3-A0D6-E204B7419D37} - System32\Tasks\Security Center Update - 2072771277 => C:\Users\Admin\AppData\Roaming\Ixyspyso\fidur.exe <==== ATTENTION

Task: {F4E0EC49-BB40-470A-9CCC-0A24664A3985} - System32\Tasks\Security Center Update - 3136454316 => C:\Users\Admin\AppData\Roaming\Atrevep\zapavub.exe <==== ATTENTION

Task: {F7A3D736-1079-420D-9B4D-052269BE670E} - System32\Tasks\Security Center Update - 1186133018 => C:\Users\Admin\AppData\Roaming\Pouvbiwi\unoqmey.exe <==== ATTENTION

Task: {FA01DE43-0BD5-4FDD-ADA0-C1D09CB034AF} - System32\Tasks\Security Center Update - 305974073 => C:\Users\Admin\AppData\Roaming\Teurro\orvycui.exe <==== ATTENTION

Task: {FBAF9B04-55EB-4AAA-BFDC-8C6A84477AC2} - System32\Tasks\Security Center Update - 4133871898 => C:\Users\Admin\AppData\Roaming\Asgyab\awaqc.exe <==== ATTENTION

Task: {FFE76487-4766-4858-801A-3004EA8535FC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

Task: C:\Windows\Tasks\HPCeeScheduleForAdmin.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe

 

==================== Loaded Modules (whitelisted) =============

 

2010-03-25 14:10 - 2009-04-17 03:53 - 00053760 _____ () C:\Windows\System32\LXEAPMON.DLL

2010-03-25 14:10 - 2009-01-13 06:15 - 04485120 _____ () C:\Windows\System32\LXEAOEM.DLL

2010-12-05 16:46 - 2009-11-04 10:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll

2009-03-16 00:47 - 2009-03-16 00:47 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe

2013-08-16 07:13 - 2013-12-13 06:18 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2009-07-08 14:35 - 2009-07-08 14:35 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

2010-03-25 14:09 - 2010-05-05 10:18 - 00770728 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe

2010-03-25 14:09 - 2009-04-29 07:24 - 00139944 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe

2009-05-26 01:36 - 2009-05-26 01:36 - 00656896 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

2009-01-21 18:34 - 2009-01-21 18:34 - 00016712 ____R () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

2009-08-10 18:14 - 2008-09-30 18:59 - 00192512 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe

2013-08-04 15:18 - 2013-11-02 01:49 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll

2013-08-04 15:18 - 2013-11-02 01:48 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll

2013-08-04 15:18 - 2013-11-02 01:49 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll

2009-03-16 00:47 - 2009-03-16 00:47 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe

2009-03-16 00:47 - 2009-03-16 00:47 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe

2009-06-08 16:45 - 2009-06-08 16:45 - 00098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2009-08-10 18:01 - 2009-08-10 18:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2014-02-28 14:50 - 2014-02-24 10:44 - 00098304 _____ () C:\Program Files\Devart\dbForge Studio for MySQL\Antlr3.Runtime.dll

2009-10-12 05:40 - 2009-10-12 05:40 - 06045696 _____ () C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld.exe

2009-05-19 18:10 - 2009-05-19 18:10 - 00057344 _____ () C:\eclipse\eclipse.exe

2009-11-14 09:32 - 2009-11-06 21:07 - 00090112 _____ () C:\php\ext\dbg-php-5.2.dll

2009-09-16 20:41 - 2009-09-16 20:41 - 02076672 _____ () C:\Program Files (x86)\PHP\LIBMYSQL.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2010-03-25 14:09 - 2010-04-01 14:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll

2010-03-25 14:09 - 2009-05-27 09:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll

2010-03-25 14:09 - 2010-04-01 14:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaDRS.dll

2010-03-25 14:09 - 2009-03-10 02:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll

2010-03-25 14:03 - 2009-02-20 01:48 - 00381440 _____ () C:\Windows\system32\lxeasm.dll

2010-03-25 14:03 - 2009-02-20 01:48 - 00023552 _____ () C:\Windows\system32\lxeasmr.dll

2010-03-25 14:09 - 2009-03-30 05:37 - 00708608 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epwizard.DLL

2010-12-05 16:44 - 2009-03-30 05:35 - 00159744 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll

2010-03-25 14:09 - 2009-03-30 05:35 - 00118784 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Eputil.DLL

2010-03-25 14:09 - 2009-03-30 05:35 - 00139264 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Imagutil.DLL

2010-03-25 14:09 - 2009-03-30 05:35 - 00061440 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epfunct.DLL

2010-03-25 14:09 - 2010-04-05 07:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPWizRes.dll

2010-03-25 14:09 - 2009-03-30 05:37 - 00045056 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll

2010-03-25 14:09 - 2009-03-30 05:37 - 00094208 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPOEMDll.dll

2010-03-25 14:09 - 2009-04-07 16:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll

2010-03-25 14:09 - 2009-03-02 11:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll

2013-10-09 22:41 - 2013-10-09 22:41 - 00069632 _____ () C:\Program Files (x86)\SugarSync\librsync.dll

2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

2009-08-05 13:45 - 2009-08-05 13:45 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

2009-10-22 05:59 - 2009-10-22 05:59 - 00970288 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll

2009-10-22 05:59 - 2009-10-22 05:59 - 00068656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\zlib1.dll

2014-03-15 08:24 - 2014-03-14 17:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll

2014-03-15 08:24 - 2014-03-14 17:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll

2014-03-15 08:24 - 2014-03-14 17:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll

2014-03-15 08:24 - 2014-03-14 17:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll

2014-03-15 08:24 - 2014-03-14 17:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll

2014-03-15 08:24 - 2014-03-14 17:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

2010-02-22 09:18 - 2010-02-22 09:18 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll

2010-02-22 09:18 - 2010-02-22 09:18 - 00471040 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

2010-11-20 07:19 - 2010-11-20 07:19 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

2013-08-16 07:13 - 2013-12-13 06:19 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

2013-08-16 07:14 - 2013-12-13 06:20 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

2014-03-15 08:24 - 2014-03-14 17:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

2009-11-11 17:58 - 2009-07-06 16:33 - 00178176 _____ () C:\Program Files (x86)\Beyond Compare 3\unrar.dll

2009-05-19 18:09 - 2009-05-19 18:09 - 00081920 _____ () C:\eclipse\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.0.200.v20090519\eclipse_1206.dll

2010-05-23 10:45 - 2010-05-23 10:45 - 00032768 _____ () C:\eclipse\configuration\org.eclipse.osgi\bundles\29\1\.cp\os\win32\x86\localfile_1_0_0.dll

2010-05-23 10:37 - 2010-05-23 10:37 - 00044544 _____ () C:\eclipse\configuration\org.eclipse.osgi\bundles\32\1\.cp\jWinHttp-1.0.0.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

 

==================== Disabled items from MSCONFIG ==============

 

 

==================== Faulty Device Manager Devices =============

 

Name: Photosmart Prem C410 series

Description: Photosmart Prem C410 series

Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Manufacturer: HP

Service: StillCam

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Photosmart Prem C410 series

Description: Photosmart Prem C410 series

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Photosmart 6510 series

Description: Photosmart 6510 series

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (03/23/2014 11:40:46 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

 

Error: (03/23/2014 00:30:02 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/22/2014 00:30:05 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/21/2014 04:49:45 PM) (Source: Apache Service) (User: )

Description: The Apache service named  reported the following error:

>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.211.1 for ServerName     .

 

Error: (03/21/2014 04:08:49 PM) (Source: Apache Service) (User: )

Description: The Apache service named  reported the following error:

>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.100 for ServerName     .

 

Error: (03/21/2014 04:06:27 PM) (Source: Application Error) (User: )

Description: Faulting application name: phped.exe, version: 12.0.0.12034, time stamp: 0x52d6abc9

Faulting module name: dbwizard.dll_unloaded, version: 0.0.0.0, time stamp: 0x52d6ac2b

Exception code: 0xc0000005

Fault offset: 0x19b436b3

Faulting process id: 0x1794

Faulting application start time: 0xphped.exe0

Faulting application path: phped.exe1

Faulting module path: phped.exe2

Report Id: phped.exe3

 

Error: (03/21/2014 08:30:26 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

 

Error: (03/21/2014 08:30:17 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

 

Error: (03/21/2014 00:30:05 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (03/20/2014 05:58:52 PM) (Source: Apache Service) (User: )

Description: The Apache service named  reported the following error:

>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.100 for ServerName     .

 

 

System errors:

=============

Error: (03/21/2014 04:53:23 PM) (Source: Service Control Manager) (User: )

Description: The VMware USB Arbitration Service service terminated with the following error: 

%%31

 

Error: (03/21/2014 04:52:44 PM) (Source: DCOM) (User: )

Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}

 

Error: (03/21/2014 04:51:37 PM) (Source: Service Control Manager) (User: )

Description: The MySQL service failed to start due to the following error: 

%%1053

 

Error: (03/21/2014 04:51:37 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the MySQL service to connect.

 

Error: (03/21/2014 04:51:05 PM) (Source: Service Control Manager) (User: )

Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error: 

%%1053

 

Error: (03/21/2014 04:51:05 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

 

Error: (03/21/2014 04:49:37 PM) (Source: EventLog) (User: )

Description: The previous system shutdown at 4:29:29 PM on ‎3/‎21/‎2014 was unexpected.

 

Error: (03/21/2014 04:14:42 PM) (Source: Service Control Manager) (User: )

Description: The HP Network Devices Support service hung on starting.

 

Error: (03/21/2014 04:13:07 PM) (Source: DCOM) (User: )

Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}

 

Error: (03/21/2014 04:12:42 PM) (Source: Service Control Manager) (User: )

Description: The HP Health Check Service service failed to start due to the following error: 

%%1053

 

 

Microsoft Office Sessions:

=========================

Error: (03/23/2014 11:40:46 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Admin\Downloads\esetsmartinstaller_enu (3).exe

 

Error: (03/23/2014 00:30:02 AM) (Source: SideBySide)(User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Python26\Lib\distutils\command\wininst-8_d.exe

 

Error: (03/22/2014 00:30:05 AM) (Source: SideBySide)(User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Python26\Lib\distutils\command\wininst-8_d.exe

 

Error: (03/21/2014 04:49:45 PM) (Source: Apache Service)(User: )

Description: The Apache service namedreported the following error:

>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.211.1 for ServerName

 

Error: (03/21/2014 04:08:49 PM) (Source: Apache Service)(User: )

Description: The Apache service namedreported the following error:

>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.100 for ServerName

 

Error: (03/21/2014 04:06:27 PM) (Source: Application Error)(User: )

Description: phped.exe12.0.0.1203452d6abc9dbwizard.dll_unloaded0.0.0.052d6ac2bc000000519b436b3179401cf44a8ef9c0086C:\Program Files (x86)\NuSphere\PhpED\phped.exedbwizard.dll6dcd832f-b14d-11e3-af4d-e9e96809782b

 

Error: (03/21/2014 08:30:26 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Admin\Downloads\esetsmartinstaller_enu (3).exe

 

Error: (03/21/2014 08:30:17 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Admin\Downloads\esetsmartinstaller_enu (3).exe

 

Error: (03/21/2014 00:30:05 AM) (Source: SideBySide)(User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Python26\Lib\distutils\command\wininst-8_d.exe

 

Error: (03/20/2014 05:58:52 PM) (Source: Apache Service)(User: )

Description: The Apache service namedreported the following error:

>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.100 for ServerName

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-03-18 17:12:20.090

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-18 17:12:19.981

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-18 17:12:19.871

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-18 17:12:19.762

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-15 16:28:36.050

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-15 16:28:35.941

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-15 16:28:35.832

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-15 16:28:35.723

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-13 10:15:14.405

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-03-13 10:15:14.298

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 69%

Total physical RAM: 8183.89 MB

Available physical RAM: 2486.38 MB

Total Pagefile: 16365.93 MB

Available Pagefile: 10199.74 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB

 

==================== Drives ================================

 

Drive c: (HP) (Fixed) (Total:919.07 GB) (Free:20.5 GB) NTFS

Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.34 GB) (Free:2.23 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive e: (KRD10) (CDROM) (Total:0.37 GB) (Free:0 GB) CDFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 932 GB) (Disk ID: 1549F232)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

[dougfy]

Doing the tdsskeiller next.

[dougfy]

12:33:29.0239 0x1fac  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02

12:33:57.0508 0x1fac  ============================================================

12:33:57.0508 0x1fac  Current date / time: 2014/03/23 12:33:57.0508

12:33:57.0508 0x1fac  SystemInfo:

12:33:57.0508 0x1fac  

12:33:57.0508 0x1fac  OS Version: 6.1.7600 ServicePack: 0.0

12:33:57.0508 0x1fac  Product type: Workstation

12:33:57.0508 0x1fac  ComputerName: OFFICE3

12:33:57.0509 0x1fac  UserName: Admin

12:33:57.0509 0x1fac  Windows directory: C:\Windows

12:33:57.0509 0x1fac  System windows directory: C:\Windows

12:33:57.0509 0x1fac  Running under WOW64

12:33:57.0509 0x1fac  Processor architecture: Intel x64

12:33:57.0509 0x1fac  Number of processors: 4

12:33:57.0509 0x1fac  Page size: 0x1000

12:33:57.0509 0x1fac  Boot type: Normal boot

12:33:57.0509 0x1fac  ============================================================

12:33:58.0957 0x1fac  KLMD registered as C:\Windows\system32\drivers\66627685.sys

12:33:59.0025 0x1fac  System UUID: {AD231EE0-9770-11C4-83C6-39CCAF3F2A70}

12:33:59.0405 0x1fac  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:33:59.0426 0x1fac  ============================================================

12:33:59.0426 0x1fac  \Device\Harddisk0\DR0:

12:33:59.0426 0x1fac  MBR partitions:

12:33:59.0426 0x1fac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

12:33:59.0427 0x1fac  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72E26000

12:33:59.0427 0x1fac  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72E58800, BlocksNum 0x18AD800

12:33:59.0427 0x1fac  ============================================================

12:33:59.0444 0x1fac  C: <-> \Device\Harddisk0\DR0\Partition2

12:33:59.0492 0x1fac  D: <-> \Device\Harddisk0\DR0\Partition3

12:33:59.0493 0x1fac  ============================================================

12:33:59.0493 0x1fac  Initialize success

12:33:59.0493 0x1fac  ============================================================

12:34:03.0670 0x1d70  ============================================================

12:34:03.0670 0x1d70  Scan started

12:34:03.0670 0x1d70  Mode: Manual; 

12:34:03.0670 0x1d70  ============================================================

12:34:03.0670 0x1d70  KSN ping started

12:34:06.0825 0x1d70  KSN ping finished: true

12:34:07.0334 0x1d70  ================ Scan system memory ========================

12:34:07.0334 0x1d70  System memory - ok

12:34:07.0335 0x1d70  ================ Scan services =============================

12:34:07.0524 0x1d70  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys

12:34:07.0530 0x1d70  1394ohci - ok

12:34:07.0588 0x1d70  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys

12:34:07.0597 0x1d70  ACPI - ok

12:34:07.0639 0x1d70  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys

12:34:07.0639 0x1d70  AcpiPmi - ok

12:34:07.0698 0x1d70  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

12:34:07.0710 0x1d70  adp94xx - ok

12:34:07.0736 0x1d70  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

12:34:07.0745 0x1d70  adpahci - ok

12:34:07.0775 0x1d70  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

12:34:07.0780 0x1d70  adpu320 - ok

12:34:07.0813 0x1d70  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

12:34:07.0815 0x1d70  AeLookupSvc - ok

12:34:07.0912 0x1d70  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys

12:34:07.0924 0x1d70  AFD - ok

12:34:07.0942 0x1d70  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys

12:34:07.0944 0x1d70  agp440 - ok

12:34:07.0976 0x1d70  [ 3327E85CADB3B65EE36016E35BCC0ADC, AA885C97A7E1125C850BE651087BA45F6AB15E09748E472905A6B4FC082CEA41 ] ahcix64s        C:\Windows\system32\DRIVERS\ahcix64s.sys

