WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

init.exe error on startup, windows 8.1 [Closed]

Started by Fearen , Sep 10 2014 12:10 PM

This topic is locked

17 replies to this topic

#1 Fearen

New Member

Authentic Member
9 posts

Posted 10 September 2014 - 12:10 PM

Panda antivirus sometimes delete this file, but I can't rid of this error. Here is my HijackThis log.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:09:42 PM, on 10/09/14

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.9600.17239)

Boot mode: Normal

Running processes:

C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

D:\games\Steam\Steam.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Fearen\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe

C:\WINDOWS\SysWOW64\cmd.exe

C:\Users\Fearen\AppData\Local\Beeline Network Manager\jre6\launch4j-tmp\notifier.exe

C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\bash.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

D:\games\Steam\bin\steamwebhelper.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\sleep.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\avz4\avz.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\HijackThis\HijackThis.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol...120695&tsp=5021

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=C:\WINDOWS\SysWOW64\userinit.exe,

O2 - BHO: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - D:\Coding\Microsoft Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe

O4 - HKLM\..\Run: [ACSW17EN] "C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe"

O4 - HKLM\..\Run: [BNM] C:\Users\Fearen\AppData\Local\Beeline Network Manager\notifier.exe

O4 - HKLM\..\Run: [BNM Updater] C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\chp.exe cmd.exe /c ""C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bash-run.bat" "beeline-wizard-updater""

O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray

O4 - HKCU\..\Run: [Steam] "D:\games\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [uTorrent] "C:\Users\Fearen\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe

O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

O4 - HKUS\S-1-5-21-985896895-1321975429-906874235-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')

O4 - Startup: Dropbox.lnk = C:\Users\Fearen\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: initsrv.exe

O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

O4 - Startup: Отправка в OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O13 - Gopher Prefix:

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe

O23 - Service: AtherosSvc - Windows ® Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: Panda Free Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

End of file - 14992 bytes

Advertisements

Register to Remove

#2 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 10 September 2014 - 01:57 PM

Hello Fearen, welcome to WhatTheTech's Malware Removal forum!

My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. xsmile.png.pagespeed.ic.CwSpBGGvqN.png

======================================================

Please read through the points below to ensure this process moves as quickly and efficiently as possible.

Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
Please backup important documents before proceeding with my instructions.
If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.

======================================================

Please run the following diagnostic scans so I can ascertain the state of your computer.

STEP 1
xlK5Hdb.png.pagespeed.ce.J4MzrrPAEo.png Farbar Recovery Scan Tool (FRST) Scan

Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
Right-Click FRST64.exe and select Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

STEP 2
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.png TDSSKiller Scan

Please download TDSSKiller and save the file to your Desktop.
Right-Click TDSSKiller.exe and select Run as administrator to run the programme.
Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.
Click Start Scan. Do not use the computer during the scan.
If objects are found, change the action to skip.
Click Continue and close the window.
A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.

======================================================

STEP 3
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

FRST.txt
Addition.txt
TDSSKiller log

Would you like to help others with malware removal? Join our Classroom and learn how!

#3 Fearen

New Member

Authentic Member
9 posts

Posted 10 September 2014 - 03:43 PM

Thank you for fast reply. I must notify you, that simultaneously with the post here I scanned my computer with AVZ, so there may be some changes in logs. Sorry for that. But to make sure I made all the staps you described above.

Here my logs:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014

Ran by Fearen (administrator) on FEAREN-PC on 11-09-2014 01:30:13

Running from C:\Users\Fearen\Desktop

Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe

(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Valve Corporation) D:\games\Steam\Steam.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(BitTorrent Inc.) C:\Users\Fearen\AppData\Roaming\uTorrent\uTorrent.exe

(Dropbox, Inc.) C:\Users\Fearen\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Sun Microsystems, Inc.) C:\Users\Fearen\AppData\Local\Beeline Network Manager\jre6\launch4j-tmp\notifier.exe

() C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\bash.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

() C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\bash.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Valve Corporation) D:\games\Steam\bin\steamwebhelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Valve Corporation) D:\games\Steam\bin\steamwebhelper.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE

() D:\games\openkore_ready\start.exe

() C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\sleep.exe

(Valve Corporation) D:\games\Steam\bin\steamwebhelper.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-02] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2013-02-05] (CyberLink Corp.)

HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-04-17] (ASUS)

HKLM-x32\...\Run: [ACSW17EN] => C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe [1414984 2013-09-25] (ACD Systems)

HKLM-x32\...\Run: [BNM] => C:\Users\Fearen\AppData\Local\Beeline Network Manager\notifier.exe [48489 2013-04-15] (Beeline)

HKLM-x32\...\Run: [BNM Updater] => C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\chp.exe cmd.exe /c ""C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bash-run.bat" "beeline-wizard-updater""

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)

HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-25] ( (Qualcomm Atheros Commnucations))

HKU\S-1-5-21-985896895-1321975429-906874235-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)

HKU\S-1-5-21-985896895-1321975429-906874235-1002\...\Run: [Steam] => D:\games\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)

HKU\S-1-5-21-985896895-1321975429-906874235-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

HKU\S-1-5-21-985896895-1321975429-906874235-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.)

HKU\S-1-5-21-985896895-1321975429-906874235-1002\...\Run: [uTorrent] => C:\Users\Fearen\AppData\Roaming\uTorrent\uTorrent.exe [1418832 2014-09-10] (BitTorrent Inc.)

HKU\S-1-5-21-985896895-1321975429-906874235-1002\...\MountPoints2: {ce87246e-1d67-11e3-be79-240a64691df0} - "F:\Setup.now.exe"

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-12] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-12] (NVIDIA Corporation)

Startup: C:\Users\Fearen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Fearen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Fearen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Отправка в OneNote.lnk

ShortcutTarget: Отправка в OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)

ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol...120695&tsp=5021

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&pc=ASU2JS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&pc=ASU2JS

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&pc=ASU2JS

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...R&pc=ASU2JS

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol...120695&tsp=5021

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)

BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> D:\Coding\Microsoft Visual Studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.100 213.234.192.7

FireFox:

========

FF ProfilePath: C:\Users\Fearen\AppData\Roaming\Mozilla\Firefox\Profiles\215zjo49.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fearen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mailru.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ozonru.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priceru.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yandex-slovari.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yandex.xml

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:

=======

CHR HomePage: Default -> hxxp://www.google.com

CHR NewTab: Default -> "chrome-extension://dgpdioedihjhncjafcpgbbjdpbbkikmi/speeddial.html"

CHR DefaultSearchKeyword: Default -> 5D50AED1C11148D671DDB459E5A6BC9EBAABBD529AD83D4DB4C19F86B22DC382

CHR DefaultSearchURL: Default -> 508AE2B71B660E45F1F4921FAB59445A83252A876D925D225442A2C27B84CF4A

CHR Profile: C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (ChromeAccess) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeoigbhkilbllfomkmmilbfochhlgdmh [2013-09-07]

CHR Extension: (Google Docs) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-07]

CHR Extension: (Google Drive) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-07]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-31]

CHR Extension: (YouTube) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-07]

CHR Extension: (Google Search) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-07]

CHR Extension: (Speed Dial) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-09-08]

CHR Extension: (Ratchet & Clank Future 2) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn [2013-09-07]

CHR Extension: (Google Calendar) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-09-07]

CHR Extension: (Zotero Connector) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2014-07-04]

CHR Extension: (MusicSig vkontakte Lite) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcgkldpdjdmdmaoholfbfjhpljahhbaf [2013-09-07]

CHR Extension: (AdBlock) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-07]