12:34:07.0981 0x1d70  ahcix64s - ok

12:34:07.0993 0x1d70  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

12:34:07.0996 0x1d70  ALG - ok

12:34:08.0012 0x1d70  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys

12:34:08.0013 0x1d70  aliide - ok

12:34:08.0047 0x1d70  [ 6290BA92CA8A23DB6BED83397CF97002, D7BAAF671C91E2ADB8C6DF4CF9FA9751B498546DB16501E514D3CD2D560D41FD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

12:34:08.0052 0x1d70  AMD External Events Utility - ok

12:34:08.0063 0x1d70  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys

12:34:08.0064 0x1d70  amdide - ok

12:34:08.0099 0x1d70  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

12:34:08.0101 0x1d70  AmdK8 - ok

12:34:08.0118 0x1d70  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

12:34:08.0120 0x1d70  AmdPPM - ok

12:34:08.0141 0x1d70  [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys

12:34:08.0144 0x1d70  amdsata - ok

12:34:08.0166 0x1d70  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

12:34:08.0172 0x1d70  amdsbs - ok

12:34:08.0186 0x1d70  [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys

12:34:08.0187 0x1d70  amdxata - ok

12:34:08.0263 0x1d70  [ B01289CC07A2E21C4EFCA722D1EFB243, A0FE70EBC60C06E3AD37FDE4167C9BE378381CE48D1CB13AC9193F16AA28098C ] AMD_RAIDXpert   C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe

12:34:08.0266 0x1d70  AMD_RAIDXpert - ok

12:34:08.0398 0x1d70  [ 8750B3454AF73568BE6203047A08F560, 309C140F63C07E43F992424EDB253586A17078DD68C7F526E7C2DAC7C6164421 ] Apache2.2       C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe

12:34:08.0399 0x1d70  Apache2.2 - ok

12:34:08.0443 0x1d70  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys

12:34:08.0445 0x1d70  AppID - ok

12:34:08.0465 0x1d70  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

12:34:08.0467 0x1d70  AppIDSvc - ok

12:34:08.0498 0x1d70  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll

12:34:08.0501 0x1d70  Appinfo - ok

12:34:08.0618 0x1d70  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:34:08.0620 0x1d70  Apple Mobile Device - ok

12:34:08.0705 0x1d70  [ 1B1A533F3BE2A540C8F58F14B2886A97, D748230648B2C2E95E659709330E99425BC66DE7220360E9A4700B48F9D047BB ] appliand        C:\Windows\system32\DRIVERS\appliand.sys

12:34:08.0706 0x1d70  appliand - ok

12:34:08.0710 0x1d70  [ 1B1A533F3BE2A540C8F58F14B2886A97, D748230648B2C2E95E659709330E99425BC66DE7220360E9A4700B48F9D047BB ] appliandMP      C:\Windows\system32\DRIVERS\appliand.sys

12:34:08.0710 0x1d70  appliandMP - ok

12:34:08.0767 0x1d70  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys

12:34:08.0769 0x1d70  arc - ok

12:34:08.0791 0x1d70  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

12:34:08.0793 0x1d70  arcsas - ok

12:34:08.0977 0x1d70  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

12:34:09.0011 0x1d70  aspnet_state - ok

12:34:09.0046 0x1d70  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

12:34:09.0047 0x1d70  AsyncMac - ok

12:34:09.0066 0x1d70  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys

12:34:09.0067 0x1d70  atapi - ok

12:34:09.0140 0x1d70  [ E0FABC10635C670BD7D89FD214A405D7, DB1A7755F38F92D1BFCBC8EC710CB997C1AEE88E4FD7461B0E2A7C1EF3D2F5E4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys

12:34:09.0196 0x1d70  athr - ok

12:34:09.0230 0x1d70  [ 04A5815DF7E8B037DF674D3CCACC0C31, BC49D6C135C50254BF952B790046BE364DFDDA786F1EACEE4CC8880B764B7A92 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys

12:34:09.0234 0x1d70  AtiHdmiService - ok

12:34:09.0429 0x1d70  [ 29623DB7E23B65F0C50CA19D7E0DFD03, 7A0C709549980503BE49831F0F3904B1F900E7C9B66A9F3F8A63A50152F5AA3A ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

12:34:09.0623 0x1d70  atikmdag - ok

12:34:09.0646 0x1d70  [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys

12:34:09.0647 0x1d70  AtiPcie - ok

12:34:09.0682 0x1d70  ATIXPGAA - ok

12:34:09.0733 0x1d70  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

12:34:09.0750 0x1d70  AudioEndpointBuilder - ok

12:34:09.0778 0x1d70  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

12:34:09.0791 0x1d70  AudioSrv - ok

12:34:09.0820 0x1d70  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

12:34:09.0823 0x1d70  AxInstSV - ok

12:34:09.0877 0x1d70  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

12:34:09.0888 0x1d70  b06bdrv - ok

12:34:09.0917 0x1d70  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

12:34:09.0952 0x1d70  b57nd60a - ok

12:34:09.0994 0x1d70  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

12:34:09.0997 0x1d70  BDESVC - ok

12:34:10.0092 0x1d70  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

12:34:10.0092 0x1d70  Beep - ok

12:34:10.0217 0x1d70  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll

12:34:10.0247 0x1d70  BFE - ok

12:34:10.0588 0x1d70  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\system32\qmgr.dll

12:34:10.0636 0x1d70  BITS - ok

12:34:10.0717 0x1d70  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

12:34:10.0719 0x1d70  blbdrive - ok

12:34:10.0797 0x1d70  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

12:34:10.0800 0x1d70  bowser - ok

12:34:10.0829 0x1d70  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

12:34:10.0869 0x1d70  BrFiltLo - ok

12:34:10.0874 0x1d70  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

12:34:10.0874 0x1d70  BrFiltUp - ok

12:34:10.0920 0x1d70  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

12:34:10.0923 0x1d70  BridgeMP - ok

12:34:10.0990 0x1d70  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll

12:34:11.0047 0x1d70  Browser - ok

12:34:11.0169 0x1d70  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

12:34:11.0208 0x1d70  Brserid - ok

12:34:11.0259 0x1d70  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

12:34:11.0303 0x1d70  BrSerWdm - ok

12:34:11.0342 0x1d70  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

12:34:11.0343 0x1d70  BrUsbMdm - ok

12:34:11.0412 0x1d70  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

12:34:11.0413 0x1d70  BrUsbSer - ok

12:34:11.0575 0x1d70  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

12:34:11.0619 0x1d70  BTHMODEM - ok

12:34:11.0733 0x1d70  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

12:34:11.0781 0x1d70  bthserv - ok

12:34:11.0807 0x1d70  catchme - ok

12:34:11.0868 0x1d70  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

12:34:11.0871 0x1d70  cdfs - ok

12:34:11.0887 0x1d70  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

12:34:11.0891 0x1d70  cdrom - ok

12:34:11.0985 0x1d70  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll

12:34:12.0018 0x1d70  CertPropSvc - ok

12:34:12.0125 0x1d70  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

12:34:12.0126 0x1d70  circlass - ok

12:34:12.0158 0x1d70  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

12:34:12.0167 0x1d70  CLFS - ok

12:34:12.0303 0x1d70  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:34:12.0306 0x1d70  clr_optimization_v2.0.50727_32 - ok

12:34:12.0336 0x1d70  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:34:12.0339 0x1d70  clr_optimization_v2.0.50727_64 - ok

12:34:12.0482 0x1d70  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:34:12.0536 0x1d70  clr_optimization_v4.0.30319_32 - ok

12:34:12.0578 0x1d70  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:34:12.0615 0x1d70  clr_optimization_v4.0.30319_64 - ok

12:34:12.0664 0x1d70  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

12:34:12.0665 0x1d70  CmBatt - ok

12:34:12.0680 0x1d70  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys

12:34:12.0681 0x1d70  cmdide - ok

12:34:12.0761 0x1d70  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys

12:34:12.0772 0x1d70  CNG - ok

12:34:12.0793 0x1d70  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

12:34:12.0794 0x1d70  Compbatt - ok

12:34:12.0805 0x1d70  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

12:34:12.0807 0x1d70  CompositeBus - ok

12:34:12.0818 0x1d70  COMSysApp - ok

12:34:12.0945 0x1d70  [ CD58FB9264F97BBB45C4154C61D9BDDD, 38390A5BFB3C7F49CF23B3B9965648F543033CF99E33FDC083F7BAC48F2B80E1 ] cpextender      C:\Program Files (x86)\CheckPoint\SSL Network Extender\slimsvc.exe

12:34:12.0954 0x1d70  cpextender - ok

12:34:12.0989 0x1d70  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

12:34:12.0990 0x1d70  crcdisk - ok

12:34:13.0062 0x1d70  [ F02786B66375292E58C8777082D4396D, EE7BCD10C014A16A06619EFD47226FAA1460A67CD7687EA8C38D63C71DBCD51B ] CryptSvc        C:\Windows\system32\cryptsvc.dll

12:34:13.0067 0x1d70  CryptSvc - ok

12:34:13.0112 0x1d70  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll

12:34:13.0124 0x1d70  DcomLaunch - ok

12:34:13.0233 0x1d70  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

12:34:13.0241 0x1d70  defragsvc - ok

12:34:13.0305 0x1d70  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

12:34:13.0308 0x1d70  DfsC - ok

12:34:13.0398 0x1d70  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

12:34:13.0406 0x1d70  Dhcp - ok

12:34:13.0437 0x1d70  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

12:34:13.0438 0x1d70  discache - ok

12:34:13.0451 0x1d70  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys

12:34:13.0453 0x1d70  Disk - ok

12:34:13.0540 0x1d70  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

12:34:13.0545 0x1d70  Dnscache - ok

12:34:13.0568 0x1d70  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll

12:34:13.0575 0x1d70  dot3svc - ok

12:34:13.0587 0x1d70  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll

12:34:13.0591 0x1d70  DPS - ok

12:34:13.0617 0x1d70  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

12:34:13.0618 0x1d70  drmkaud - ok

12:34:13.0710 0x1d70  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

12:34:13.0740 0x1d70  DXGKrnl - ok

12:34:13.0769 0x1d70  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

12:34:13.0772 0x1d70  EapHost - ok

12:34:13.0890 0x1d70  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

12:34:14.0027 0x1d70  ebdrv - ok

12:34:14.0102 0x1d70  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe

12:34:14.0104 0x1d70  EFS - ok

12:34:14.0188 0x1d70  [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

12:34:14.0205 0x1d70  ehRecvr - ok

12:34:14.0222 0x1d70  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

12:34:14.0226 0x1d70  ehSched - ok

12:34:14.0261 0x1d70  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

12:34:14.0275 0x1d70  elxstor - ok

12:34:14.0303 0x1d70  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys

12:34:14.0304 0x1d70  ErrDev - ok

12:34:14.0346 0x1d70  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

12:34:14.0356 0x1d70  EventSystem - ok

12:34:14.0393 0x1d70  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

12:34:14.0398 0x1d70  exfat - ok

12:34:14.0424 0x1d70  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

12:34:14.0430 0x1d70  fastfat - ok

12:34:14.0482 0x1d70  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe

12:34:14.0500 0x1d70  Fax - ok

12:34:14.0580 0x1d70  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

12:34:14.0581 0x1d70  fdc - ok

12:34:14.0597 0x1d70  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

12:34:14.0598 0x1d70  fdPHost - ok

12:34:14.0609 0x1d70  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

12:34:14.0611 0x1d70  FDResPub - ok

12:34:14.0621 0x1d70  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

12:34:14.0622 0x1d70  FileInfo - ok

12:34:14.0631 0x1d70  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

12:34:14.0633 0x1d70  Filetrace - ok

12:34:14.0724 0x1d70  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

12:34:14.0741 0x1d70  FLEXnet Licensing Service - ok

12:34:14.0792 0x1d70  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

12:34:14.0794 0x1d70  flpydisk - ok

12:34:14.0819 0x1d70  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

12:34:14.0826 0x1d70  FltMgr - ok

12:34:14.0927 0x1d70  [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache       C:\Windows\system32\FntCache.dll

12:34:14.0972 0x1d70  FontCache - ok

12:34:15.0018 0x1d70  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:34:15.0019 0x1d70  FontCache3.0.0.0 - ok

12:34:15.0036 0x1d70  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

12:34:15.0038 0x1d70  FsDepends - ok

12:34:15.0101 0x1d70  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

12:34:15.0102 0x1d70  Fs_Rec - ok

12:34:15.0133 0x1d70  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

12:34:15.0139 0x1d70  fvevol - ok

12:34:15.0181 0x1d70  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

12:34:15.0183 0x1d70  gagp30kx - ok

12:34:15.0242 0x1d70  [ C44D560E441F091EA3B72F778EC60DE2, 1F90BA0E98C436B98BF6B0BC93146B52C081DF374424E2DCA270316D508A59B2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

12:34:15.0248 0x1d70  GameConsoleService - ok

12:34:15.0341 0x1d70  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

12:34:15.0342 0x1d70  GEARAspiWDM - ok

12:34:15.0357 0x1d70  getPlusHelper - ok

12:34:15.0478 0x1d70  [ C6B9F48D46C13389EA2AF2065AE66612, BFB2CFF1B9BFE55E027F01C3714DF9BF8E0C5CFD0EF0BF6B8DA029D98C1288D7 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe

12:34:15.0479 0x1d70  GoToAssist - ok

12:34:15.0529 0x1d70  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll

12:34:15.0549 0x1d70  gpsvc - ok

12:34:15.0722 0x1d70  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:34:15.0725 0x1d70  gupdate - ok

12:34:15.0751 0x1d70  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:34:15.0754 0x1d70  gupdatem - ok

12:34:15.0778 0x1d70  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

12:34:15.0783 0x1d70  gusvc - ok

12:34:15.0806 0x1d70  [ 8CDAD7B707DDD77D45588F74D59C9AFF, DC4BB191BB6E645E8DBB660F5A70DEAF24299A26DA4D656CF1D5596E5509630D ] hcmon           C:\Windows\system32\drivers\hcmon.sys

12:34:15.0807 0x1d70  hcmon - ok

12:34:15.0819 0x1d70  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

12:34:15.0820 0x1d70  hcw85cir - ok

12:34:15.0844 0x1d70  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

12:34:15.0847 0x1d70  HDAudBus - ok

12:34:15.0865 0x1d70  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

12:34:15.0866 0x1d70  HidBatt - ok

12:34:15.0893 0x1d70  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

12:34:15.0896 0x1d70  HidBth - ok

12:34:15.0914 0x1d70  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

12:34:15.0915 0x1d70  HidIr - ok

12:34:15.0980 0x1d70  [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys

12:34:15.0981 0x1d70  hidkmdf - ok

12:34:15.0996 0x1d70  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll

12:34:15.0998 0x1d70  hidserv - ok

12:34:16.0021 0x1d70  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

12:34:16.0023 0x1d70  HidUsb - ok

12:34:16.0039 0x1d70  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll

12:34:16.0042 0x1d70  hkmsvc - ok

12:34:16.0060 0x1d70  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll

12:34:16.0066 0x1d70  HomeGroupListener - ok

12:34:16.0093 0x1d70  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

12:34:16.0099 0x1d70  HomeGroupProvider - ok

12:34:16.0149 0x1d70  [ 0141816A095A3F5A83FFA5B4A47B8023, F7B26D707EB817FA0F5BFDFA785370B458AF54C94A1E679B36F6808158EA467C ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