CHR Extension: (Google Reader Checker) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnmalhpnifcgaicdjnacljombhmgagin [2013-09-07]

CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2013-09-07]

CHR Extension: (Google Wallet) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]

CHR Extension: (Google Calendar Checker (by Google)) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek [2013-09-07]

CHR Extension: (Gmail) - C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-30] (ASUS)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-25] (Windows ® Win 7 DDK provider)

S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-06-10] (Microsoft Corporation)

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-14] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-14] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-21] (Intel Corporation)

R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-21] (Intel Corporation)

S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)

S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)

R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)

S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)

R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)

R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()

R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [10752 2013-08-22] (Microsoft Corporation)

S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)

S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]

S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-25] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-29] (ASUS Corporation)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-25] (Qualcomm Atheros)

R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-13] (Disc Soft Ltd)

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-21] (Intel Corporation)

S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [124928 2013-08-22] (Microsoft Corporation)

R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)

R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)

R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)

R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)

R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)

R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)

R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)

R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)

R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)

R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)

R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)

R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)

R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)

R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)

R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)

R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)

R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)

R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)

R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)

R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)

R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 01:30 - 2014-09-11 01:30 - 00030296 _____ () C:\Users\Fearen\Desktop\FRST.txt

2014-09-11 01:29 - 2014-09-11 01:30 - 00000000 ____D () C:\FRST

2014-09-11 01:29 - 2014-09-11 01:28 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Fearen\Desktop\tdsskiller.exe

2014-09-11 01:29 - 2014-09-11 01:28 - 02105856 _____ (Farbar) C:\Users\Fearen\Desktop\FRST64.exe

2014-09-10 21:49 - 2014-09-10 22:09 - 00000000 ____D () C:\Program Files (x86)\HijackThis

2014-09-10 21:49 - 2014-09-10 21:49 - 00001931 _____ () C:\Users\UpdatusUser\Desktop\HijackThis.lnk

2014-09-10 21:49 - 2014-09-10 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis

2014-08-31 20:49 - 2014-08-31 20:49 - 00292952 _____ () C:\WINDOWS\Minidump\083114-49984-01.dmp

2014-08-31 20:49 - 2014-08-31 20:49 - 00000000 ____D () C:\WINDOWS\Minidump

2014-08-29 20:45 - 2014-08-29 20:46 - 00000000 ____D () C:\Users\Fearen\Documents\My Spore Creations

2014-08-29 20:45 - 2014-08-29 20:45 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Spore

2014-08-29 20:42 - 2014-08-29 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore

2014-08-28 16:13 - 2014-08-28 16:13 - 00000000 ____D () C:\Users\Fearen\AppData\Local\BlackVue

2014-08-28 00:54 - 2014-08-23 04:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-08-22 09:18 - 2014-08-22 09:18 - 00000000 ____D () C:\Users\Fearen\AppData\Local\TortoiseSVN

2014-08-20 21:08 - 2014-09-10 22:35 - 00004966 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FEAREN-PC-Fearen Fearen-pc

2014-08-18 02:31 - 2014-09-10 22:24 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-985896895-1321975429-906874235-1002

2014-08-17 21:04 - 2014-08-22 09:18 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\TortoiseSVN

2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Panda Security

2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus

2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 ____D () C:\Program Files (x86)\Panda Security

2014-08-17 17:08 - 2014-03-25 17:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys

2014-08-17 17:06 - 2014-08-17 17:08 - 00000000 ____D () C:\ProgramData\Panda Security

2014-08-16 13:59 - 2014-08-31 11:56 - 00000000 ____D () C:\Users\Fearen\AppData\Local\TSVNCache

2014-08-16 13:59 - 2014-08-16 13:59 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Subversion

2014-08-16 13:25 - 2014-08-16 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN

2014-08-16 13:25 - 2014-08-16 13:25 - 00000000 ____D () C:\Program Files\TortoiseSVN

2014-08-16 13:25 - 2014-08-16 13:25 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays

2014-08-13 05:04 - 2014-07-25 18:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-08-13 05:04 - 2014-07-25 17:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-08-13 05:04 - 2014-07-25 17:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-08-13 05:04 - 2014-07-25 17:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-08-13 05:04 - 2014-07-25 17:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2014-08-13 05:04 - 2014-07-25 16:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-08-13 05:04 - 2014-07-25 16:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-08-13 05:04 - 2014-07-25 16:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-08-13 05:04 - 2014-07-25 16:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2014-08-13 05:04 - 2014-07-25 16:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-08-13 05:04 - 2014-07-25 16:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll

2014-08-13 05:04 - 2014-07-25 16:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-08-13 05:04 - 2014-07-25 16:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-08-13 05:04 - 2014-07-25 16:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-08-13 05:04 - 2014-07-25 16:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-08-13 05:04 - 2014-07-25 16:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-08-13 05:04 - 2014-07-25 15:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-08-13 05:04 - 2014-07-25 15:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-08-13 05:04 - 2014-07-25 15:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-08-13 05:04 - 2014-07-25 15:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-13 05:04 - 2014-07-25 15:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-08-13 05:04 - 2014-07-25 15:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-08-13 05:04 - 2014-07-25 15:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-08-13 05:04 - 2014-07-25 15:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-08-13 05:04 - 2014-07-25 15:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-08-13 05:04 - 2014-07-25 15:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-08-13 05:04 - 2014-07-25 15:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-08-13 05:04 - 2014-07-25 15:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-08-13 05:04 - 2014-07-25 15:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-08-13 05:04 - 2014-07-25 14:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-08-13 05:04 - 2014-07-25 14:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-08-13 05:04 - 2014-07-25 14:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-08-13 05:04 - 2014-07-25 14:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-08-13 05:04 - 2014-07-25 14:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-08-13 05:04 - 2014-07-25 14:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-08-13 05:04 - 2014-06-20 05:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2014-08-13 05:04 - 2014-06-20 03:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2014-08-13 05:04 - 2014-06-13 05:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2014-08-13 05:04 - 2014-06-13 05:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2014-08-13 05:04 - 2014-06-13 04:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2014-08-13 05:04 - 2014-06-06 15:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2014-08-13 05:04 - 2014-05-13 11:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe

2014-08-13 05:04 - 2014-05-13 09:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-08-13 05:04 - 2014-05-13 08:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-08-13 05:04 - 2014-05-13 08:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-08-13 05:04 - 2014-05-13 07:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-08-13 05:04 - 2014-05-13 07:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-08-13 05:04 - 2014-05-03 15:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-08-13 05:04 - 2014-05-03 13:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-08-13 05:04 - 2014-05-03 09:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-08-13 05:04 - 2014-05-03 09:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll

2014-08-13 05:04 - 2014-05-03 09:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll

2014-08-13 05:04 - 2014-05-03 09:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll

2014-08-13 05:04 - 2014-05-03 08:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll

2014-08-13 05:04 - 2014-05-03 08:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll

2014-08-13 05:04 - 2014-05-03 08:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll

2014-08-13 05:04 - 2014-05-03 03:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat

2014-08-13 05:04 - 2014-05-01 09:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-08-13 05:04 - 2014-04-30 10:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys

2014-08-13 05:04 - 2014-04-30 10:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-08-13 05:04 - 2014-04-30 10:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2014-08-13 05:04 - 2014-04-30 10:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2014-08-13 05:04 - 2014-04-30 09:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe

2014-08-13 05:04 - 2014-04-30 08:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe

2014-08-13 05:04 - 2014-04-30 08:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll

2014-08-13 05:04 - 2014-04-30 08:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2014-08-13 05:04 - 2014-04-30 08:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2014-08-13 05:04 - 2014-04-30 08:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll

2014-08-13 05:04 - 2014-04-30 08:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2014-08-13 05:04 - 2014-04-30 07:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2014-08-13 05:04 - 2014-04-30 07:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2014-08-13 05:04 - 2014-04-30 07:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2014-08-13 05:04 - 2014-04-30 07:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll

2014-08-13 05:04 - 2014-04-30 07:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll

2014-08-13 05:04 - 2014-04-30 07:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2014-08-13 05:04 - 2014-04-29 02:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2014-08-13 05:04 - 2014-04-27 02:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2014-08-13 05:04 - 2014-04-27 00:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2014-08-13 05:04 - 2014-04-26 20:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2014-08-13 05:04 - 2014-04-14 13:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2014-08-13 05:04 - 2014-04-14 12:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2014-08-13 05:04 - 2014-04-14 09:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll

2014-08-13 05:04 - 2014-04-09 10:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll

2014-08-13 05:04 - 2014-04-09 09:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll

2014-08-13 05:03 - 2014-06-10 02:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2014-08-13 05:03 - 2014-06-10 02:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2014-08-13 05:03 - 2014-05-31 10:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2014-08-13 05:02 - 2014-07-15 22:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2014-08-13 05:02 - 2014-07-15 12:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2014-08-13 05:02 - 2014-07-15 12:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2014-08-13 05:02 - 2014-07-15 12:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2014-08-13 05:02 - 2014-07-10 08:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-08-13 05:02 - 2014-07-10 08:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-08-13 05:02 - 2014-07-10 07:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-08-13 05:02 - 2014-06-05 18:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll

2014-08-13 05:02 - 2014-06-05 17:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll

2014-08-13 05:02 - 2014-06-04 13:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2014-08-13 05:02 - 2014-06-04 09:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll

2014-08-13 05:02 - 2014-06-04 09:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2014-08-13 05:02 - 2014-06-04 08:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll

2014-08-13 05:02 - 2014-06-04 08:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2014-08-13 05:02 - 2014-06-04 06:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-08-13 05:02 - 2014-06-04 06:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-08-13 05:02 - 2014-06-02 06:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-08-13 05:02 - 2014-05-31 14:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2014-08-13 05:02 - 2014-05-31 14:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys

2014-08-13 05:02 - 2014-05-31 14:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys

2014-08-13 05:02 - 2014-05-31 14:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys

2014-08-13 05:02 - 2014-05-31 14:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys

2014-08-13 05:02 - 2014-05-31 10:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys

2014-08-13 05:02 - 2014-05-31 10:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys

2014-08-13 05:02 - 2014-05-31 10:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys

2014-08-13 05:02 - 2014-05-31 08:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe

2014-08-13 05:02 - 2014-05-31 08:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll

2014-08-13 05:02 - 2014-05-31 08:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll

2014-08-13 05:02 - 2014-05-27 19:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-08-13 05:02 - 2014-05-27 13:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll

2014-08-13 05:02 - 2014-05-27 13:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll

2014-08-13 05:02 - 2014-05-17 08:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-08-13 05:02 - 2014-05-17 08:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-08-13 05:01 - 2014-08-07 06:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2014-08-13 05:01 - 2014-08-02 07:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2014-08-13 05:01 - 2014-08-02 07:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-08-13 05:01 - 2014-07-12 08:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-11 01:30 - 2014-09-11 01:30 - 00030296 _____ () C:\Users\Fearen\Desktop\FRST.txt

2014-09-11 01:30 - 2014-09-11 01:29 - 00000000 ____D () C:\FRST

2014-09-11 01:30 - 2013-09-07 08:29 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\uTorrent

2014-09-11 01:28 - 2014-09-11 01:29 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Fearen\Desktop\tdsskiller.exe

2014-09-11 01:28 - 2014-09-11 01:29 - 02105856 _____ (Farbar) C:\Users\Fearen\Desktop\FRST64.exe

2014-09-11 01:20 - 2013-09-20 09:03 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Skype

2014-09-11 01:06 - 2014-02-09 17:47 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-09-11 01:00 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-09-11 00:59 - 2013-12-07 19:41 - 01630877 _____ () C:\WINDOWS\WindowsUpdate.log

2014-09-11 00:45 - 2013-09-07 08:06 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-09-10 22:55 - 2012-07-26 11:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-09-10 22:35 - 2014-08-20 21:08 - 00004966 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for FEAREN-PC-Fearen Fearen-pc

2014-09-10 22:24 - 2014-08-18 02:31 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-985896895-1321975429-906874235-1002

2014-09-10 22:24 - 2013-09-09 08:09 - 00000000 __RDO () C:\Users\Fearen\SkyDrive

2014-09-10 22:22 - 2013-10-05 03:07 - 00000000 ___RD () C:\Users\Fearen\Dropbox

2014-09-10 22:22 - 2013-10-05 03:02 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Dropbox

2014-09-10 22:19 - 2013-09-16 01:45 - 00001312 _____ () C:\WINDOWS\Tasks\a2zLyrics-1-updater.job

2014-09-10 22:19 - 2013-09-16 01:45 - 00001216 _____ () C:\WINDOWS\Tasks\a2zLyrics-1-codedownloader.job

2014-09-10 22:19 - 2013-09-16 01:45 - 00001116 _____ () C:\WINDOWS\Tasks\a2zLyrics-1-enabler.job

2014-09-10 22:19 - 2013-09-16 01:44 - 00001924 _____ () C:\WINDOWS\Tasks\a2zLyrics-1-chromeinstaller.job

2014-09-10 22:19 - 2013-09-07 08:06 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-09-10 22:18 - 2013-09-30 08:02 - 00062732 _____ () C:\WINDOWS\PFRO.log

2014-09-10 22:18 - 2013-08-22 18:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-09-10 22:17 - 2013-08-22 17:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2014-09-10 22:16 - 2013-09-13 05:35 - 00000000 ____D () C:\Program Files\avz4

2014-09-10 22:09 - 2014-09-10 21:49 - 00000000 ____D () C:\Program Files (x86)\HijackThis

2014-09-10 21:49 - 2014-09-10 21:49 - 00001931 _____ () C:\Users\UpdatusUser\Desktop\HijackThis.lnk

2014-09-10 21:49 - 2014-09-10 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis

2014-09-10 21:10 - 2013-09-30 08:10 - 00913650 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-09-10 20:56 - 2013-12-07 19:46 - 00000000 ____D () C:\Users\Fearen

2014-09-10 19:56 - 2013-10-01 08:29 - 00000000 ____D () C:\ProgramData\Oracle

2014-09-10 19:55 - 2014-03-19 18:58 - 00319912 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe

2014-09-10 19:55 - 2014-03-19 18:58 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe

2014-09-10 19:55 - 2014-03-19 18:58 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe

2014-09-10 19:55 - 2014-03-19 18:58 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

2014-09-10 19:55 - 2014-03-19 18:50 - 00000000 ____D () C:\Program Files\Java

2014-09-10 19:55 - 2013-12-15 12:40 - 00000000 ____D () C:\Program Files (x86)\Java

2014-09-10 19:54 - 2013-12-15 12:40 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-09-10 19:54 - 2013-12-15 12:40 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-09-10 19:54 - 2013-12-15 12:40 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-09-10 19:54 - 2013-12-15 12:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-09-10 18:27 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-09-10 12:36 - 2013-08-22 18:46 - 00351830 _____ () C:\WINDOWS\setupact.log