12:34:16.0152 0x1d70  HP Health Check Service - ok

12:34:16.0180 0x1d70  [ DEAB3BF5AEFBDC3F9AC0E020926EC81D, E0822D50E19A874DE0BCDA6409C8C96AA9A02A620C283CDB57A655762D1092EF ] HPBtnSrv        C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe

12:34:16.0185 0x1d70  HPBtnSrv - ok

12:34:16.0227 0x1d70  [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

12:34:16.0232 0x1d70  hpqwmiex - ok

12:34:16.0273 0x1d70  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys

12:34:16.0276 0x1d70  HpSAMD - ok

12:34:16.0472 0x1d70  [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

12:34:16.0517 0x1d70  HPSLPSVC - ok

12:34:16.0614 0x1d70  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys

12:34:16.0632 0x1d70  HTTP - ok

12:34:16.0641 0x1d70  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

12:34:16.0641 0x1d70  hwpolicy - ok

12:34:16.0672 0x1d70  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

12:34:16.0675 0x1d70  i8042prt - ok

12:34:16.0714 0x1d70  [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys

12:34:16.0725 0x1d70  iaStorV - ok

12:34:16.0790 0x1d70  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:34:16.0812 0x1d70  idsvc - ok

12:34:16.0918 0x1d70  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

12:34:16.0919 0x1d70  iirsp - ok

12:34:16.0976 0x1d70  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll

12:34:17.0008 0x1d70  IKEEXT - ok

12:34:17.0100 0x1d70  [ 31C32BC56D85D109EBB0C526BE5CACA7, E09A338EAEFD615FDB755B57F02E6033A2E5B6849BA3D66803286424F7D91EBE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

12:34:17.0168 0x1d70  IntcAzAudAddService - ok

12:34:17.0189 0x1d70  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

12:34:17.0190 0x1d70  intelide - ok

12:34:17.0218 0x1d70  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

12:34:17.0220 0x1d70  intelppm - ok

12:34:17.0399 0x1d70  [ 3DC635B66DD7412E1C9C3A77B8D78F25, D3894065DA2D08744863ECC5EE9027A0E39711A6A56AAB599F1CAF4BB996F42A ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

12:34:17.0400 0x1d70  IntuitUpdateService - ok

12:34:17.0532 0x1d70  [ 0895CDD7F1542FFCC5BBB560EC78BC16, 383D9FFE7FB313EA201DE877F3D48B5116FFA261EDEF5D0D0FE79F14E9682D25 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

12:34:17.0533 0x1d70  IntuitUpdateServiceV4 - ok

12:34:17.0565 0x1d70  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

12:34:17.0568 0x1d70  IPBusEnum - ok

12:34:17.0584 0x1d70  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:34:17.0587 0x1d70  IpFilterDriver - ok

12:34:17.0635 0x1d70  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

12:34:17.0649 0x1d70  iphlpsvc - ok

12:34:17.0721 0x1d70  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys

12:34:17.0723 0x1d70  IPMIDRV - ok

12:34:17.0754 0x1d70  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

12:34:17.0758 0x1d70  IPNAT - ok

12:34:17.0859 0x1d70  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

12:34:17.0875 0x1d70  iPod Service - ok

12:34:17.0885 0x1d70  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

12:34:17.0886 0x1d70  IRENUM - ok

12:34:17.0899 0x1d70  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys

12:34:17.0900 0x1d70  isapnp - ok

12:34:17.0926 0x1d70  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

12:34:17.0932 0x1d70  iScsiPrt - ok

12:34:17.0952 0x1d70  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

12:34:17.0953 0x1d70  kbdclass - ok

12:34:17.0962 0x1d70  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

12:34:17.0963 0x1d70  kbdhid - ok

12:34:17.0968 0x1d70  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe

12:34:17.0970 0x1d70  KeyIso - ok

12:34:18.0038 0x1d70  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

12:34:18.0041 0x1d70  KSecDD - ok

12:34:18.0109 0x1d70  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

12:34:18.0113 0x1d70  KSecPkg - ok

12:34:18.0126 0x1d70  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

12:34:18.0127 0x1d70  ksthunk - ok

12:34:18.0157 0x1d70  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

12:34:18.0167 0x1d70  KtmRm - ok

12:34:18.0249 0x1d70  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\System32\srvsvc.dll

12:34:18.0256 0x1d70  LanmanServer - ok

12:34:18.0282 0x1d70  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

12:34:18.0286 0x1d70  LanmanWorkstation - ok

12:34:18.0331 0x1d70  [ 108333981C841EB0FF198AA5DFCF3D3B, 726B4BEA813F18668A0682D1D427F6E3676A2EA2501EB7E64199B65D23F45FC8 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

12:34:18.0334 0x1d70  LightScribeService - ok

12:34:18.0350 0x1d70  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

12:34:18.0352 0x1d70  lltdio - ok

12:34:18.0372 0x1d70  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

12:34:18.0380 0x1d70  lltdsvc - ok

12:34:18.0385 0x1d70  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

12:34:18.0386 0x1d70  lmhosts - ok

12:34:18.0419 0x1d70  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

12:34:18.0422 0x1d70  LSI_FC - ok

12:34:18.0440 0x1d70  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

12:34:18.0443 0x1d70  LSI_SAS - ok

12:34:18.0452 0x1d70  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

12:34:18.0454 0x1d70  LSI_SAS2 - ok

12:34:18.0516 0x1d70  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

12:34:18.0519 0x1d70  LSI_SCSI - ok

12:34:18.0537 0x1d70  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

12:34:18.0540 0x1d70  luafv - ok

12:34:18.0664 0x1d70  [ 3D1516114F5B1548864D043177F992A6, 3733D5D51EA0DBFB24C408F1C48F8367CEE005EFCEC2860975D5EE2B4445ECF4 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe

12:34:18.0711 0x1d70  lxeaCATSCustConnectService - ok

12:34:18.0755 0x1d70  lxea_device - ok

12:34:18.0789 0x1d70  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

12:34:18.0790 0x1d70  MBAMProtector - ok

12:34:18.0816 0x1d70  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

12:34:18.0827 0x1d70  MBAMScheduler - ok

12:34:18.0877 0x1d70  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

12:34:18.0895 0x1d70  MBAMService - ok

12:34:18.0977 0x1d70  [ 008D14B146E6969720C8B05480124373, FDAEA3EC3D420F7E0A6711BFCEE7416F96147CF52026BECD10DD9C620A56C375 ] McNeelUpdate    C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe

12:34:18.0979 0x1d70  McNeelUpdate - ok

12:34:18.0999 0x1d70  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

12:34:19.0002 0x1d70  Mcx2Svc - ok

12:34:19.0042 0x1d70  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

12:34:19.0043 0x1d70  megasas - ok

12:34:19.0077 0x1d70  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

12:34:19.0084 0x1d70  MegaSR - ok

12:34:19.0103 0x1d70  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

12:34:19.0106 0x1d70  MMCSS - ok

12:34:19.0121 0x1d70  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

12:34:19.0122 0x1d70  Modem - ok

12:34:19.0158 0x1d70  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

12:34:19.0159 0x1d70  monitor - ok

12:34:19.0200 0x1d70  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

12:34:19.0202 0x1d70  mouclass - ok

12:34:19.0213 0x1d70  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

12:34:19.0214 0x1d70  mouhid - ok

12:34:19.0235 0x1d70  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

12:34:19.0237 0x1d70  mountmgr - ok

12:34:19.0305 0x1d70  [ 15D5398EED42C2504BB3D4FC875C15D1, 04FE9BBE5B770957BCD81E2B198FF56AEC3168038C4DFAA1AA8DC1A280394B78 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

12:34:19.0308 0x1d70  MozillaMaintenance - ok

12:34:19.0330 0x1d70  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys

12:34:19.0335 0x1d70  mpio - ok

12:34:19.0355 0x1d70  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

12:34:19.0357 0x1d70  mpsdrv - ok

12:34:19.0407 0x1d70  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll

12:34:19.0428 0x1d70  MpsSvc - ok

12:34:19.0468 0x1d70  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

12:34:19.0472 0x1d70  MRxDAV - ok

12:34:19.0536 0x1d70  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

12:34:19.0540 0x1d70  mrxsmb - ok

12:34:19.0555 0x1d70  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:34:19.0562 0x1d70  mrxsmb10 - ok

12:34:19.0575 0x1d70  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:34:19.0578 0x1d70  mrxsmb20 - ok

12:34:19.0589 0x1d70  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys

12:34:19.0590 0x1d70  msahci - ok

12:34:19.0618 0x1d70  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys

12:34:19.0622 0x1d70  msdsm - ok

12:34:19.0648 0x1d70  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

12:34:19.0653 0x1d70  MSDTC - ok

12:34:19.0671 0x1d70  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

12:34:19.0672 0x1d70  Msfs - ok

12:34:19.0680 0x1d70  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

12:34:19.0681 0x1d70  mshidkmdf - ok

12:34:19.0686 0x1d70  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys

12:34:19.0686 0x1d70  msisadrv - ok

12:34:19.0715 0x1d70  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

12:34:19.0719 0x1d70  MSiSCSI - ok

12:34:19.0723 0x1d70  msiserver - ok

12:34:19.0756 0x1d70  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

12:34:19.0757 0x1d70  MSKSSRV - ok

12:34:19.0768 0x1d70  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

12:34:19.0768 0x1d70  MSPCLOCK - ok

12:34:19.0776 0x1d70  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

12:34:19.0776 0x1d70  MSPQM - ok

12:34:19.0804 0x1d70  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

12:34:19.0813 0x1d70  MsRPC - ok

12:34:19.0847 0x1d70  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

12:34:19.0849 0x1d70  mssmbios - ok

12:34:20.0002 0x1d70  MSSQL$SQLEXPRESS - ok

12:34:20.0171 0x1d70  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

12:34:20.0173 0x1d70  MSSQLServerADHelper100 - ok

12:34:20.0184 0x1d70  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

12:34:20.0185 0x1d70  MSTEE - ok

12:34:20.0210 0x1d70  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

12:34:20.0211 0x1d70  MTConfig - ok

12:34:20.0235 0x1d70  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

12:34:20.0236 0x1d70  Mup - ok

12:34:20.0326 0x1d70  MySQL - ok

12:34:20.0365 0x1d70  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll

12:34:20.0377 0x1d70  napagent - ok

12:34:20.0405 0x1d70  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

12:34:20.0413 0x1d70  NativeWifiP - ok

12:34:20.0541 0x1d70  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys

12:34:20.0625 0x1d70  NDIS - ok

12:34:20.0676 0x1d70  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

12:34:20.0678 0x1d70  NdisCap - ok

12:34:20.0721 0x1d70  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

12:34:20.0722 0x1d70  NdisTapi - ok

12:34:20.0737 0x1d70  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

12:34:20.0739 0x1d70  Ndisuio - ok

12:34:20.0749 0x1d70  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

12:34:20.0754 0x1d70  NdisWan - ok

12:34:20.0772 0x1d70  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

12:34:20.0774 0x1d70  NDProxy - ok

12:34:20.0842 0x1d70  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

12:34:20.0845 0x1d70  Net Driver HPZ12 - ok

12:34:20.0855 0x1d70  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

12:34:20.0856 0x1d70  NetBIOS - ok

12:34:20.0880 0x1d70  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

12:34:20.0887 0x1d70  NetBT - ok

12:34:20.0891 0x1d70  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe

12:34:20.0893 0x1d70  Netlogon - ok

12:34:20.0925 0x1d70  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

12:34:20.0935 0x1d70  Netman - ok

12:34:21.0069 0x1d70  [ E8B9164DA7701C1E595647C3A3AFA766, 9E5A7313892ABEBD1F7D9B11C50CECE5AE853E7941404DE8FEFD71EFC57B2D5D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:34:21.0073 0x1d70  NetMsmqActivator - ok

12:34:21.0079 0x1d70  [ E8B9164DA7701C1E595647C3A3AFA766, 9E5A7313892ABEBD1F7D9B11C50CECE5AE853E7941404DE8FEFD71EFC57B2D5D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:34:21.0082 0x1d70  NetPipeActivator - ok

12:34:21.0120 0x1d70  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

12:34:21.0132 0x1d70  netprofm - ok

12:34:21.0151 0x1d70  [ E8B9164DA7701C1E595647C3A3AFA766, 9E5A7313892ABEBD1F7D9B11C50CECE5AE853E7941404DE8FEFD71EFC57B2D5D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:34:21.0154 0x1d70  NetTcpActivator - ok

12:34:21.0161 0x1d70  [ E8B9164DA7701C1E595647C3A3AFA766, 9E5A7313892ABEBD1F7D9B11C50CECE5AE853E7941404DE8FEFD71EFC57B2D5D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:34:21.0164 0x1d70  NetTcpPortSharing - ok

12:34:21.0215 0x1d70  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

12:34:21.0216 0x1d70  nfrd960 - ok

[dougfy]

12:34:21.0289 0x1d70  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll

12:34:21.0298 0x1d70  NlaSvc - ok

12:34:21.0364 0x1d70  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

12:34:21.0366 0x1d70  Npfs - ok

12:34:21.0378 0x1d70  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

12:34:21.0380 0x1d70  nsi - ok

12:34:21.0390 0x1d70  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

12:34:21.0391 0x1d70  nsiproxy - ok

12:34:21.0459 0x1d70  [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

12:34:21.0516 0x1d70  Ntfs - ok

12:34:21.0528 0x1d70  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

12:34:21.0529 0x1d70  Null - ok

12:34:21.0550 0x1d70  [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys

12:34:21.0554 0x1d70  nvraid - ok

12:34:21.0576 0x1d70  [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys

12:34:21.0581 0x1d70  nvstor - ok

12:34:21.0609 0x1d70  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys

12:34:21.0612 0x1d70  nv_agp - ok

12:34:21.0794 0x1d70  [ 25FFB1C1E5BD27B9757EACF40B2B0F7B, 41B4236F580B4653C65E3F16DD3FF91E924716FDD2DCBA89A5F416563C5F0076 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

12:34:21.0918 0x1d70  OfficeSvc - ok

12:34:21.0944 0x1d70  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

12:34:21.0946 0x1d70  ohci1394 - ok

12:34:22.0058 0x1d70  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:34:22.0062 0x1d70  ose - ok