2014-09-09 22:07 - 2014-02-09 17:47 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2014-09-09 22:06 - 2014-07-08 22:06 - 17903792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

2014-09-06 14:34 - 2013-12-13 17:14 - 00000000 ____D () C:\Users\Fearen\AppData\Local\Packages

2014-08-31 20:49 - 2014-08-31 20:49 - 00292952 _____ () C:\WINDOWS\Minidump\083114-49984-01.dmp

2014-08-31 20:49 - 2014-08-31 20:49 - 00000000 ____D () C:\WINDOWS\Minidump

2014-08-31 20:48 - 2013-10-13 08:33 - 859819559 _____ () C:\WINDOWS\MEMORY.DMP

2014-08-31 11:56 - 2014-08-16 13:59 - 00000000 ____D () C:\Users\Fearen\AppData\Local\TSVNCache

2014-08-31 02:11 - 2013-08-22 18:44 - 05125544 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-08-29 20:46 - 2014-08-29 20:45 - 00000000 ____D () C:\Users\Fearen\Documents\My Spore Creations

2014-08-29 20:45 - 2014-08-29 20:45 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Spore

2014-08-29 20:42 - 2014-08-29 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore

2014-08-28 16:13 - 2014-08-28 16:13 - 00000000 ____D () C:\Users\Fearen\AppData\Local\BlackVue

2014-08-25 17:44 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-08-23 04:42 - 2014-08-28 00:54 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-08-22 09:18 - 2014-08-22 09:18 - 00000000 ____D () C:\Users\Fearen\AppData\Local\TortoiseSVN

2014-08-22 09:18 - 2014-08-17 21:04 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\TortoiseSVN

2014-08-18 09:37 - 2013-09-20 09:03 - 00000000 ____D () C:\ProgramData\Skype

2014-08-18 02:27 - 2014-05-31 13:20 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-18 02:26 - 2014-05-31 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Panda Security

2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus

2014-08-17 17:08 - 2014-08-17 17:08 - 00000000 ____D () C:\Program Files (x86)\Panda Security

2014-08-17 17:08 - 2014-08-17 17:06 - 00000000 ____D () C:\ProgramData\Panda Security

2014-08-16 13:59 - 2014-08-16 13:59 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Subversion

2014-08-16 13:25 - 2014-08-16 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN

2014-08-16 13:25 - 2014-08-16 13:25 - 00000000 ____D () C:\Program Files\TortoiseSVN

2014-08-16 13:25 - 2014-08-16 13:25 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays

2014-08-16 13:16 - 2013-12-13 17:15 - 00000075 _____ () C:\Users\Fearen\AppData\Roaming\sp_data.sys

2014-08-16 09:40 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-08-16 09:19 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions

2014-08-16 09:18 - 2013-08-22 19:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-08-16 09:18 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-08-16 09:18 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-08-16 09:18 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-08-14 03:49 - 2013-10-05 03:04 - 00000000 ____D () C:\Users\Fearen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-13 09:09 - 2013-10-23 09:25 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-08-13 09:05 - 2013-10-08 21:21 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-08-13 09:01 - 2012-07-26 09:26 - 00000199 _____ () C:\WINDOWS\win.ini

2014-08-13 05:01 - 2014-06-19 06:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-08-13 05:01 - 2014-04-29 18:50 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-08-13 05:01 - 2014-04-29 18:10 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-08-13 05:01 - 2014-04-29 18:02 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-08-13 05:01 - 2014-04-29 18:01 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-08-13 05:01 - 2014-04-29 18:01 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-08-13 05:01 - 2014-04-29 18:01 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-08-13 05:01 - 2014-04-29 18:01 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-08-13 05:01 - 2014-04-29 18:01 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-08-13 05:01 - 2014-04-29 18:01 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-08-13 05:01 - 2014-04-29 18:01 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-08-13 05:01 - 2014-04-29 18:01 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-08-13 05:01 - 2014-04-29 18:01 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll

2014-08-13 05:01 - 2014-04-09 06:15 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-08-13 05:00 - 2014-04-29 18:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-08-13 05:00 - 2014-04-29 18:10 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-08-13 04:53 - 2014-04-29 18:01 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2014-08-13 04:51 - 2014-06-11 23:00 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe

C:\ProgramData\SetStretch.VBS

Some content of TEMP:

====================

C:\Users\Fearen\AppData\Local\Temp\DelB07.exe

C:\Users\Fearen\AppData\Local\Temp\drm_dyndata_7400009.dll

C:\Users\Fearen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk6fddg.dll

C:\Users\Fearen\AppData\Local\Temp\DTLite4481-0347.exe

C:\Users\Fearen\AppData\Local\Temp\iAKXDnXxIqVuWmWzQXRb.DLL

C:\Users\Fearen\AppData\Local\Temp\init.sfx.exe

C:\Users\Fearen\AppData\Local\Temp\jansi-64-1.8.dll

C:\Users\Fearen\AppData\Local\Temp\jre-8u20-windows-au.exe

C:\Users\Fearen\AppData\Local\Temp\ose00001.exe

C:\Users\Fearen\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Fearen\AppData\Local\Temp\xmlUpdater.exe

C:\Users\Fearen\AppData\Local\Temp\{15529227-6514-41E3-9960-3069A59C1C79}.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-07 03:18

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014

Ran by Fearen at 2014-09-11 01:30:56

Running from C:\Users\Fearen\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Disabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Panda Free Antivirus (Disabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}

FW: Panda Firewall (Disabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.0 - ASUS)

Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33497 - BitTorrent Inc.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )

a2zLyrics-1 (HKLM-x32\...\a2zLyrics-1) (Version: 1.28.153.3 - Lyrics) <==== ATTENTION

Aarklash: Legacy (HKLM-x32\...\Aarklash: Legacy_is1) (Version: - Cyanide Studio)

ACDSee 17 (HKLM-x32\...\ACDSee 17 17.0.42) (Version: 17.0.42 - ACD Systems International Inc.)

ACDSee 17 (x32 Version: 17.0.42 - ACD Systems International Inc.) Hidden

ActiveState ActivePython 2.6.2.2 (HKLM-x32\...\{A1D14FC8-FF6E-4700-A501-BCAFD22B7D15}) (Version: 2.6.2.2 - ActiveState Software Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)

Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)

Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)

Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version: - Triumph Studios)

Anodyne (HKLM-x32\...\Steam App 234900) (Version: - Sean Hogan and Jonathan Kittaka)

ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.1 - ASUS)

ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS)

ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)

ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.4 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.0 - ASUS)

ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.5005 - CyberLink Corp.)

ASUS Video Magic (x32 Version: 6.0.5005 - CyberLink Corp.) Hidden

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0028 - ASUS)

Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden

AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden

Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version: - Overhaul Games)

Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden

Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden

Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)

Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden

Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden

Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)

Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)

Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden

Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden

Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

calibre 64bit (HKLM\...\{1266D026-FDCA-458F-8849-BF23EF0766D8}) (Version: 1.28.0 - Kovid Goyal)

Chaos on Deponia (HKLM-x32\...\Steam App 220740) (Version: - Daedalic Entertainment)

Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft Montréal)

Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Cortex Command (HKLM-x32\...\Steam App 209670) (Version: - Data Realms, LLC)

Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden

CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3718_45957 - CyberLink Corp.)

CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3718_45957 - CyberLink Corp.) Hidden

CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.5817a - CyberLink Corp.)

CyberLink PowerDirector (x32 Version: 8.0.5817a - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)

Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version: - Microsoft)

Delve Deeper (HKLM-x32\...\Steam App 63800) (Version: - Lunar Giant)

Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)

Divinity Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios)

DjVu Solo 3.1 (HKLM-x32\...\DjVu Solo 3.1) (Version: - )

Dominions 4 (HKLM-x32\...\Steam App 259060) (Version: - )

Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)

Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)

Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)

Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version: - Ubisoft)

Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios)

Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)

Eador. Masters of the Broken World (HKLM-x32\...\Steam App 232050) (Version: - Snowbird Games)

Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)

Endless Space (HKLM-x32\...\Steam App 208140) (Version: - Amplitude Studios)

Entity Framework 6.1.0 Tools for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)

foobar2000 v1.2.9 (HKLM-x32\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski)

Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

From Dust (HKLM-x32\...\Steam App 33460) (Version: - Ubisoft Montpellier)

FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Greed Corp (HKLM-x32\...\Steam App 48950) (Version: - W!Games)

Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - )

Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)

Heroes of Might and Magic V Bundle (HKLM-x32\...\Heroes of Might and Magic V Bundle_is1) (Version: - GOG.com)

HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)

Ìàñòåð íàñòðîéêè, âåðñèÿ 0.2.1 (HKLM-x32\...\{4821B896-601E-4F86-B92F-8B5F28F1EFCD}_is1) (Version: 0.2.1 - Beeline)

IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )

Incredipede (HKLM-x32\...\Steam App 230150) (Version: - Colin Northway with art by Thomas Shahan)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden

Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)

Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)

Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden

Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)

K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )

Klogayd (HKLM-x32\...\{2C6A529F-ADC1-73F6-B9F2-0AEEAAB8CF89}) (Version: 0.75 - IT7Games)

Legend of Dungeon (HKLM-x32\...\Steam App 238280) (Version: - )

Lizardtech Document Express Editor (HKLM-x32\...\{6B5D24D9-58D9-491C-AF7D-0FF20E79016B}) (Version: - )

LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden

LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden

LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden

Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version: - Hanako Games)

Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)

Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)

MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.9 - Design Science, Inc.)

Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden

Microsoft Advertising SDK for Windows Phone - ENU (x32 Version: 6.2.960.0 - Microsoft Corporation) Hidden

Microsoft Advertising SDK for Windows Phone 8.1 XAML - ENU (x32 Version: 8.1.40427.0 - Microsoft Corporation) Hidden

Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.40402.0 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013 (x32 Version: 2.3.50425.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.1.20409.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden

Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden

Microsoft C++ Azure Mobile SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden

Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden

Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Exchange Web Services Managed API 2.1 (x32 Version: 15.0.847.30 - Microsoft Corporation) Hidden

Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)

Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.30816.0) (Version: 4.0.30816.0 - Microsoft Corporation)

Microsoft Expression Blend 4 (x32 Version: 4.0.30816.0 - Microsoft Corporation) Hidden

Microsoft Expression Blend 4 Add-in for Adobe FXG Import (HKLM-x32\...\{EFBBD030-48F0-43B3-A8AD-789894DAD0B5}) (Version: 1.0.20817.0 - Microsoft Corporation)

Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden

Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)

Microsoft Expression Blend SDK for Windows Phone 7 (HKLM-x32\...\{69E11501-75F7-4ACE-8103-52513DDCFE26}) (Version: 2.0.20901.0 - Microsoft Corporation)

Microsoft Expression Blend SDK for Windows Phone OS 7.1 (HKLM-x32\...\{12B8E200-99CC-4203-A8D1-4145FC4D0192}) (Version: 2.0.30816.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)

Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)

Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden

Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)

Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden

Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden

Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - ENU (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft LightSwitch v4.5 SDK (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.8.50313.46 - Microsoft Corporation) Hidden

Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack (Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Developer Tools for Visual Studio (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft Office Developer Tools for Visual Studio ENU Language Pack (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Standard 2013 (HKLM\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Office Standard 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)

Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - chs (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - cht (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - csy (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - esn (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - fra (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - ita (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - jpn (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - kor (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - plk (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - ptb (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - rus (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Portable Library Multi-Targeting Pack Language Pack - trk (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Microsoft Report Viewer Add-On für Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.30422 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)

Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)

Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft Team Foundation Server 2013 Update 2 Object Model (x64) (Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Team Foundation Server 2013 Update 2 Object Model Language Pack (x64) - ENU (Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual C++ ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ x64 Native Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ x64-arm Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ x64-x86 Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Compilers For Windows Phone - ENU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Compilers For Windows Phone (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Core Libraries For Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU (x32 Version: 10.1.40219 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Devenv Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Diagnostic Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Diagnostic Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 IntelliTrace (x64) (Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 IntelliTrace (x86) (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 IntelliTrace Front End (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Performance Collection Tools - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Performance Collection Tools (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 XAML UI Designer - ENU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 XAML UI Designer (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft Visual Studio Premium 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Premium 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Professional 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Ultimate 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)

Microsoft Visual Studio Ultimate 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)

Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden

Microsoft XNA Game Studio 4.0 Refresh (ARP entry) (x32 Version: 4.0.30901.0 - Microsoft Corporation) Hidden

Microsoft XNA Game Studio 4.0 Refresh (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.30901.0 - Microsoft Corporation)

Microsoft XNA Game Studio 4.0 Refresh (Redists) (x32 Version: 4.0.30901.0 - Microsoft Corporation) Hidden

Microsoft XNA Game Studio 4.0 Refresh (Shared Components) (x32 Version: 4.0.30901.0 - Microsoft Corporation) Hidden

Microsoft XNA Game Studio 4.0 Refresh (Visual Studio) (x32 Version: 4.0.30901.0 - Microsoft Corporation) Hidden

Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{89690B51-2E21-4E93-914E-F9CAC5B24A84}) (Version: 1.4.0.0 - Microsoft Corporation)

Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Might & Magic VI (HKLM-x32\...\Steam App 243380) (Version: - )

Might and Magic® VII (HKLM-x32\...\Might and Magic® VII) (Version: - )

Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - Tale Worlds)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 27.0 (x86 ru) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 ru)) (Version: 27.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)

MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)

NVIDIA Control Panel 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden

NVIDIA Graphics Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden

NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden

Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden

OpenAL (HKLM-x32\...\OpenAL) (Version: - )

Origin90 (HKLM-x32\...\{685A89CB-DF27-42D6-A623-34F40DBBFFB2}) (Version: 9.00.00 - OriginLab Corporation)

Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)

Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden

Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)

Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden

PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden

Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)

Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)

Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications)

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

Ragnarok (HKLM-x32\...\Steam App 215100) (Version: - Gravity Interactive)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21222 - Realtek Semiconductor Corp.)