12:34:22.0446 0x1d70  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

12:34:22.0627 0x1d70  osppsvc - ok

12:34:22.0673 0x1d70  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

12:34:22.0682 0x1d70  p2pimsvc - ok

12:34:22.0715 0x1d70  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

12:34:22.0727 0x1d70  p2psvc - ok

12:34:22.0746 0x1d70  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

12:34:22.0748 0x1d70  Parport - ok

12:34:22.0813 0x1d70  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

12:34:22.0815 0x1d70  partmgr - ok

12:34:22.0836 0x1d70  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

12:34:22.0842 0x1d70  PcaSvc - ok

12:34:22.0872 0x1d70  PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok

12:34:22.0902 0x1d70  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys

12:34:22.0907 0x1d70  pci - ok

12:34:22.0911 0x1d70  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys

12:34:22.0912 0x1d70  pciide - ok

12:34:22.0929 0x1d70  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

12:34:22.0935 0x1d70  pcmcia - ok

12:34:22.0957 0x1d70  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

12:34:22.0959 0x1d70  pcw - ok

12:34:22.0984 0x1d70  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

12:34:23.0000 0x1d70  PEAUTH - ok

12:34:23.0074 0x1d70  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

12:34:23.0077 0x1d70  PerfHost - ok

12:34:23.0136 0x1d70  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll

12:34:23.0193 0x1d70  pla - ok

12:34:23.0268 0x1d70  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

12:34:23.0279 0x1d70  PlugPlay - ok

12:34:23.0289 0x1d70  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

12:34:23.0292 0x1d70  Pml Driver HPZ12 - ok

12:34:23.0303 0x1d70  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

12:34:23.0305 0x1d70  PNRPAutoReg - ok

12:34:23.0329 0x1d70  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

12:34:23.0336 0x1d70  PNRPsvc - ok

12:34:23.0374 0x1d70  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

12:34:23.0387 0x1d70  PolicyAgent - ok

12:34:23.0425 0x1d70  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

12:34:23.0430 0x1d70  Power - ok

12:34:23.0464 0x1d70  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

12:34:23.0467 0x1d70  PptpMiniport - ok

12:34:23.0505 0x1d70  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

12:34:23.0507 0x1d70  Processor - ok

12:34:23.0539 0x1d70  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll

12:34:23.0545 0x1d70  ProfSvc - ok

12:34:23.0557 0x1d70  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe

12:34:23.0559 0x1d70  ProtectedStorage - ok

12:34:23.0596 0x1d70  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

12:34:23.0600 0x1d70  Psched - ok

12:34:23.0808 0x1d70  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

12:34:23.0835 0x1d70  PSI_SVC_2 - ok

12:34:24.0058 0x1d70  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

12:34:24.0167 0x1d70  ql2300 - ok

12:34:24.0193 0x1d70  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

12:34:24.0196 0x1d70  ql40xx - ok

12:34:24.0219 0x1d70  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

12:34:24.0226 0x1d70  QWAVE - ok

12:34:24.0239 0x1d70  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

12:34:24.0240 0x1d70  QWAVEdrv - ok

12:34:24.0257 0x1d70  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

12:34:24.0258 0x1d70  RasAcd - ok

12:34:24.0288 0x1d70  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

12:34:24.0289 0x1d70  RasAgileVpn - ok

12:34:24.0301 0x1d70  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

12:34:24.0305 0x1d70  RasAuto - ok

12:34:24.0323 0x1d70  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

12:34:24.0326 0x1d70  Rasl2tp - ok

12:34:24.0351 0x1d70  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll

12:34:24.0360 0x1d70  RasMan - ok

12:34:24.0373 0x1d70  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

12:34:24.0375 0x1d70  RasPppoe - ok

12:34:24.0391 0x1d70  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

12:34:24.0393 0x1d70  RasSstp - ok

12:34:24.0415 0x1d70  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

12:34:24.0422 0x1d70  rdbss - ok

12:34:24.0443 0x1d70  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

12:34:24.0444 0x1d70  rdpbus - ok

12:34:24.0461 0x1d70  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

12:34:24.0462 0x1d70  RDPCDD - ok

12:34:24.0494 0x1d70  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

12:34:24.0494 0x1d70  RDPENCDD - ok

12:34:24.0509 0x1d70  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

12:34:24.0509 0x1d70  RDPREFMP - ok

12:34:24.0588 0x1d70  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

12:34:24.0593 0x1d70  RDPWD - ok

12:34:24.0606 0x1d70  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

12:34:24.0612 0x1d70  rdyboost - ok

12:34:24.0654 0x1d70  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

12:34:24.0658 0x1d70  RemoteAccess - ok

12:34:24.0674 0x1d70  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

12:34:24.0679 0x1d70  RemoteRegistry - ok

12:34:24.0696 0x1d70  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

12:34:24.0699 0x1d70  RpcEptMapper - ok

12:34:24.0718 0x1d70  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

12:34:24.0719 0x1d70  RpcLocator - ok

12:34:24.0756 0x1d70  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll

12:34:24.0767 0x1d70  RpcSs - ok

12:34:24.0847 0x1d70  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys

12:34:24.0855 0x1d70  RsFx0103 - ok

12:34:24.0883 0x1d70  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

12:34:24.0885 0x1d70  rspndr - ok

12:34:24.0923 0x1d70  [ 91296F0B2653281B2F11E0FCE56AA427, 242B6049480F62673D79E822EC7AD83DBFA1D203F2519E765DD36ECF156A962A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

12:34:24.0929 0x1d70  RTL8167 - ok

12:34:24.0946 0x1d70  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe

12:34:24.0948 0x1d70  SamSs - ok

12:34:24.0979 0x1d70  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys

12:34:24.0982 0x1d70  sbp2port - ok

12:34:25.0025 0x1d70  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

12:34:25.0031 0x1d70  SCardSvr - ok

12:34:25.0045 0x1d70  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

12:34:25.0046 0x1d70  scfilter - ok

12:34:25.0149 0x1d70  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll

12:34:25.0195 0x1d70  Schedule - ok

12:34:25.0251 0x1d70  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll

12:34:25.0253 0x1d70  SCPolicySvc - ok

12:34:25.0266 0x1d70  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

12:34:25.0271 0x1d70  SDRSVC - ok

12:34:25.0292 0x1d70  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

12:34:25.0293 0x1d70  secdrv - ok

12:34:25.0297 0x1d70  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll

12:34:25.0300 0x1d70  seclogon - ok

12:34:25.0319 0x1d70  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll

12:34:25.0322 0x1d70  SENS - ok

12:34:25.0338 0x1d70  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

12:34:25.0340 0x1d70  SensrSvc - ok

12:34:25.0364 0x1d70  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

12:34:25.0365 0x1d70  Serenum - ok

12:34:25.0374 0x1d70  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

12:34:25.0376 0x1d70  Serial - ok

12:34:25.0397 0x1d70  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

12:34:25.0398 0x1d70  sermouse - ok

12:34:25.0424 0x1d70  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll

12:34:25.0428 0x1d70  SessionEnv - ok

12:34:25.0456 0x1d70  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys

12:34:25.0457 0x1d70  sffdisk - ok

12:34:25.0469 0x1d70  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys

12:34:25.0470 0x1d70  sffp_mmc - ok

12:34:25.0497 0x1d70  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys

12:34:25.0498 0x1d70  sffp_sd - ok

12:34:25.0513 0x1d70  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

12:34:25.0514 0x1d70  sfloppy - ok

12:34:25.0575 0x1d70  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

12:34:25.0612 0x1d70  SharedAccess - ok

12:34:25.0656 0x1d70  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

12:34:25.0667 0x1d70  ShellHWDetection - ok

12:34:25.0692 0x1d70  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

12:34:25.0694 0x1d70  SiSRaid2 - ok

12:34:25.0705 0x1d70  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

12:34:25.0707 0x1d70  SiSRaid4 - ok

12:34:25.0736 0x1d70  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

12:34:25.0739 0x1d70  Smb - ok

12:34:25.0770 0x1d70  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

12:34:25.0772 0x1d70  SNMPTRAP - ok

12:34:25.0781 0x1d70  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

12:34:25.0782 0x1d70  spldr - ok

12:34:25.0871 0x1d70  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe

12:34:25.0886 0x1d70  Spooler - ok

12:34:26.0066 0x1d70  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe

12:34:26.0191 0x1d70  sppsvc - ok

12:34:26.0216 0x1d70  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

12:34:26.0219 0x1d70  sppuinotify - ok

12:34:26.0383 0x1d70  [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

12:34:26.0394 0x1d70  SQLAgent$SQLEXPRESS - ok

12:34:26.0524 0x1d70  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

12:34:26.0530 0x1d70  SQLBrowser - ok

12:34:26.0623 0x1d70  [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

12:34:26.0626 0x1d70  SQLWriter - ok

12:34:26.0706 0x1d70  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys

12:34:26.0718 0x1d70  srv - ok

12:34:26.0745 0x1d70  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

12:34:26.0755 0x1d70  srv2 - ok

12:34:26.0817 0x1d70  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

12:34:26.0821 0x1d70  srvnet - ok

12:34:26.0835 0x1d70  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

12:34:26.0841 0x1d70  SSDPSRV - ok

12:34:26.0860 0x1d70  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

12:34:26.0863 0x1d70  SstpSvc - ok

12:34:26.0891 0x1d70  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

12:34:26.0892 0x1d70  stexstor - ok

12:34:26.0945 0x1d70  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

12:34:26.0946 0x1d70  StillCam - ok

12:34:27.0011 0x1d70  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll

12:34:27.0027 0x1d70  stisvc - ok

12:34:27.0044 0x1d70  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

12:34:27.0045 0x1d70  swenum - ok

12:34:27.0072 0x1d70  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

12:34:27.0086 0x1d70  swprv - ok

12:34:27.0155 0x1d70  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll

12:34:27.0256 0x1d70  SysMain - ok

12:34:27.0285 0x1d70  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll

12:34:27.0288 0x1d70  TabletInputService - ok

12:34:27.0370 0x1d70  [ D0B07EED9DDEC5C69521C689B7BF455F, A9F1C76FBF833E25A8470116A9BB7F7121A86138B31B54C098F1E22C11109044 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys

12:34:27.0372 0x1d70  tap0901 - ok

12:34:27.0393 0x1d70  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll

12:34:27.0403 0x1d70  TapiSrv - ok

12:34:27.0414 0x1d70  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

12:34:27.0417 0x1d70  TBS - ok

12:34:27.0539 0x1d70  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

12:34:27.0608 0x1d70  Tcpip - ok

12:34:27.0665 0x1d70  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

12:34:27.0703 0x1d70  TCPIP6 - ok

12:34:27.0725 0x1d70  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

12:34:27.0727 0x1d70  tcpipreg - ok

12:34:27.0740 0x1d70  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

12:34:27.0741 0x1d70  TDPIPE - ok

12:34:27.0795 0x1d70  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

12:34:27.0797 0x1d70  TDTCP - ok

12:34:27.0807 0x1d70  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

12:34:27.0810 0x1d70  tdx - ok

12:34:27.0815 0x1d70  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

12:34:27.0817 0x1d70  TermDD - ok

12:34:27.0852 0x1d70  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll

12:34:27.0869 0x1d70  TermService - ok

12:34:27.0884 0x1d70  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

12:34:27.0886 0x1d70  Themes - ok

12:34:27.0914 0x1d70  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

12:34:27.0916 0x1d70  THREADORDER - ok

12:34:28.0092 0x1d70  [ ADAD1371F9D555C82258CC9F719E7647, 60F65A02AF59F2A1ABD870158DDE51CA1CB5BB9E2524DCAEF8A26D49EFF90A77 ] Tomcat6         C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe

12:34:28.0094 0x1d70  Tomcat6 - ok

12:34:28.0114 0x1d70  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

12:34:28.0118 0x1d70  TrkWks - ok

12:34:28.0171 0x1d70  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

12:34:28.0176 0x1d70  TrustedInstaller - ok

12:34:28.0186 0x1d70  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

12:34:28.0187 0x1d70  tssecsrv - ok

12:34:28.0219 0x1d70  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

12:34:28.0222 0x1d70  tunnel - ok

12:34:28.0251 0x1d70  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

12:34:28.0253 0x1d70  uagp35 - ok

12:34:28.0289 0x1d70  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

12:34:28.0297 0x1d70  udfs - ok

12:34:28.0339 0x1d70  [ 3F2D08B07CF67CB37E669A93E59A508C, B2FE85334C4CD7645BE1B3C1C905668700769EF105DC79BF25F7C8EDC9F52DB8 ] ufad-ws60       C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe

12:34:28.0344 0x1d70  ufad-ws60 - ok

12:34:28.0367 0x1d70  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

12:34:28.0369 0x1d70  UI0Detect - ok

12:34:28.0394 0x1d70  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys

12:34:28.0396 0x1d70  uliagpkx - ok

12:34:28.0458 0x1d70  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

12:34:28.0459 0x1d70  umbus - ok

12:34:28.0491 0x1d70  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

12:34:28.0492 0x1d70  UmPass - ok

12:34:28.0514 0x1d70  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

12:34:28.0525 0x1d70  upnphost - ok

12:34:28.0590 0x1d70  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

12:34:28.0592 0x1d70  USBAAPL64 - ok

12:34:28.0629 0x1d70  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

12:34:28.0632 0x1d70  usbccgp - ok

12:34:28.0662 0x1d70  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys

12:34:28.0665 0x1d70  usbcir - ok

12:34:28.0690 0x1d70  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

12:34:28.0692 0x1d70  usbehci - ok

12:34:28.0713 0x1d70  [ 6648C6D7323A2CE0C4776C36CEFBCB14, 31DB869351BF3673284721B0D37FC1FC5D858829C7B19B563E3A9C3082D14631 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys

12:34:28.0715 0x1d70  usbfilter - ok

12:34:28.0739 0x1d70  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

12:34:28.0748 0x1d70  usbhub - ok

12:34:28.0757 0x1d70  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys

12:34:28.0758 0x1d70  usbohci - ok

12:34:28.0800 0x1d70  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

12:34:28.0801 0x1d70  usbprint - ok

12:34:28.0846 0x1d70  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

12:34:28.0847 0x1d70  usbscan - ok

12:34:28.0853 0x1d70  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:34:28.0856 0x1d70  USBSTOR - ok

12:34:28.0878 0x1d70  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

12:34:28.0879 0x1d70  usbuhci - ok

12:34:28.0899 0x1d70  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

12:34:28.0902 0x1d70  UxSms - ok

12:34:28.0913 0x1d70  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe

12:34:28.0915 0x1d70  VaultSvc - ok

12:34:28.0924 0x1d70  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys

12:34:28.0926 0x1d70  vdrvroot - ok

12:34:28.0951 0x1d70  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe

12:34:28.0966 0x1d70  vds - ok

12:34:28.0990 0x1d70  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

12:34:28.0991 0x1d70  vga - ok

12:34:29.0011 0x1d70  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

12:34:29.0013 0x1d70  VgaSave - ok

12:34:29.0033 0x1d70  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys

12:34:29.0039 0x1d70  vhdmp - ok

12:34:29.0056 0x1d70  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys

12:34:29.0057 0x1d70  viaide - ok

12:34:29.0093 0x1d70  [ 85A0E62AC295B2958070EBF60CED22BC, ADF003642AF06D4CB092C713D96E48D2CEA47C4DC98EDD2E3AE9FFD1E09056E6 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

12:34:29.0096 0x1d70  VMAuthdService - ok

12:34:29.0115 0x1d70  [ CDAA992C18F3F3612444C818A478CF57, DFB8147511FFA5E7EF65D39E1C2EA96A4677D25D3C27A82F2EAB0B5D69851FBA ] vmci            C:\Windows\system32\drivers\vmci.sys

12:34:29.0118 0x1d70  vmci - ok

12:34:29.0142 0x1d70  [ EA9C266CD4B4BB7C7D818C1C27461959, 7BB10A905DF6F90A6A584700DAF2DC9A36CFE9CF5A67CAA408AEC81793C0320A ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys

12:34:29.0144 0x1d70  vmkbd - ok

12:34:29.0180 0x1d70  [ 9D54F1339E78C95BF3D9939EBCB66378, 99E29225443049B35E633BB7E709AC89B555F6A1EC5FAE075825A74F088FDC9A ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys

12:34:29.0181 0x1d70  VMnetAdapter - ok

12:34:29.0198 0x1d70  [ FB54EF3AA613D2832FD3812E7CB2FC75, 2D638EFE2E457C4F9B50AF49C7A0B0DA82A98FF10049C2E5DABE32B7E0BA2B23 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys

12:34:29.0200 0x1d70  VMnetBridge - ok

12:34:29.0215 0x1d70  VMnetDHCP - ok

12:34:29.0219 0x1d70  [ 479948EB42E189C076B45EBAF2D12BBC, 7DE4F6A8AFD2A40ECD9FCAA8900CA0D2988795366BC9A15BAF2BD7CB0825271C ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys

12:34:29.0220 0x1d70  VMnetuserif - ok

12:34:29.0266 0x1d70  [ 346AF8B2BE7E2E349B0FCA70C55CAC03, 480ADDB1BEC47D0D490B85B9E23F13126FDCC92792F1783E56C5FE9C8F17B20C ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe

12:34:29.0281 0x1d70  VMUSBArbService - ok

12:34:29.0288 0x1d70  VMware NAT Service - ok

12:34:29.0363 0x1d70  [ 05645D6651CA7A02298AAE475BBCAD6E, 9A66C24EDCD16B28286E449716EED1CFB47B117ECBB34BD8C32B6662764E7965 ] vmx86           C:\Windows\system32\drivers\vmx86.sys

12:34:29.0365 0x1d70  vmx86 - ok

12:34:29.0459 0x1d70  [ A96AFA32F73C065B9AE9D1554CDD00FC, 3EF9A03D1BD34D1991D35CD938050202F61EC7A0F2BD826671AA86B7EB452D45 ] VNA             C:\Windows\system32\DRIVERS\vna.sys

12:34:29.0463 0x1d70  VNA - ok

12:34:29.0549 0x1d70  [ 93F279A2C172562050700A18FA84BE2E, EBFB6C530B4AC714963D31B5D424E7AF2B7D2CA1CF3E455294BE1E56CC8A3A12 ] vncmirror       C:\Windows\system32\DRIVERS\vncmirror.sys

12:34:29.0550 0x1d70  vncmirror - ok

12:34:29.0936 0x1d70  [ E72BCD770F80FB526C3E6F54C19D97A1, 8E564C44F1B60C2A6E448695634E08BED5D51A2C1BD0D8BC7C77D77152B60B26 ] vncserver       C:\Program Files\RealVNC\VNC Server\vncserver.exe

12:34:30.0095 0x1d70  vncserver - ok

12:34:30.0130 0x1d70  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys

12:34:30.0132 0x1d70  volmgr - ok

12:34:30.0175 0x1d70  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

12:34:30.0184 0x1d70  volmgrx - ok

12:34:30.0228 0x1d70  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys

12:34:30.0234 0x1d70  volsnap - ok

12:34:30.0272 0x1d70  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

12:34:30.0276 0x1d70  vsmraid - ok

12:34:30.0354 0x1d70  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe

12:34:30.0432 0x1d70  VSS - ok

12:34:30.0452 0x1d70  [ 69F57E89E6EBC5012D210527AF005A70, 54E3452D778222A2EA4DE53394CFFF225156447FCCB9F2FDBD898CDE109C91C2 ] vstor2-ws60     C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys

12:34:30.0454 0x1d70  vstor2-ws60 - ok

12:34:30.0459 0x1d70  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

12:34:30.0461 0x1d70  vwifibus - ok

12:34:30.0482 0x1d70  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

12:34:30.0484 0x1d70  vwififlt - ok

12:34:30.0499 0x1d70  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

12:34:30.0500 0x1d70  vwifimp - ok

12:34:30.0527 0x1d70  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

12:34:30.0538 0x1d70  W32Time - ok

12:34:30.0555 0x1d70  WacHidRouter - ok

12:34:30.0570 0x1d70  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

12:34:30.0572 0x1d70  WacomPen - ok

12:34:30.0575 0x1d70  wacomrouterfilter - ok

12:34:30.0619 0x1d70  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

12:34:30.0622 0x1d70  WANARP - ok

12:34:30.0627 0x1d70  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

12:34:30.0629 0x1d70  Wanarpv6 - ok

12:34:30.0759 0x1d70  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

12:34:30.0806 0x1d70  WatAdminSvc - ok

12:34:30.0871 0x1d70  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe

12:34:30.0983 0x1d70  wbengine - ok

12:34:30.0995 0x1d70  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

12:34:31.0001 0x1d70  WbioSrvc - ok

12:34:31.0051 0x1d70  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll

12:34:31.0061 0x1d70  wcncsvc - ok

12:34:31.0079 0x1d70  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

12:34:31.0081 0x1d70  WcsPlugInService - ok

12:34:31.0101 0x1d70  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

12:34:31.0102 0x1d70  Wd - ok

12:34:31.0143 0x1d70  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

12:34:31.0159 0x1d70  Wdf01000 - ok

12:34:31.0166 0x1d70  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

12:34:31.0170 0x1d70  WdiServiceHost - ok

12:34:31.0175 0x1d70  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

12:34:31.0178 0x1d70  WdiSystemHost - ok

12:34:31.0198 0x1d70  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll

12:34:31.0205 0x1d70  WebClient - ok

12:34:31.0229 0x1d70  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

12:34:31.0236 0x1d70  Wecsvc - ok

12:34:31.0248 0x1d70  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

12:34:31.0251 0x1d70  wercplsupport - ok

12:34:31.0278 0x1d70  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

12:34:31.0282 0x1d70  WerSvc - ok

12:34:31.0316 0x1d70  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

12:34:31.0317 0x1d70  WfpLwf - ok

12:34:31.0333 0x1d70  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

12:34:31.0334 0x1d70  WIMMount - ok

12:34:31.0452 0x1d70  WinDefend - ok

12:34:31.0458 0x1d70  WinHttpAutoProxySvc - ok

12:34:31.0501 0x1d70  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

12:34:31.0508 0x1d70  Winmgmt - ok

12:34:31.0601 0x1d70  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll

12:34:31.0669 0x1d70  WinRM - ok

12:34:31.0756 0x1d70  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

12:34:31.0757 0x1d70  WinUsb - ok

12:34:31.0818 0x1d70  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

12:34:31.0851 0x1d70  Wlansvc - ok

12:34:31.0863 0x1d70  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

12:34:31.0864 0x1d70  WmiAcpi - ok

12:34:31.0892 0x1d70  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

12:34:31.0897 0x1d70  wmiApSrv - ok

12:34:31.0907 0x1d70  WMPNetworkSvc - ok

12:34:31.0921 0x1d70  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

12:34:31.0924 0x1d70  WPCSvc - ok

12:34:31.0942 0x1d70  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

12:34:31.0949 0x1d70  WPDBusEnum - ok

12:34:31.0973 0x1d70  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

12:34:31.0974 0x1d70  ws2ifsl - ok

12:34:32.0033 0x1d70  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys

12:34:32.0034 0x1d70  WsAudio_DeviceS(1) - ok

12:34:32.0116 0x1d70  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys

12:34:32.0117 0x1d70  WsAudio_DeviceS(2) - ok

12:34:32.0183 0x1d70  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys

12:34:32.0184 0x1d70  WsAudio_DeviceS(3) - ok

12:34:32.0231 0x1d70  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys

12:34:32.0232 0x1d70  WsAudio_DeviceS(4) - ok

12:34:32.0263 0x1d70  [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys

12:34:32.0264 0x1d70  WsAudio_DeviceS(5) - ok

12:34:32.0281 0x1d70  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll

12:34:32.0284 0x1d70  wscsvc - ok

12:34:32.0355 0x1d70  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

12:34:32.0356 0x1d70  WSDPrintDevice - ok

12:34:32.0360 0x1d70  WSearch - ok

12:34:32.0521 0x1d70  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

12:34:32.0645 0x1d70  wuauserv - ok

12:34:32.0668 0x1d70  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

12:34:32.0672 0x1d70  WudfPf - ok

12:34:32.0690 0x1d70  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

12:34:32.0695 0x1d70  WUDFRd - ok

12:34:32.0707 0x1d70  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

12:34:32.0711 0x1d70  wudfsvc - ok

12:34:32.0733 0x1d70  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll

12:34:32.0740 0x1d70  WwanSvc - ok

12:34:32.0775 0x1d70  ================ Scan global ===============================

12:34:32.0794 0x1d70  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

12:34:32.0859 0x1d70  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll

12:34:32.0872 0x1d70  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll

12:34:32.0897 0x1d70  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

12:34:32.0926 0x1d70  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

12:34:32.0934 0x1d70  [ Global ] - ok

12:34:32.0935 0x1d70  ================ Scan MBR ==================================

12:34:32.0939 0x1d70  [ D903658E313289C7E22A468124057BEC ] \Device\Harddisk0\DR0

12:34:33.0179 0x1d70  \Device\Harddisk0\DR0 - ok

12:34:33.0180 0x1d70  ================ Scan VBR ==================================

12:34:33.0182 0x1d70  [ A8175101DC1A4FD0CE3CBA36B179BDBD ] \Device\Harddisk0\DR0\Partition1

12:34:33.0254 0x1d70  \Device\Harddisk0\DR0\Partition1 - ok

12:34:33.0327 0x1d70  [ 203B0F144564E00C31A64AEAF073A9B0 ] \Device\Harddisk0\DR0\Partition2

12:34:33.0384 0x1d70  \Device\Harddisk0\DR0\Partition2 - ok

12:34:33.0386 0x1d70  [ 8278A5D4DF722D0BFC67532507348689 ] \Device\Harddisk0\DR0\Partition3

12:34:33.0388 0x1d70  \Device\Harddisk0\DR0\Partition3 - ok

12:34:33.0388 0x1d70  Waiting for KSN requests completion. In queue: 74

12:34:34.0388 0x1d70  Waiting for KSN requests completion. In queue: 74

12:34:35.0388 0x1d70  Waiting for KSN requests completion. In queue: 74

12:34:36.0388 0x1d70  Waiting for KSN requests completion. In queue: 74

12:34:37.0662 0x1d70  Win FW state via NFP2: enabled

12:34:40.0708 0x1d70  ============================================================

12:34:40.0708 0x1d70  Scan finished

12:34:40.0708 0x1d70  ============================================================

12:34:40.0717 0x1dec  Detected object count: 0

12:34:40.0717 0x1dec  Actual detected object count: 0

[Psychotic]

Fix with FRST (normal mode)

• Open notepad (Start =>All Programs => Accessories => Notepad).
• Please copy the entire contents of the code box below.
  (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
• Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.
  
  