Reus (HKLM-x32\...\Steam App 222730) (Version: - Abbey Games)

Ring Runner: Flight of the Sages (HKLM-x32\...\Steam App 258010) (Version: - Triple.B.Titles)

Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)

Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)

Secrets of Grindea (HKLM-x32\...\Steam App 269770) (Version: - )

Secrets of Grindea v0.56g (HKLM-x32\...\Secrets of Grindea_is1) (Version: - Pixel Ferrets)

Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden

Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)

Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)

SpaceChem (HKLM-x32\...\Steam App 92800) (Version: - Zachtronics)

Spellforce 2: Gold Edition (HKLM-x32\...\Steam App 39550) (Version: - Phenomic)

Spore (HKLM-x32\...\Spore_is1) (Version: - )

Starbound (HKLM-x32\...\Steam App 211820) (Version: - )

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Sunless Sea (HKLM-x32\...\Steam App 304650) (Version: - Failbetter Games)

Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden

Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)

Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)

Terraria Game Launcher version 3.2.0.3 (HKLM-x32\...\{31D22D10-7FD2-401B-8AEA-D20A1A9A440E}_is1) (Version: 3.2.0.3 - Eikester)

TortoiseSVN 1.8.8.25755 (64 bit) (HKLM\...\{7DAA9D5A-ED99-40D2-AA9D-386722FE105A}) (Version: 1.8.25755 - TortoiseSVN)

TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden

TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden

Ultima Online Renaissance - Forgotten World Edition (HKLM-x32\...\Ultima Online Renaissance_is1) (Version: - Forgotten World, Inc.)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.STANDARD_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.STANDARD_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)

Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.STANDARD_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)

Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.STANDARD_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.STANDARD_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.STANDARD_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.STANDARD_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.STANDARD_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.STANDARD_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.STANDARD_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version: - Microsoft)

Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version: - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.STANDARD_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)

Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.STANDARD_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)

Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)

Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.STANDARD_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)

Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.STANDARD_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)

Update for Microsoft Outlook 2013 (KB2881011) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{679E6BE6-50D5-4D94-A10E-CB4FE1C5695B}) (Version: - Microsoft)

Update for Microsoft Outlook 2013 (KB2881011) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.STANDARD_{679E6BE6-50D5-4D94-A10E-CB4FE1C5695B}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.STANDARD_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version: - Microsoft)

Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)

Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.STANDARD_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.STANDARD_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)

Update for Microsoft Visual Studio 2013 (KB2932965) (HKLM-x32\...\{7dbba119-718a-4f68-b33e-454dc8aa5faf}) (Version: 12.0.30112 - Microsoft Corporation)

Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)

Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-0012-0000-1000-0000000FF1CE}_Office15.STANDARD_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version: - Microsoft)

Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.STANDARD_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version: - Microsoft)

Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.STANDARD_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version: - Microsoft)

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)

Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version: - Ubisoft Montpellier)

Visual F# 3.1 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Visual F# 3.1 VS (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Visual Studio 2012 Verification SDK (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Visual Studio 2013 Prerequisites - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden

Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden

Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)

Visual Studio 2013 的 Microsoft Report Viewer 附加元件 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Visual Studio 2013용 Microsoft Report Viewer 추가 기능 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 2.1.30501.00 - Microsoft Corporation) Hidden

VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )

Warcraft III: All Products (HKCU\...\Warcraft III) (Version: - )

WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden

WCF Data Services SDK for Windows Phone (HKLM-x32\...\{6F33C2E2-5E02-4344-90BC-ED55C48341D2}) (Version: 4.7.6.0 - Microsoft Corporation)

WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden

WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)

WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden

WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)

Windows 8 Development Essentials (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden

Windows App Certification Kit x64 (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden

Windows Azure Mobile Services SDK (x32 Version: 1.0.20401.0 - Microsoft Corporation) Hidden

Windows Azure Mobile Services Tools for Visual Studio - v1.1 (x32 Version: 1.1.20407.1601 - Microsoft Corporation) Hidden

Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden

Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2 (x32 Version: 2.2.20311.1602 - Microsoft) Hidden

Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden

Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)

Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Phone 8.0 Emulation Host (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Windows Phone 8.0 Emulation Images (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Windows Phone 8.0 Emulation Images (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone 8.0 Managed SDK Profiler (ARM) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Windows Phone 8.0 Managed SDK Profiler (X86) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Windows Phone 8.0 Tools for Visual Studio 2013 - ENU Language Pack (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone 8.0 Tools for Visual Studio 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{940596e5-652a-4970-8a5a-492e73ed0fbb}) (Version: 12.0.30501.0 - Microsoft Corporation)

Windows Phone 8.1 SDK - ARM (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden

Windows Phone 8.1 SDK - Desktop (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden

Windows Phone 8.1 SDK - Images (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden

Windows Phone 8.1 SDK - x64 (Version: 8.1.12358 - Microsoft Corporation) Hidden

Windows Phone 8.1 SDK - x86 (x32 Version: 8.1.12358 - Microsoft Corporation) Hidden

Windows Phone 8.1 Tools for Visual Studio 2013 - ENU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone 8.1 Tools for Visual Studio 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone 8.1 Tools for Visual Studio Professional 2013 - ENU (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone 8.1 Tools for Visual Studio Professional 2013 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone Emulator 8.0 Configurator (x32 Version: 11.0.60830 - Microsoft Corporation) Hidden

Windows Phone Emulator 8.1 Configurator (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone Emulator x64 - ENU (HKLM\...\{C9AEABC2-1DD6-3280-9A1A-11E1E8D34AAD}) (Version: 10.0.40219 - Microsoft Corporation)

Windows Phone SDK 7.1 - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU) (Version: 10.1.40219 - Microsoft Corporation)

Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU (HKLM-x32\...\{A721BC43-E63E-3531-B1BF-6A405F9530BD}) (Version: 10.0.40219 - Microsoft Corporation)

Windows Phone SDK 7.1 Assemblies (HKLM-x32\...\{9E2F2BAC-A9FD-35BC-B8E0-253FEBED0F9B}) (Version: 10.0.40219 - Microsoft Corporation)

Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0 (HKLM-x32\...\{A4CC18F6-DB05-4B03-B724-4128322FA85F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Windows Phone SDK 8.0 Assemblies (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Windows Phone SDK 8.0 Assemblies (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Phone Tools Finalizer (Version: 11.0.60610 - Microsoft Corporation) Hidden

Windows Phone Tools Finalizer (Version: 12.0.30501 - Microsoft Corporation) Hidden

Windows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden

Windows Software Development Kit (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26695 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26695 - Microsoft Corporation) Hidden

Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden

Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

Wizardry 8 (HKLM-x32\...\Steam App 245450) (Version: - )

Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden

Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden

World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812RU}_is1) (Version: - Wargaming.net)

WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)

Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.7.3.20131014 - Xilisoft)

ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)

КОМПАС-3D V13 Home (HKLM-x32\...\{9372A99D-25D3-472F-85E9-34C0FE879BA5}) (Version: 13.0 - АСКОН)

Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Fearen\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-985896895-1321975429-906874235-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Fearen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

16-08-2014 09:25:02 Installed TortoiseSVN 1.8.8.25755 (64 bit)

26-08-2014 11:10:55 Scheduled Checkpoint

03-09-2014 02:19:46 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 17:25 - 2014-07-02 23:03 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {045092E6-EDDC-4B83-BC53-983D98FE5F22} - \ASUS Live Update2 No Task File <==== ATTENTION

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {06665545-26EA-4D40-B5A6-EC25FEC7DEB9} - \User_Feed_Synchronization-{595B2F02-F8DC-48F0-8922-519FA7A9199B} No Task File <==== ATTENTION

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {103ECFDD-D2C6-4CEE-A299-FD30FCD60DC2} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION

Task: {12DFE514-655F-41D0-9504-811FA9D42AB2} - System32\Tasks\a2zLyrics-1-updater => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-updater.exe <==== ATTENTION

Task: {16268D18-E935-446A-92C8-1AFF2FEC2001} - \ASUS InstantOn Config No Task File <==== ATTENTION

Task: {18728C31-2FD9-4C0D-AD8E-DD551F843EA5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {1E4DF7E0-BDE4-4F2A-874C-8250D6995BCA} - \ASUS Live Update1 No Task File <==== ATTENTION

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {323956B3-C74F-464D-B978-2F30B22D371C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {39C2CE5E-2EEB-48B0-97A5-12E41A68E26D} - \ASUS Splendid ACMON No Task File <==== ATTENTION

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {3F031691-B4CA-44F1-BFCE-CCCAC07B29DF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe

Task: {4169E45E-46B5-4D73-9642-DA16E0981836} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {4C281630-4728-4CDD-9EE5-B020C2A7D563} - \ASUS P4G No Task File <==== ATTENTION

Task: {51A0BFC3-6823-413D-B297-D0198364010E} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-04-13] (ASUSTek Computer Inc.)

Task: {5537F049-F9A0-48A5-9485-04ABA43765FE} - \{83AA97AB-7A19-4294-8864-D595E65731FD} No Task File <==== ATTENTION

Task: {56F477D2-AF9C-4598-BA3D-97E062F60C6D} - System32\Tasks\a2zLyrics-1-enabler => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-enabler.exe <==== ATTENTION

Task: {5997B4F3-E5A4-4770-9BE3-9CBEDCF04CD9} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {5B2468AF-CA73-44A1-A661-43F53D2AFF82} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {6467B3A9-D7FF-4C08-A94E-D608A701981D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-fearen@bk.ru => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {752A867A-9622-45C8-94E6-A55C0A725B9C} - \Microsoft OneDrive Auto Update Task-S-1-5-21-985896895-1321975429-906874235-1002 No Task File <==== ATTENTION

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {825CF4E9-99D8-4A9F-BC2C-C9B5901923B7} - \AsusVibeSchedule No Task File <==== ATTENTION

Task: {83E2F2C8-478A-46E5-BF33-72D30E851585} - \ASUS USB Charger Plus No Task File <==== ATTENTION

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {8F0CE52F-2DB4-477B-99D6-AE06C85817ED} - \ASUS Touchpad Launcher (x64) No Task File <==== ATTENTION

Task: {936F8D1A-81E3-4846-8527-92F96FD0F041} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)

Task: {93CECD3F-D55D-47E2-8766-08BF0A2DAB34} - \ASUS Splendid ColorU No Task File <==== ATTENTION

Task: {954251F9-D1D8-4CC3-82D2-3D03C6C87516} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)

Task: {9DE789B8-7B95-4722-91FB-5010AE9AE897} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {AF764374-C53E-4365-89B4-75C6A4D7A7E3} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {BBE40A20-9B97-4FA9-AB5E-9BDEF5CDFE9C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {C9F8A293-D714-4DE6-9850-78254DCF48A0} - System32\Tasks\a2zLyrics-1-chromeinstaller => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-chromeinstaller.exe <==== ATTENTION

Task: {CE8BFD74-7BAE-4CC8-82EC-B202C44C8EA5} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D5005FFC-3E0C-464A-A8CE-24FAD9F76BA6} - System32\Tasks\a2zLyrics-1-codedownloader => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-codedownloader.exe <==== ATTENTION

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {E961762B-A58C-4BFE-9852-71F0FDD71E4A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FEAREN-PC-Fearen Fearen-pc => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)

Task: C:\WINDOWS\Tasks\a2zLyrics-1-chromeinstaller.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-chromeinstaller.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\a2zLyrics-1-codedownloader.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-codedownloader.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\a2zLyrics-1-enabler.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-enabler.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\a2zLyrics-1-updater.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-updater.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-22 06:40 - 2013-09-12 12:58 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2013-12-13 16:59 - 2009-04-17 14:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

2014-08-10 16:10 - 2014-08-10 16:10 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll

2014-08-10 16:10 - 2014-08-10 16:10 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll

2014-05-12 13:49 - 2014-05-12 13:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2013-04-25 04:09 - 2013-04-25 04:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll

2013-04-25 04:07 - 2013-04-25 04:07 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll

2013-04-25 04:12 - 2013-04-25 04:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

2013-12-24 00:24 - 2011-02-26 03:01 - 00536078 _____ () C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\bash.exe

2014-08-03 11:15 - 2014-08-03 09:00 - 04759642 _____ () D:\games\openkore_ready\start.exe

2013-12-24 00:24 - 2012-02-06 17:59 - 00018446 _____ () C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\sleep.exe

2013-04-12 21:23 - 2013-04-12 21:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll

2014-08-31 10:29 - 2014-08-21 22:15 - 01171456 _____ () D:\games\Steam\libavcodec-56.dll

2014-08-31 10:29 - 2014-08-21 22:15 - 00332800 _____ () D:\games\Steam\libavresample-2.dll

2014-08-31 10:29 - 2014-08-21 22:15 - 00442368 _____ () D:\games\Steam\libavutil-54.dll

2014-08-31 10:29 - 2014-08-21 02:38 - 00774656 _____ () D:\games\Steam\SDL2.dll

2014-08-31 10:29 - 2014-08-28 15:48 - 02224320 _____ () D:\games\Steam\video.dll

2014-08-31 10:29 - 2014-08-21 22:15 - 00403968 _____ () D:\games\Steam\libavformat-56.dll

2014-08-31 10:29 - 2014-08-21 22:15 - 00485888 _____ () D:\games\Steam\libswscale-3.dll

2014-08-31 10:29 - 2014-08-28 15:48 - 00678080 _____ () D:\games\Steam\bin\chromehtml.DLL

2014-09-10 22:21 - 2014-09-10 22:21 - 00043008 _____ () c:\users\fearen\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk6fddg.dll

2013-08-23 23:01 - 2013-08-23 23:01 - 25100288 _____ () C:\Users\Fearen\AppData\Roaming\Dropbox\bin\libcef.dll

2013-12-24 00:24 - 2012-05-05 01:07 - 00165902 _____ () C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\cygreadline7.dll

2013-12-24 00:24 - 2011-10-26 08:26 - 00080910 _____ () C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\cyggcc_s-1.dll

2013-12-24 00:24 - 2010-01-03 00:35 - 00249870 _____ () C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\cygncursesw-10.dll

2013-12-13 16:51 - 2013-03-21 03:45 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2014-08-31 10:29 - 2014-08-21 02:38 - 34589376 _____ () D:\games\Steam\bin\libcef.dll

2014-08-10 15:40 - 2014-08-10 15:40 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll

2014-09-05 07:12 - 2014-08-30 06:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll

2014-09-05 07:12 - 2014-08-30 06:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll

2014-09-05 07:12 - 2014-08-30 06:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll

2014-09-05 07:12 - 2014-08-30 06:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll

2014-09-05 07:12 - 2014-08-30 06:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll

2014-09-05 07:12 - 2014-08-30 06:49 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll

2014-08-31 10:29 - 2014-08-21 02:38 - 00837824 _____ () D:\games\Steam\bin\ffmpegsumo.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00020587 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\5811ad0143ef4b833721b86079129a8b\Cwd.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00045163 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\791de6785dee4272f81191509a3916a3\Win32.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00024693 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\547b44fb47bb4104d54fb0610521d69a\HiRes.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00028794 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\f7d2b8d992c83a5fef49816625c82c17\Util.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00036974 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\c89c5c2b62d65b506e25181740473cfb\Encode.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00028785 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\b3334b0da6e9ac8826a7bcb95b759392\encoding.dll

2014-08-03 11:15 - 2014-08-03 09:00 - 00842999 _____ () D:\games\openkore_ready\XSTools.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00024670 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\39e77646f120ab10fd580ce5547457bc\IO.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00024679 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\f6abdadf80d1a5df1c193b3555a992e5\Glob.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00102530 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\87b0c32a91693f393d3e4a7ae21581b5\Zlib.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00024676 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\976149dce8abb473f6370400bbeeb653\Fcntl.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00028774 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\cd1f373da56ce7952df1037c9f6ec08e\Socket.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00168030 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\4b5d489aed73c7799d111b1ef29e78d3\re.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00032888 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\a556e1815f2ed7e75af25a4aa09bc7c0\Dumper.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00024691 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\a416e864dcdf5f06c5e5c3808475f131\MD5.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00024716 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\dbecb32fee611cea5ae0f8234b695952\FastCalc.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00065642 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\1d18acbf4e8b63dcd4166d6bcf1b5dcb\Storable.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00049277 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\048dac34a71ef7231b3a939779ee0544\Console.dll