  Coupon Printer for WindowsSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKLM - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdSearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKLM-x32 - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdSearchScopes: HKCU - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdC:\Users\Admin\AppData\Local\Temp\sibmqciTask: {031FFAB9-C56A-47A3-8966-C5579556E1EA} - System32\Tasks\Security Center Update - 2736065859 => C:\Users\Admin\AppData\Roaming\Wemygo\emitun.exe <==== ATTENTIONTask: {04C816CA-DF08-44ED-AD73-DC4EB9A7C787} - System32\Tasks\Security Center Update - 706396651 => C:\Users\Admin\AppData\Roaming\Zuubossy\tozeg.exe <==== ATTENTIONTask: {0B44194F-0C59-4420-935E-95298FEDD38C} - System32\Tasks\Security Center Update - 3411692055 => C:\Users\Admin\AppData\Roaming\Ucxocyp\ergik.exe <==== ATTENTIONTask: {11E39CAC-4FD5-4E0D-9B7D-902252F36104} - System32\Tasks\Security Center Update - 681099924 => C:\Users\Admin\AppData\Roaming\Qeekda\owpiif.exe <==== ATTENTIONTask: {1E0DBEE6-BDB7-40DB-BA1C-5D8C449A83E8} - System32\Tasks\Security Center Update - 1444189381 => C:\Users\Admin\AppData\Roaming\Dydixo\hyhoaqp.exe <==== ATTENTIONTask: {1F694312-4189-4FDE-B475-18F572BB4034} - System32\Tasks\Security Center Update - 3871434678 => C:\Users\Admin\AppData\Roaming\Itefsaq\affeyb.exe <==== ATTENTIONTask: {217BF03C-2115-4CF9-AC8D-C9CC974846EB} - System32\Tasks\Security Center Update - 3954953451 => C:\Users\Admin\AppData\Roaming\Vuuzwaak\reuxiqa.exe <==== ATTENTIONTask: {2D7B81D7-7763-4ECF-85FE-7BD6BC2047FA} - System32\Tasks\Security Center Update - 3944441187 => C:\Users\Admin\AppData\Roaming\Mafopym\fuewqe.exe <==== ATTENTIONTask: {3175C2C4-8B41-4A06-B620-8473B6508293} - System32\Tasks\Security Center Update - 1182235102 => C:\Users\Admin\AppData\Roaming\Wylaucu\ciuviz.exe <==== ATTENTIONTask: {31B731D8-AD8D-44C5-B8DD-DB1BE277462B} - System32\Tasks\Security Center Update - 1472345837 => C:\Users\Admin\AppData\Roaming\Ufukde\omixxi.exe <==== ATTENTIONTask: {3395C9A7-1AC3-49F6-BA5A-1C2D8AFB8EB1} - System32\Tasks\Security Center Update - 3395661542 => C:\Users\Admin\AppData\Roaming\Bezayrs\fautkib.exe <==== ATTENTIONTask: {380E10CF-6B07-4DE1-A374-FC9FF78485B8} - System32\Tasks\Security Center Update - 3115137963 => C:\Users\Admin\AppData\Roaming\Erulzu\iwxio.exe <==== ATTENTIONTask: {5493430C-0D47-4B3D-B639-B2BEB7499755} - System32\Tasks\Security Center Update - 1176687730 => C:\Users\Admin\AppData\Roaming\Latayt\veusot.exe <==== ATTENTIONTask: {5530497B-85B7-48BE-8236-3A5C484BFA40} - System32\Tasks\Security Center Update - 1241623169 => C:\Users\Admin\AppData\Roaming\Ywocykb\oxmuo.exe <==== ATTENTIONTask: {584859CA-3CBB-4BD4-BC50-7F80A5AA737E} - System32\Tasks\Security Center Update - 2758105530 => C:\Users\Admin\AppData\Roaming\Kiuvudew\uvzuaco.exe <==== ATTENTIONTask: {625E6E49-8D4C-4E8A-AE0C-1C8CA2C4548D} - System32\Tasks\Security Center Update - 3610152834 => C:\Users\Admin\AppData\Roaming\Aculhocu\fazyox.exe <==== ATTENTIONTask: {62DCB956-1B70-4963-8954-05CCEE7C59EA} - System32\Tasks\Security Center Update - 2275076264 => C:\Users\Admin\AppData\Roaming\Gahibixy\anyvi.exe <==== ATTENTIONTask: {63FC893B-9F78-4EFB-986C-A98AFFFA0E58} - System32\Tasks\Security Center Update - 1378894183 => C:\Users\Admin\AppData\Roaming\Itxigavo\tayccie.exe <==== ATTENTIONTask: {65A7EEFF-95A7-4AFF-9EB7-768D7FAF7566} - System32\Tasks\Security Center Update - 3721701206 => C:\Users\Admin\AppData\Roaming\Gaecalax\daomezk.exe <==== ATTENTIONTask: {65CAC0C5-43BC-4151-8B02-F17249EE96FB} - System32\Tasks\Security Center Update - 1633832563 => C:\Users\Admin\AppData\Roaming\Oluzegb\tixemio.exe <==== ATTENTIONTask: {6A603FD4-02CA-4DBB-BC1E-3E718E199985} - System32\Tasks\Security Center Update - 4272621193 => C:\Users\Admin\AppData\Roaming\Feycvoem\laudiq.exe <==== ATTENTIONTask: {6B76181A-50FC-42E4-B73D-1DE918A5B46E} - System32\Tasks\Security Center Update - 8649554 => C:\Users\Admin\AppData\Roaming\Yvodloy\ytvyu.exe <==== ATTENTIONTask: {6F53B3B8-54A4-4E97-B577-7190FA764C46} - System32\Tasks\Security Center Update - 3329014062 => C:\Users\Admin\AppData\Roaming\Megepi\ygdot.exe <==== ATTENTIONTask: {7710C820-7094-47A7-8199-A2172F87AAA5} - System32\Tasks\Security Center Update - 1749041498 => C:\Users\Admin\AppData\Roaming\Olnifidu\abaxylg.exe <==== ATTENTIONTask: {792AC7E5-A494-4C2A-A5D1-BFCB841344B7} - System32\Tasks\Security Center Update - 1296942126 => C:\Users\Admin\AppData\Roaming\Evezozug\elefs.exe <==== ATTENTIONTask: {7A1C43B0-1831-4E9F-A06A-F66EF23804BB} - System32\Tasks\Security Center Update - 1629852788 => C:\Users\Admin\AppData\Roaming\Voykvyah\vyeppe.exe <==== ATTENTIONTask: {8434DDB8-4424-4023-BA5E-34FE794369E0} - System32\Tasks\Security Center Update - 2099076786 => C:\Users\Admin\AppData\Roaming\Ruhoge\wyywci.exe <==== ATTENTIONTask: {8A12E498-4B32-4AB4-8E8F-8C10A239FCC3} - System32\Tasks\Security Center Update - 815855698 => C:\Users\Admin\AppData\Roaming\Irnomee\urbuo.exe <==== ATTENTIONTask: {8A1895E6-5904-4BEF-A46F-672D6C5DE0B6} - System32\Tasks\Security Center Update - 2342533223 => C:\Users\Admin\AppData\Roaming\Eldiyx\erviy.exe <==== ATTENTIONTask: {8A314A3C-C13C-4B84-965F-089A818A098D} - System32\Tasks\Security Center Update - 677259027 => C:\Users\Admin\AppData\Roaming\Axqyukb\divyogr.exe <==== ATTENTIONTask: {8CB5855D-608D-4213-B292-AC14CC577B1B} - System32\Tasks\Security Center Update - 805193728 => C:\Users\Admin\AppData\Roaming\Huotoz\hicee.exe <==== ATTENTIONTask: {8E9E2C72-BAEE-4A38-A472-06AA84B23D2C} - System32\Tasks\Security Center Update - 3370276355 => C:\Users\Admin\AppData\Roaming\Enypsage\voxaed.exe <==== ATTENTIONTask: {9575D23A-4CF7-4678-8141-FCC52A5DAFF6} - System32\Tasks\GreatArcadeHits => C:\Users\Admin\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTIONTask: {9A600629-3026-48FA-928B-299BB74CC9DB} - System32\Tasks\Security Center Update - 2827265108 => C:\Users\Admin\AppData\Roaming\Dairycz\puloog.exe <==== ATTENTIONTask: {9DF006EC-76DE-40CF-B8E0-1098824719BC} - System32\Tasks\Security Center Update - 2721507468 => C:\Users\Admin\AppData\Roaming\Uqnuertu\odipa.exe <==== ATTENTIONTask: {A9A2D1A9-FCE6-4018-A16C-7ECF6861FEE3} - System32\Tasks\Security Center Update - 1811950257 => C:\Users\Admin\AppData\Roaming\Ymboyny\ytzuuk.exe <==== ATTENTIONTask: {ADEDDD9E-892B-4DF1-9F74-E61A0FEC0251} - System32\Tasks\Security Center Update - 4092694008 => C:\Users\Admin\AppData\Roaming\Faisyro\angyyqy.exe <==== ATTENTIONTask: {AF03992B-9F81-4ACD-861B-BCA78B4326B8} - System32\Tasks\Security Center Update - 520819304 => C:\Users\Admin\AppData\Roaming\Guubnu\innyalc.exe <==== ATTENTIONTask: {AF1D32E5-3875-4365-AD08-2A9A99F3249F} - System32\Tasks\Security Center Update - 4189867309 => C:\Users\Admin\AppData\Roaming\Vomafa\yspupe.exe <==== ATTENTIONTask: {B031BCA8-E333-4283-9490-DCC6F1A3C9FF} - System32\Tasks\Security Center Update - 3440882438 => C:\Users\Admin\AppData\Roaming\Ihzoolv\ebzunoi.exe <==== ATTENTIONTask: {B0D60E3A-0FC2-4BA7-85CF-60C82CBD942E} - System32\Tasks\Security Center Update - 4112005159 => C:\Users\Admin\AppData\Roaming\Uvylyhi\fyyku.exe <==== ATTENTIONTask: {BD47F682-E518-4ECB-B217-93E2DCB52F2D} - System32\Tasks\Security Center Update - 385443552 => C:\Users\Admin\AppData\Roaming\Avwuofo\enyto.exe <==== ATTENTIONTask: {C1E42295-68A4-44CC-BB0F-24A4DF2AE3BC} - System32\Tasks\Security Center Update - 3920828216 => C:\Users\Admin\AppData\Roaming\Avvake\riaqpa.exe <==== ATTENTIONTask: {C29B208A-458C-4B14-9FCE-805DB98A425E} - System32\Tasks\Security Center Update - 4288038319 => C:\Users\Admin\AppData\Roaming\Curuqiy\awizyzk.exe <==== ATTENTIONTask: {C44410DC-BBED-4F29-8767-32AAE0F79756} - System32\Tasks\Security Center Update - 1431152682 => C:\Users\Admin\AppData\Roaming\Orylbau\ursezi.exe <==== ATTENTIONTask: {D5D4DEA0-C304-4E18-A9EA-7C4764DEDF21} - System32\Tasks\Security Center Update - 409024435 => C:\Users\Admin\AppData\Roaming\Uwabru\rezox.exe <==== ATTENTIONTask: {D7EAA01D-8452-4710-8D01-636DF30A6557} - System32\Tasks\Security Center Update - 1568841979 => C:\Users\Admin\AppData\Roaming\Dykimoyr\heoka.exe <==== ATTENTIONTask: {DA366A8F-080C-42CC-99A3-378DA65C53FF} - System32\Tasks\Security Center Update - 4146477803 => C:\Users\Admin\AppData\Roaming\Umxiguk\exwupa.exe <==== ATTENTIONTask: {E160177E-34E1-419C-AD1F-69CD0B8BB8DF} - System32\Tasks\Security Center Update - 2948294779 => C:\Users\Admin\AppData\Roaming\Izasny\osirq.exe <==== ATTENTIONTask: {E4CE7562-2209-4D74-AD01-0D0FD6EF5E49} - System32\Tasks\Security Center Update - 4258391513 => C:\Users\Admin\AppData\Roaming\Sexilog\xipesio.exe <==== ATTENTIONTask: {E5BF1E26-B8DB-494E-9061-1F9DA0C18A7F} - System32\Tasks\Security Center Update - 143572091 => C:\Users\Admin\AppData\Roaming\Ezkuiqyf\xoimor.exe <==== ATTENTIONTask: {E7EEECF8-21E5-4F98-803A-057497F62F95} - System32\Tasks\Security Center Update - 2425075436 => C:\Users\Admin\AppData\Roaming\Yblyucda\daneevb.exe <==== ATTENTIONTask: {EB8B3792-2A74-4AD3-A0D6-E204B7419D37} - System32\Tasks\Security Center Update - 2072771277 => C:\Users\Admin\AppData\Roaming\Ixyspyso\fidur.exe <==== ATTENTIONTask: {F4E0EC49-BB40-470A-9CCC-0A24664A3985} - System32\Tasks\Security Center Update - 3136454316 => C:\Users\Admin\AppData\Roaming\Atrevep\zapavub.exe <==== ATTENTIONTask: {F7A3D736-1079-420D-9B4D-052269BE670E} - System32\Tasks\Security Center Update - 1186133018 => C:\Users\Admin\AppData\Roaming\Pouvbiwi\unoqmey.exe <==== ATTENTIONTask: {FA01DE43-0BD5-4FDD-ADA0-C1D09CB034AF} - System32\Tasks\Security Center Update - 305974073 => C:\Users\Admin\AppData\Roaming\Teurro\orvycui.exe <==== ATTENTIONTask: {FBAF9B04-55EB-4AAA-BFDC-8C6A84477AC2} - System32\Tasks\Security Center Update - 4133871898 => C:\Users\Admin\AppData\Roaming\Asgyab\awaqc.exe <==== ATTENTIONC:\Users\Admin\AppData\Roaming\WemygoC:\Users\Admin\AppData\Roaming\ZuubossyC:\Users\Admin\AppData\Roaming\UcxocypC:\Users\Admin\AppData\Roaming\QeekdaC:\Users\Admin\AppData\Roaming\DydixoC:\Users\Admin\AppData\Roaming\ItefsaqC:\Users\Admin\AppData\Roaming\VuuzwaakC:\Users\Admin\AppData\Roaming\MafopymC:\Users\Admin\AppData\Roaming\WylaucuC:\Users\Admin\AppData\Roaming\UfukdeC:\Users\Admin\AppData\Roaming\BezayrsC:\Users\Admin\AppData\Roaming\ErulzuC:\Users\Admin\AppData\Roaming\LataytC:\Users\Admin\AppData\Roaming\YwocykbC:\Users\Admin\AppData\Roaming\KiuvudewC:\Users\Admin\AppData\Roaming\AculhocuC:\Users\Admin\AppData\Roaming\GahibixyC:\Users\Admin\AppData\Roaming\ItxigavoC:\Users\Admin\AppData\Roaming\GaecalaxC:\Users\Admin\AppData\Roaming\OluzegbC:\Users\Admin\AppData\Roaming\FeycvoemC:\Users\Admin\AppData\Roaming\YvodloyC:\Users\Admin\AppData\Roaming\MegepiC:\Users\Admin\AppData\Roaming\OlnifiduC:\Users\Admin\AppData\Roaming\EvezozugC:\Users\Admin\AppData\Roaming\VoykvyahC:\Users\Admin\AppData\Roaming\RuhogeC:\Users\Admin\AppData\Roaming\IrnomeeC:\Users\Admin\AppData\Roaming\EldiyxC:\Users\Admin\AppData\Roaming\AxqyukbC:\Users\Admin\AppData\Roaming\HuotozC:\Users\Admin\AppData\Roaming\EnypsageC:\Users\Admin\AppData\Local\GreatArcadeHitsC:\Users\Admin\AppData\Roaming\DairyczC:\Users\Admin\AppData\Roaming\UqnuertuC:\Users\Admin\AppData\Roaming\YmboynyC:\Users\Admin\AppData\Roaming\FaisyroC:\Users\Admin\AppData\Roaming\GuubnuC:\Users\Admin\AppData\Roaming\VomafaC:\Users\Admin\AppData\Roaming\IhzoolvC:\Users\Admin\AppData\Roaming\UvylyhiC:\Users\Admin\AppData\Roaming\AvwuofoC:\Users\Admin\AppData\Roaming\AvvakeC:\Users\Admin\AppData\Roaming\CuruqiyC:\Users\Admin\AppData\Roaming\OrylbauC:\Users\Admin\AppData\Roaming\UwabruC:\Users\Admin\AppData\Roaming\DykimoyrC:\Users\Admin\AppData\Roaming\UmxigukC:\Users\Admin\AppData\Roaming\IzasnyC:\Users\Admin\AppData\Roaming\SexilogC:\Users\Admin\AppData\Roaming\EzkuiqyfC:\Users\Admin\AppData\Roaming\YblyucdaC:\Users\Admin\AppData\Roaming\IxyspysoC:\Users\Admin\AppData\Roaming\AtrevepC:\Users\Admin\AppData\Roaming\PouvbiwiC:\Users\Admin\AppData\Roaming\TeurroC:\Users\Admin\AppData\Roaming\Asgyab

  NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
• Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
• The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.
  

 

 

 

Full System Scan with Malwarebytes Antimalware

• 
  If not existing, please download

Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

• Run Malwarebytes Antimalware
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When completed, a log will open in Notepad. Please save it to a convenient location.
• The log can also be found here:
  C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
• Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
• Post that log back here.
  

[dougfy]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014

Ran by Admin at 2014-03-23 13:17:21 Run:2

Running from C:\Users\Admin\Downloads

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Coupon Printer for Windows

 

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM-x32 - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

SearchScopes: HKCU - {C26F3951-C36D-4656-9D34-0EE833F2FCD3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

 

C:\Users\Admin\AppData\Local\Temp\sibmqci

 

Task: {031FFAB9-C56A-47A3-8966-C5579556E1EA} - System32\Tasks\Security Center Update - 2736065859 => C:\Users\Admin\AppData\Roaming\Wemygo\emitun.exe <==== ATTENTION

Task: {04C816CA-DF08-44ED-AD73-DC4EB9A7C787} - System32\Tasks\Security Center Update - 706396651 => C:\Users\Admin\AppData\Roaming\Zuubossy\tozeg.exe <==== ATTENTION

Task: {0B44194F-0C59-4420-935E-95298FEDD38C} - System32\Tasks\Security Center Update - 3411692055 => C:\Users\Admin\AppData\Roaming\Ucxocyp\ergik.exe <==== ATTENTION

Task: {11E39CAC-4FD5-4E0D-9B7D-902252F36104} - System32\Tasks\Security Center Update - 681099924 => C:\Users\Admin\AppData\Roaming\Qeekda\owpiif.exe <==== ATTENTION

Task: {1E0DBEE6-BDB7-40DB-BA1C-5D8C449A83E8} - System32\Tasks\Security Center Update - 1444189381 => C:\Users\Admin\AppData\Roaming\Dydixo\hyhoaqp.exe <==== ATTENTION

Task: {1F694312-4189-4FDE-B475-18F572BB4034} - System32\Tasks\Security Center Update - 3871434678 => C:\Users\Admin\AppData\Roaming\Itefsaq\affeyb.exe <==== ATTENTION

Task: {217BF03C-2115-4CF9-AC8D-C9CC974846EB} - System32\Tasks\Security Center Update - 3954953451 => C:\Users\Admin\AppData\Roaming\Vuuzwaak\reuxiqa.exe <==== ATTENTION

Task: {2D7B81D7-7763-4ECF-85FE-7BD6BC2047FA} - System32\Tasks\Security Center Update - 3944441187 => C:\Users\Admin\AppData\Roaming\Mafopym\fuewqe.exe <==== ATTENTION

Task: {3175C2C4-8B41-4A06-B620-8473B6508293} - System32\Tasks\Security Center Update - 1182235102 => C:\Users\Admin\AppData\Roaming\Wylaucu\ciuviz.exe <==== ATTENTION

Task: {31B731D8-AD8D-44C5-B8DD-DB1BE277462B} - System32\Tasks\Security Center Update - 1472345837 => C:\Users\Admin\AppData\Roaming\Ufukde\omixxi.exe <==== ATTENTION

Task: {3395C9A7-1AC3-49F6-BA5A-1C2D8AFB8EB1} - System32\Tasks\Security Center Update - 3395661542 => C:\Users\Admin\AppData\Roaming\Bezayrs\fautkib.exe <==== ATTENTION

Task: {380E10CF-6B07-4DE1-A374-FC9FF78485B8} - System32\Tasks\Security Center Update - 3115137963 => C:\Users\Admin\AppData\Roaming\Erulzu\iwxio.exe <==== ATTENTION

Task: {5493430C-0D47-4B3D-B639-B2BEB7499755} - System32\Tasks\Security Center Update - 1176687730 => C:\Users\Admin\AppData\Roaming\Latayt\veusot.exe <==== ATTENTION

Task: {5530497B-85B7-48BE-8236-3A5C484BFA40} - System32\Tasks\Security Center Update - 1241623169 => C:\Users\Admin\AppData\Roaming\Ywocykb\oxmuo.exe <==== ATTENTION

Task: {584859CA-3CBB-4BD4-BC50-7F80A5AA737E} - System32\Tasks\Security Center Update - 2758105530 => C:\Users\Admin\AppData\Roaming\Kiuvudew\uvzuaco.exe <==== ATTENTION

Task: {625E6E49-8D4C-4E8A-AE0C-1C8CA2C4548D} - System32\Tasks\Security Center Update - 3610152834 => C:\Users\Admin\AppData\Roaming\Aculhocu\fazyox.exe <==== ATTENTION

Task: {62DCB956-1B70-4963-8954-05CCEE7C59EA} - System32\Tasks\Security Center Update - 2275076264 => C:\Users\Admin\AppData\Roaming\Gahibixy\anyvi.exe <==== ATTENTION

Task: {63FC893B-9F78-4EFB-986C-A98AFFFA0E58} - System32\Tasks\Security Center Update - 1378894183 => C:\Users\Admin\AppData\Roaming\Itxigavo\tayccie.exe <==== ATTENTION

Task: {65A7EEFF-95A7-4AFF-9EB7-768D7FAF7566} - System32\Tasks\Security Center Update - 3721701206 => C:\Users\Admin\AppData\Roaming\Gaecalax\daomezk.exe <==== ATTENTION

Task: {65CAC0C5-43BC-4151-8B02-F17249EE96FB} - System32\Tasks\Security Center Update - 1633832563 => C:\Users\Admin\AppData\Roaming\Oluzegb\tixemio.exe <==== ATTENTION

Task: {6A603FD4-02CA-4DBB-BC1E-3E718E199985} - System32\Tasks\Security Center Update - 4272621193 => C:\Users\Admin\AppData\Roaming\Feycvoem\laudiq.exe <==== ATTENTION

Task: {6B76181A-50FC-42E4-B73D-1DE918A5B46E} - System32\Tasks\Security Center Update - 8649554 => C:\Users\Admin\AppData\Roaming\Yvodloy\ytvyu.exe <==== ATTENTION

Task: {6F53B3B8-54A4-4E97-B577-7190FA764C46} - System32\Tasks\Security Center Update - 3329014062 => C:\Users\Admin\AppData\Roaming\Megepi\ygdot.exe <==== ATTENTION

Task: {7710C820-7094-47A7-8199-A2172F87AAA5} - System32\Tasks\Security Center Update - 1749041498 => C:\Users\Admin\AppData\Roaming\Olnifidu\abaxylg.exe <==== ATTENTION

Task: {792AC7E5-A494-4C2A-A5D1-BFCB841344B7} - System32\Tasks\Security Center Update - 1296942126 => C:\Users\Admin\AppData\Roaming\Evezozug\elefs.exe <==== ATTENTION

Task: {7A1C43B0-1831-4E9F-A06A-F66EF23804BB} - System32\Tasks\Security Center Update - 1629852788 => C:\Users\Admin\AppData\Roaming\Voykvyah\vyeppe.exe <==== ATTENTION

Task: {8434DDB8-4424-4023-BA5E-34FE794369E0} - System32\Tasks\Security Center Update - 2099076786 => C:\Users\Admin\AppData\Roaming\Ruhoge\wyywci.exe <==== ATTENTION

Task: {8A12E498-4B32-4AB4-8E8F-8C10A239FCC3} - System32\Tasks\Security Center Update - 815855698 => C:\Users\Admin\AppData\Roaming\Irnomee\urbuo.exe <==== ATTENTION

Task: {8A1895E6-5904-4BEF-A46F-672D6C5DE0B6} - System32\Tasks\Security Center Update - 2342533223 => C:\Users\Admin\AppData\Roaming\Eldiyx\erviy.exe <==== ATTENTION

Task: {8A314A3C-C13C-4B84-965F-089A818A098D} - System32\Tasks\Security Center Update - 677259027 => C:\Users\Admin\AppData\Roaming\Axqyukb\divyogr.exe <==== ATTENTION

Task: {8CB5855D-608D-4213-B292-AC14CC577B1B} - System32\Tasks\Security Center Update - 805193728 => C:\Users\Admin\AppData\Roaming\Huotoz\hicee.exe <==== ATTENTION

Task: {8E9E2C72-BAEE-4A38-A472-06AA84B23D2C} - System32\Tasks\Security Center Update - 3370276355 => C:\Users\Admin\AppData\Roaming\Enypsage\voxaed.exe <==== ATTENTION

Task: {9575D23A-4CF7-4678-8141-FCC52A5DAFF6} - System32\Tasks\GreatArcadeHits => C:\Users\Admin\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION

Task: {9A600629-3026-48FA-928B-299BB74CC9DB} - System32\Tasks\Security Center Update - 2827265108 => C:\Users\Admin\AppData\Roaming\Dairycz\puloog.exe <==== ATTENTION

Task: {9DF006EC-76DE-40CF-B8E0-1098824719BC} - System32\Tasks\Security Center Update - 2721507468 => C:\Users\Admin\AppData\Roaming\Uqnuertu\odipa.exe <==== ATTENTION

Task: {A9A2D1A9-FCE6-4018-A16C-7ECF6861FEE3} - System32\Tasks\Security Center Update - 1811950257 => C:\Users\Admin\AppData\Roaming\Ymboyny\ytzuuk.exe <==== ATTENTION

Task: {ADEDDD9E-892B-4DF1-9F74-E61A0FEC0251} - System32\Tasks\Security Center Update - 4092694008 => C:\Users\Admin\AppData\Roaming\Faisyro\angyyqy.exe <==== ATTENTION

Task: {AF03992B-9F81-4ACD-861B-BCA78B4326B8} - System32\Tasks\Security Center Update - 520819304 => C:\Users\Admin\AppData\Roaming\Guubnu\innyalc.exe <==== ATTENTION

Task: {AF1D32E5-3875-4365-AD08-2A9A99F3249F} - System32\Tasks\Security Center Update - 4189867309 => C:\Users\Admin\AppData\Roaming\Vomafa\yspupe.exe <==== ATTENTION

Task: {B031BCA8-E333-4283-9490-DCC6F1A3C9FF} - System32\Tasks\Security Center Update - 3440882438 => C:\Users\Admin\AppData\Roaming\Ihzoolv\ebzunoi.exe <==== ATTENTION

Task: {B0D60E3A-0FC2-4BA7-85CF-60C82CBD942E} - System32\Tasks\Security Center Update - 4112005159 => C:\Users\Admin\AppData\Roaming\Uvylyhi\fyyku.exe <==== ATTENTION

Task: {BD47F682-E518-4ECB-B217-93E2DCB52F2D} - System32\Tasks\Security Center Update - 385443552 => C:\Users\Admin\AppData\Roaming\Avwuofo\enyto.exe <==== ATTENTION

Task: {C1E42295-68A4-44CC-BB0F-24A4DF2AE3BC} - System32\Tasks\Security Center Update - 3920828216 => C:\Users\Admin\AppData\Roaming\Avvake\riaqpa.exe <==== ATTENTION

Task: {C29B208A-458C-4B14-9FCE-805DB98A425E} - System32\Tasks\Security Center Update - 4288038319 => C:\Users\Admin\AppData\Roaming\Curuqiy\awizyzk.exe <==== ATTENTION

Task: {C44410DC-BBED-4F29-8767-32AAE0F79756} - System32\Tasks\Security Center Update - 1431152682 => C:\Users\Admin\AppData\Roaming\Orylbau\ursezi.exe <==== ATTENTION

Task: {D5D4DEA0-C304-4E18-A9EA-7C4764DEDF21} - System32\Tasks\Security Center Update - 409024435 => C:\Users\Admin\AppData\Roaming\Uwabru\rezox.exe <==== ATTENTION

Task: {D7EAA01D-8452-4710-8D01-636DF30A6557} - System32\Tasks\Security Center Update - 1568841979 => C:\Users\Admin\AppData\Roaming\Dykimoyr\heoka.exe <==== ATTENTION

Task: {DA366A8F-080C-42CC-99A3-378DA65C53FF} - System32\Tasks\Security Center Update - 4146477803 => C:\Users\Admin\AppData\Roaming\Umxiguk\exwupa.exe <==== ATTENTION

Task: {E160177E-34E1-419C-AD1F-69CD0B8BB8DF} - System32\Tasks\Security Center Update - 2948294779 => C:\Users\Admin\AppData\Roaming\Izasny\osirq.exe <==== ATTENTION

Task: {E4CE7562-2209-4D74-AD01-0D0FD6EF5E49} - System32\Tasks\Security Center Update - 4258391513 => C:\Users\Admin\AppData\Roaming\Sexilog\xipesio.exe <==== ATTENTION

Task: {E5BF1E26-B8DB-494E-9061-1F9DA0C18A7F} - System32\Tasks\Security Center Update - 143572091 => C:\Users\Admin\AppData\Roaming\Ezkuiqyf\xoimor.exe <==== ATTENTION

Task: {E7EEECF8-21E5-4F98-803A-057497F62F95} - System32\Tasks\Security Center Update - 2425075436 => C:\Users\Admin\AppData\Roaming\Yblyucda\daneevb.exe <==== ATTENTION

Task: {EB8B3792-2A74-4AD3-A0D6-E204B7419D37} - System32\Tasks\Security Center Update - 2072771277 => C:\Users\Admin\AppData\Roaming\Ixyspyso\fidur.exe <==== ATTENTION

Task: {F4E0EC49-BB40-470A-9CCC-0A24664A3985} - System32\Tasks\Security Center Update - 3136454316 => C:\Users\Admin\AppData\Roaming\Atrevep\zapavub.exe <==== ATTENTION

Task: {F7A3D736-1079-420D-9B4D-052269BE670E} - System32\Tasks\Security Center Update - 1186133018 => C:\Users\Admin\AppData\Roaming\Pouvbiwi\unoqmey.exe <==== ATTENTION

Task: {FA01DE43-0BD5-4FDD-ADA0-C1D09CB034AF} - System32\Tasks\Security Center Update - 305974073 => C:\Users\Admin\AppData\Roaming\Teurro\orvycui.exe <==== ATTENTION

Task: {FBAF9B04-55EB-4AAA-BFDC-8C6A84477AC2} - System32\Tasks\Security Center Update - 4133871898 => C:\Users\Admin\AppData\Roaming\Asgyab\awaqc.exe <==== ATTENTION

 

C:\Users\Admin\AppData\Roaming\Wemygo

C:\Users\Admin\AppData\Roaming\Zuubossy

C:\Users\Admin\AppData\Roaming\Ucxocyp

C:\Users\Admin\AppData\Roaming\Qeekda

C:\Users\Admin\AppData\Roaming\Dydixo

C:\Users\Admin\AppData\Roaming\Itefsaq

C:\Users\Admin\AppData\Roaming\Vuuzwaak

C:\Users\Admin\AppData\Roaming\Mafopym

C:\Users\Admin\AppData\Roaming\Wylaucu

C:\Users\Admin\AppData\Roaming\Ufukde

C:\Users\Admin\AppData\Roaming\Bezayrs

C:\Users\Admin\AppData\Roaming\Erulzu

C:\Users\Admin\AppData\Roaming\Latayt

C:\Users\Admin\AppData\Roaming\Ywocykb

C:\Users\Admin\AppData\Roaming\Kiuvudew

C:\Users\Admin\AppData\Roaming\Aculhocu

C:\Users\Admin\AppData\Roaming\Gahibixy

C:\Users\Admin\AppData\Roaming\Itxigavo

C:\Users\Admin\AppData\Roaming\Gaecalax

C:\Users\Admin\AppData\Roaming\Oluzegb

C:\Users\Admin\AppData\Roaming\Feycvoem

C:\Users\Admin\AppData\Roaming\Yvodloy

C:\Users\Admin\AppData\Roaming\Megepi

C:\Users\Admin\AppData\Roaming\Olnifidu

C:\Users\Admin\AppData\Roaming\Evezozug

C:\Users\Admin\AppData\Roaming\Voykvyah

C:\Users\Admin\AppData\Roaming\Ruhoge

C:\Users\Admin\AppData\Roaming\Irnomee

C:\Users\Admin\AppData\Roaming\Eldiyx

C:\Users\Admin\AppData\Roaming\Axqyukb

C:\Users\Admin\AppData\Roaming\Huotoz

C:\Users\Admin\AppData\Roaming\Enypsage

C:\Users\Admin\AppData\Local\GreatArcadeHits

C:\Users\Admin\AppData\Roaming\Dairycz

C:\Users\Admin\AppData\Roaming\Uqnuertu

C:\Users\Admin\AppData\Roaming\Ymboyny

C:\Users\Admin\AppData\Roaming\Faisyro

C:\Users\Admin\AppData\Roaming\Guubnu

C:\Users\Admin\AppData\Roaming\Vomafa

C:\Users\Admin\AppData\Roaming\Ihzoolv

C:\Users\Admin\AppData\Roaming\Uvylyhi

C:\Users\Admin\AppData\Roaming\Avwuofo

C:\Users\Admin\AppData\Roaming\Avvake

C:\Users\Admin\AppData\Roaming\Curuqiy

C:\Users\Admin\AppData\Roaming\Orylbau

C:\Users\Admin\AppData\Roaming\Uwabru

C:\Users\Admin\AppData\Roaming\Dykimoyr

C:\Users\Admin\AppData\Roaming\Umxiguk

C:\Users\Admin\AppData\Roaming\Izasny

C:\Users\Admin\AppData\Roaming\Sexilog

C:\Users\Admin\AppData\Roaming\Ezkuiqyf

C:\Users\Admin\AppData\Roaming\Yblyucda

C:\Users\Admin\AppData\Roaming\Ixyspyso

C:\Users\Admin\AppData\Roaming\Atrevep

C:\Users\Admin\AppData\Roaming\Pouvbiwi

C:\Users\Admin\AppData\Roaming\Teurro

C:\Users\Admin\AppData\Roaming\Asgyab

*****************

 

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C26F3951-C36D-4656-9D34-0EE833F2FCD3} => Key deleted successfully.

HKCR\CLSID\{C26F3951-C36D-4656-9D34-0EE833F2FCD3} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{C26F3951-C36D-4656-9D34-0EE833F2FCD3} => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{C26F3951-C36D-4656-9D34-0EE833F2FCD3} => Key not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C26F3951-C36D-4656-9D34-0EE833F2FCD3} => Key deleted successfully.

HKCR\CLSID\{C26F3951-C36D-4656-9D34-0EE833F2FCD3} => Key not found.

C:\Users\Admin\AppData\Local\Temp\sibmqci => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{031FFAB9-C56A-47A3-8966-C5579556E1EA} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{031FFAB9-C56A-47A3-8966-C5579556E1EA} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2736065859 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2736065859 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04C816CA-DF08-44ED-AD73-DC4EB9A7C787} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04C816CA-DF08-44ED-AD73-DC4EB9A7C787} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 706396651 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 706396651 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B44194F-0C59-4420-935E-95298FEDD38C} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B44194F-0C59-4420-935E-95298FEDD38C} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3411692055 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3411692055 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11E39CAC-4FD5-4E0D-9B7D-902252F36104} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11E39CAC-4FD5-4E0D-9B7D-902252F36104} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 681099924 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 681099924 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E0DBEE6-BDB7-40DB-BA1C-5D8C449A83E8} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E0DBEE6-BDB7-40DB-BA1C-5D8C449A83E8} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1444189381 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1444189381 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F694312-4189-4FDE-B475-18F572BB4034} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F694312-4189-4FDE-B475-18F572BB4034} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3871434678 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3871434678 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{217BF03C-2115-4CF9-AC8D-C9CC974846EB} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217BF03C-2115-4CF9-AC8D-C9CC974846EB} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3954953451 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3954953451 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D7B81D7-7763-4ECF-85FE-7BD6BC2047FA} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D7B81D7-7763-4ECF-85FE-7BD6BC2047FA} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3944441187 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3944441187 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3175C2C4-8B41-4A06-B620-8473B6508293} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3175C2C4-8B41-4A06-B620-8473B6508293} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1182235102 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1182235102 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31B731D8-AD8D-44C5-B8DD-DB1BE277462B} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31B731D8-AD8D-44C5-B8DD-DB1BE277462B} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1472345837 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1472345837 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3395C9A7-1AC3-49F6-BA5A-1C2D8AFB8EB1} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3395C9A7-1AC3-49F6-BA5A-1C2D8AFB8EB1} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3395661542 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3395661542 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{380E10CF-6B07-4DE1-A374-FC9FF78485B8} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{380E10CF-6B07-4DE1-A374-FC9FF78485B8} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3115137963 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3115137963 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5493430C-0D47-4B3D-B639-B2BEB7499755} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5493430C-0D47-4B3D-B639-B2BEB7499755} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1176687730 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1176687730 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5530497B-85B7-48BE-8236-3A5C484BFA40} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5530497B-85B7-48BE-8236-3A5C484BFA40} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1241623169 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1241623169 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{584859CA-3CBB-4BD4-BC50-7F80A5AA737E} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{584859CA-3CBB-4BD4-BC50-7F80A5AA737E} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2758105530 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2758105530 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{625E6E49-8D4C-4E8A-AE0C-1C8CA2C4548D} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{625E6E49-8D4C-4E8A-AE0C-1C8CA2C4548D} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3610152834 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3610152834 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62DCB956-1B70-4963-8954-05CCEE7C59EA} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62DCB956-1B70-4963-8954-05CCEE7C59EA} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2275076264 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2275076264 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63FC893B-9F78-4EFB-986C-A98AFFFA0E58} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63FC893B-9F78-4EFB-986C-A98AFFFA0E58} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1378894183 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1378894183 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65A7EEFF-95A7-4AFF-9EB7-768D7FAF7566} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65A7EEFF-95A7-4AFF-9EB7-768D7FAF7566} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3721701206 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3721701206 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65CAC0C5-43BC-4151-8B02-F17249EE96FB} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65CAC0C5-43BC-4151-8B02-F17249EE96FB} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1633832563 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1633832563 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A603FD4-02CA-4DBB-BC1E-3E718E199985} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A603FD4-02CA-4DBB-BC1E-3E718E199985} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 4272621193 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4272621193 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B76181A-50FC-42E4-B73D-1DE918A5B46E} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B76181A-50FC-42E4-B73D-1DE918A5B46E} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 8649554 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 8649554 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F53B3B8-54A4-4E97-B577-7190FA764C46} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F53B3B8-54A4-4E97-B577-7190FA764C46} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3329014062 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3329014062 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7710C820-7094-47A7-8199-A2172F87AAA5} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7710C820-7094-47A7-8199-A2172F87AAA5} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1749041498 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1749041498 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{792AC7E5-A494-4C2A-A5D1-BFCB841344B7} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{792AC7E5-A494-4C2A-A5D1-BFCB841344B7} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1296942126 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1296942126 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A1C43B0-1831-4E9F-A06A-F66EF23804BB} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A1C43B0-1831-4E9F-A06A-F66EF23804BB} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1629852788 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1629852788 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8434DDB8-4424-4023-BA5E-34FE794369E0} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8434DDB8-4424-4023-BA5E-34FE794369E0} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2099076786 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2099076786 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A12E498-4B32-4AB4-8E8F-8C10A239FCC3} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A12E498-4B32-4AB4-8E8F-8C10A239FCC3} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 815855698 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 815855698 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A1895E6-5904-4BEF-A46F-672D6C5DE0B6} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A1895E6-5904-4BEF-A46F-672D6C5DE0B6} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2342533223 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2342533223 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A314A3C-C13C-4B84-965F-089A818A098D} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A314A3C-C13C-4B84-965F-089A818A098D} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 677259027 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 677259027 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CB5855D-608D-4213-B292-AC14CC577B1B} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB5855D-608D-4213-B292-AC14CC577B1B} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 805193728 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 805193728 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E9E2C72-BAEE-4A38-A472-06AA84B23D2C} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E9E2C72-BAEE-4A38-A472-06AA84B23D2C} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3370276355 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3370276355 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9575D23A-4CF7-4678-8141-FCC52A5DAFF6} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9575D23A-4CF7-4678-8141-FCC52A5DAFF6} => Key deleted successfully.

C:\Windows\System32\Tasks\GreatArcadeHits => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GreatArcadeHits => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A600629-3026-48FA-928B-299BB74CC9DB} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A600629-3026-48FA-928B-299BB74CC9DB} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2827265108 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2827265108 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DF006EC-76DE-40CF-B8E0-1098824719BC} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DF006EC-76DE-40CF-B8E0-1098824719BC} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2721507468 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2721507468 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9A2D1A9-FCE6-4018-A16C-7ECF6861FEE3} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9A2D1A9-FCE6-4018-A16C-7ECF6861FEE3} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1811950257 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1811950257 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADEDDD9E-892B-4DF1-9F74-E61A0FEC0251} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADEDDD9E-892B-4DF1-9F74-E61A0FEC0251} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 4092694008 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4092694008 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF03992B-9F81-4ACD-861B-BCA78B4326B8} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF03992B-9F81-4ACD-861B-BCA78B4326B8} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 520819304 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 520819304 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF1D32E5-3875-4365-AD08-2A9A99F3249F} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF1D32E5-3875-4365-AD08-2A9A99F3249F} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 4189867309 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4189867309 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B031BCA8-E333-4283-9490-DCC6F1A3C9FF} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B031BCA8-E333-4283-9490-DCC6F1A3C9FF} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3440882438 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3440882438 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0D60E3A-0FC2-4BA7-85CF-60C82CBD942E} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0D60E3A-0FC2-4BA7-85CF-60C82CBD942E} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 4112005159 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4112005159 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD47F682-E518-4ECB-B217-93E2DCB52F2D} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD47F682-E518-4ECB-B217-93E2DCB52F2D} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 385443552 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 385443552 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1E42295-68A4-44CC-BB0F-24A4DF2AE3BC} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1E42295-68A4-44CC-BB0F-24A4DF2AE3BC} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3920828216 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3920828216 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C29B208A-458C-4B14-9FCE-805DB98A425E} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C29B208A-458C-4B14-9FCE-805DB98A425E} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 4288038319 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4288038319 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C44410DC-BBED-4F29-8767-32AAE0F79756} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C44410DC-BBED-4F29-8767-32AAE0F79756} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1431152682 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1431152682 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5D4DEA0-C304-4E18-A9EA-7C4764DEDF21} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5D4DEA0-C304-4E18-A9EA-7C4764DEDF21} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 409024435 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 409024435 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7EAA01D-8452-4710-8D01-636DF30A6557} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7EAA01D-8452-4710-8D01-636DF30A6557} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1568841979 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1568841979 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA366A8F-080C-42CC-99A3-378DA65C53FF} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA366A8F-080C-42CC-99A3-378DA65C53FF} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 4146477803 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4146477803 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E160177E-34E1-419C-AD1F-69CD0B8BB8DF} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E160177E-34E1-419C-AD1F-69CD0B8BB8DF} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2948294779 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2948294779 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4CE7562-2209-4D74-AD01-0D0FD6EF5E49} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4CE7562-2209-4D74-AD01-0D0FD6EF5E49} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 4258391513 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4258391513 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5BF1E26-B8DB-494E-9061-1F9DA0C18A7F} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5BF1E26-B8DB-494E-9061-1F9DA0C18A7F} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 143572091 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 143572091 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7EEECF8-21E5-4F98-803A-057497F62F95} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7EEECF8-21E5-4F98-803A-057497F62F95} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2425075436 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2425075436 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB8B3792-2A74-4AD3-A0D6-E204B7419D37} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB8B3792-2A74-4AD3-A0D6-E204B7419D37} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 2072771277 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2072771277 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4E0EC49-BB40-470A-9CCC-0A24664A3985} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4E0EC49-BB40-470A-9CCC-0A24664A3985} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 3136454316 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 3136454316 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7A3D736-1079-420D-9B4D-052269BE670E} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7A3D736-1079-420D-9B4D-052269BE670E} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 1186133018 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 1186133018 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA01DE43-0BD5-4FDD-ADA0-C1D09CB034AF} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA01DE43-0BD5-4FDD-ADA0-C1D09CB034AF} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 305974073 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 305974073 => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBAF9B04-55EB-4AAA-BFDC-8C6A84477AC2} => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBAF9B04-55EB-4AAA-BFDC-8C6A84477AC2} => Key deleted successfully.

C:\Windows\System32\Tasks\Security Center Update - 4133871898 => Moved successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 4133871898 => Key deleted successfully.

"C:\Users\Admin\AppData\Roaming\Wemygo" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Zuubossy" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Ucxocyp" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Qeekda" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Dydixo" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Itefsaq" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Vuuzwaak" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Mafopym" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Wylaucu" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Ufukde" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Bezayrs" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Erulzu" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Latayt" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Ywocykb" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Kiuvudew" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Aculhocu" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Gahibixy" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Itxigavo" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Gaecalax" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Oluzegb" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Feycvoem" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Yvodloy" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Megepi" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Olnifidu" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Evezozug" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Voykvyah" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Ruhoge" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Irnomee" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Eldiyx" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Axqyukb" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Huotoz" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Enypsage" => File/Directory not found.

"C:\Users\Admin\AppData\Local\GreatArcadeHits" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Dairycz" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Uqnuertu" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Ymboyny" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Faisyro" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Guubnu" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Vomafa" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Ihzoolv" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Uvylyhi" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Avwuofo" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Avvake" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Curuqiy" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Orylbau" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Uwabru" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Dykimoyr" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Umxiguk" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Izasny" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Sexilog" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Ezkuiqyf" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Yblyucda" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Ixyspyso" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Atrevep" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Pouvbiwi" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Teurro" => File/Directory not found.

"C:\Users\Admin\AppData\Roaming\Asgyab" => File/Directory not found.

 

==== End of Fixlog ====

[dougfy]

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.03.23.09

 

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Admin :: OFFICE3 [administrator]

 

3/23/2014 1:22:53 PM

mbam-log-2014-03-23 (13-22-53).txt

 

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 1101117

Time elapsed: 3 hour(s), 28 minute(s), 11 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

[Psychotic]

Looks better!

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

• Turn off the real time scanner of any existing antivirus program while performing the online scan
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Click Start
• Make sure that the option Remove found threats is unticked
• Click on Advanced Settings and ensure these options are ticked:
  • Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

[dougfy]

Here is the next run of eset

 

C:\FRST\Quarantine\C\Users\Admin\AppData\Local\Temp\sibmqci\stuearx\wow.dll Win64/Wowlik.F trojan

C:\FRST\Quarantine\C\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\extensions\{A9EF3754-E2D9-DEEB-8C17-5B111FACE260}\components\MenuOptionsClass.js Win32/Boaxxe.BE trojan

C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-21-1478126896-2015222628-883510741-1001\$682665973d87cc0b596b3c2e6acfe861\U\00000004.@.vir Win64/Conedex.C trojan

C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-21-1478126896-2015222628-883510741-1001\$682665973d87cc0b596b3c2e6acfe861\U\00000008.@.vir Win64/Conedex.I trojan

[Psychotic]

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.

• Run adwcleaner.exe
• Hit Scan and wait for the scan to finish.
• Confirm the message but don´t uncheck anything.
• Hit Clean
• When the run is finished, it will open up a text file
• Please post its contents within your next reply
• You´ll find the log file at C:\AdwCleaner[s1].txt also
  

Delete junk with JRT

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.
  

SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

• Save it to your desktop, start it and follow the instructions in the window.
• After the scan finished the (checkup.txt) will open. Copy its content to your thread.
  

[dougfy]

I don't have any issues with svhost using bandwidth or the browser being blocked when searching for a virus name. I have started adwcleaner...

[dougfy]

# AdwCleaner v3.022 - Report created 25/03/2014 at 17:12:26

# Updated 13/03/2014 by Xplode

# Operating System : Windows 7 Home Premium  (64 bits)

# Username : Admin - OFFICE3

# Running from : C:\Users\Admin\Downloads\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Trymedia

Folder Deleted : C:\Users\Admin\AppData\Local\SearchProtect

File Deleted : C:\END

File Deleted : C:\Users\Public\Desktop\eBay.lnk

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchProtectINT_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchProtectINT_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

Key Deleted : HKCU\Software\YahooPartnerToolbar

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16447

 

 

-\\ Mozilla Firefox v13.0.1 (en-US)

 

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zis6t8z8.default\prefs.js ]

 

 

[ File : C:\Users\Brenna\AppData\Roaming\Mozilla\Firefox\Profiles\vkriy6x9.default\prefs.js ]

 

 

[ File : C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\1s2isfbx.default\prefs.js ]

 

 

-\\ Google Chrome v33.0.1750.154

 

[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\Admin_2.office3\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [2600 octets] - [25/03/2014 07:56:52]

AdwCleaner[s0].txt - [2506 octets] - [25/03/2014 17:12:26]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2566 octets] ##########

[dougfy]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.3 (03.23.2014:1)

OS: Windows 7 Home Premium x64

Ran by Admin on Tue 03/25/2014 at 17:28:52.99

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"

 

 

 

~~~ FireFox

 

Successfully deleted the following from C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\zis6t8z8.default\prefs.js

 

user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAIAEBAAAAEAIABoBAAAJgAAACAgAAABACAAqBAAAI4EAAAoAAAAEAAAACAAAAABACAAAAAAAAAEAAASCwAAEgsAAAAAAAAAAAAA9IVCS

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\zis6t8z8.default\minidumps [2 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 03/25/2014 at 17:35:57.19

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[dougfy]

 Results of screen317's Security Check version 0.99.81  

 Windows 7  x64 (UAC is enabled)  

 Out of date service pack!! 

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Security Center service is not running! This report may not be accurate! 

 Windows Firewall Enabled!  

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Java 6 Update 29  

 Java 7 Update 51  

 Java SE Development Kit 6 Update 20 

  Adobe Flash Player 11.1.102.63 Flash Player out of Date!  

 Adobe Reader 9 Adobe Reader out of Date! 

 Mozilla Firefox 13.0.1 Firefox out of Date!  

 Google Chrome 33.0.1750.146  

 Google Chrome 33.0.1750.154  

````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  

````````````````````End of Log`````````````````````` 

[Psychotic]

Your system is clean!

 

 

Windows 7 out of date

Your Microsoft Windows installation is out of date. Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure. Out-of-date Windows installations represent a risk to your system and are also a conduit for the spread of malware. You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP1) can be obtained directly from Microsoft here.

 

 

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

• Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
• Click upon Start-->control panel-->add/remove programs.
• Search for and remove any older reader versions.
  

 

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.

• Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
• Run setup and follow the instructions.
• Click upon Start-->control panel-->add/remove programs.
• Search for and remove any older reader versions.
  

 

 

 

 

Mozilla Firefox out of date

Your Firefox browser is outdated. Please follow these instructions to update it:

• Get the actual firefox from here.
• Run setup and follow the instructions on your monitor.
• Report any problems you have with the update.
  

 

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
3. In any case please download delfix to your desktop.
   
   • Close all other programms and start delfix.
   • Please check all the boxes and run the tool.
   • delfix will now delete all found traces of our removal process
     

[*] If there is still something left please delete it manualy.

 

 

 

 

Recommendations: How to protect yourself

• System Updates
  Please ensure to have automatic updates activated in your control panel.
  For further information and a tutorial, see this Microsoft Support article.
• Protection
  What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
  Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
  
  • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
    It will filter unwanted advertising out of the website´s content.
  • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
    It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
    In addition, before accessing a dangerous classified web site, a warning screen is displayed.
    

  
  [*]Up to date Software
  Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:
  

  • Secunia Personal Software Inspector - checks if your software has updates available.
  • SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software.
  • Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser.
    

  [*]Backup
  Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
  The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
  

  • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
  • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
  • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
    They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
    

  
  
  

[dougfy]

Thanks for the help. I will work through these as I have time.

[Psychotic]

You´re welcome!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!