2014-08-03 11:16 - 2014-08-03 11:16 - 00110705 ____R () C:\Users\Fearen\AppData\Local\Temp\pdk-Fearen\fbbc69b7ab1d29c40a805c6b0746d621\Byte.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Fearen\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

Name: Bluetooth Audio Device

Description: Bluetooth Audio Device

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Qualcomm Atheros Communications

Service: BTATH_A2DP

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Virtual Bluetooth Support (Include Audio)

Description: Virtual Bluetooth Support (Include Audio)

Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}

Manufacturer: Qualcomm Atheros Communications

Service: AthBTPort

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

Name: Bluetooth LWFLT Device

Description: Bluetooth LWFLT Device

Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}

Manufacturer: Qualcomm Atheros Communications

Service: BTATH_LWFLT

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

==================== Event log errors: =========================

Application errors:

==================

Error: (09/10/2014 07:55:25 PM) (Source: MsiInstaller) (EventID: 1002) (User: FEAREN-PC)

Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'

Error: (09/10/2014 07:54:50 PM) (Source: MsiInstaller) (EventID: 1002) (User: FEAREN-PC)

Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'

Error: (09/10/2014 07:54:03 PM) (Source: MsiInstaller) (EventID: 1002) (User: FEAREN-PC)

Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'

Error: (09/09/2014 01:49:43 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)

Description: Chrome has encountered a fatal error.

ver=36.0.1985.143;lang=;guid=2755258C72384C99BAAEBAF7D1214574;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\8ddc31e9-bb41-48c0-9e19-ca9d1828bd43.dmp

Error: (09/09/2014 04:20:32 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".

Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (09/09/2014 04:20:31 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".

Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (09/09/2014 04:20:31 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".

Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (09/09/2014 04:20:30 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".

Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (09/08/2014 01:17:54 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program DllHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1794

Start Time: 01cfcb45b357e085

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\DllHost.exe

Report Id: f9ebceaa-3738-11e4-be97-240a64691df0

Faulting package full name: FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: Microsoft.Windows.FileManager

Error: (09/08/2014 01:17:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FEAREN-PC)

Description: App FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.FileManager did not launch within its allotted time.

System errors:

=============

Error: (09/10/2014 10:23:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Intel® Management and Security Application Local Management Service service hung on starting.

Error: (09/10/2014 10:18:57 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for FailureActions with the following error:

%%5

Error: (09/10/2014 09:44:05 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\WINDOWS\SysWow64\Drivers\uti4mzgx.sys

Error: (09/10/2014 09:38:51 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\WINDOWS\SysWow64\Drivers\uti4mzgx.sys

Error: (09/10/2014 09:03:33 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for FailureActions with the following error:

%%5

Error: (09/10/2014 08:58:09 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for FailureActions with the following error:

%%5

Error: (09/10/2014 00:17:11 PM) (Source: bowser) (EventID: 8003) (User: )

Description: The master browser has received a server announcement from the computer ЛЕОНИД-ПК

that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DB902F1-EC3F-45EC-9A21-07B9F8EE8ED4}.

The master browser is stopping or an election is being forced.

Error: (09/09/2014 06:25:41 PM) (Source: bowser) (EventID: 8003) (User: )

Description: The master browser has received a server announcement from the computer ЛЕОНИД-ПК

that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DB902F1-EC3F-45EC-9A21-07B9F8EE8ED4}.

The master browser is stopping or an election is being forced.

Error: (09/09/2014 03:55:15 PM) (Source: bowser) (EventID: 8003) (User: )

Description: The master browser has received a server announcement from the computer ЛЕОНИД-ПК

that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DB902F1-EC3F-45EC-9A21-07B9F8EE8ED4}.

The master browser is stopping or an election is being forced.

Error: (09/09/2014 02:43:59 PM) (Source: bowser) (EventID: 8003) (User: )

Description: The master browser has received a server announcement from the computer ЛЕОНИД-ПК

that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DB902F1-EC3F-45EC-9A21-07B9F8EE8ED4}.

The master browser is stopping or an election is being forced.

Microsoft Office Sessions:

=========================

Error: (09/10/2014 07:55:25 PM) (Source: MsiInstaller) (EventID: 1002) (User: FEAREN-PC)

Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (09/10/2014 07:54:50 PM) (Source: MsiInstaller) (EventID: 1002) (User: FEAREN-PC)

Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (09/10/2014 07:54:03 PM) (Source: MsiInstaller) (EventID: 1002) (User: FEAREN-PC)

Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (09/09/2014 01:49:43 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)

Description: Chrome has encountered a fatal error.

ver=36.0.1985.143;lang=;guid=2755258C72384C99BAAEBAF7D1214574;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\8ddc31e9-bb41-48c0-9e19-ca9d1828bd43.dmp

Error: (09/09/2014 04:20:32 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll

Error: (09/09/2014 04:20:31 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (09/09/2014 04:20:31 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll

Error: (09/09/2014 04:20:30 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll

Error: (09/08/2014 01:17:54 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: DllHost.exe6.3.9600.16384179401cfcb45b357e0854294967295C:\WINDOWS\system32\DllHost.exef9ebceaa-3738-11e4-be97-240a64691df0FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.FileManager

Error: (09/08/2014 01:17:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FEAREN-PC)

Description: FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.FileManager

CodeIntegrity Errors:

===================================

Date: 2014-08-17 14:09:24.701

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:59.316

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:59.249

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:59.197

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:58.978

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:58.917

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:58.839

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:58.178

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:58.101

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-08-08 04:34:58.044

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz

Percentage of memory in use: 42%

Total physical RAM: 8075.79 MB

Available physical RAM: 4680.31 MB

Total Pagefile: 16267.79 MB

Available Pagefile: 12237.09 MB

Total Virtual: 131072 MB

Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.26 GB) (Free:280.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (DATA) (Fixed) (Total:537.6 GB) (Free:135.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 2ADC1B83)

Partition: GPT Partition Type.

==================== End Of Log ============================

#4 Fearen

New Member

Authentic Member
9 posts

Posted 10 September 2014 - 03:44 PM

01:32:17.0615 0x1c30 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

01:32:17.0615 0x1c30 UEFI system

01:32:22.0264 0x1c30 ============================================================

01:32:22.0264 0x1c30 Current date / time: 2014/09/11 01:32:22.0264

01:32:22.0264 0x1c30 SystemInfo:

01:32:22.0264 0x1c30

01:32:22.0264 0x1c30 OS Version: 6.3.9600 ServicePack: 0.0

01:32:22.0264 0x1c30 Product type: Workstation

01:32:22.0264 0x1c30 ComputerName: FEAREN-PC

01:32:22.0264 0x1c30 UserName: Fearen

01:32:22.0264 0x1c30 Windows directory: C:\WINDOWS

01:32:22.0264 0x1c30 System windows directory: C:\WINDOWS

01:32:22.0264 0x1c30 Running under WOW64

01:32:22.0264 0x1c30 Processor architecture: Intel x64

01:32:22.0264 0x1c30 Number of processors: 8

01:32:22.0264 0x1c30 Page size: 0x1000

01:32:22.0264 0x1c30 Boot type: Normal boot

01:32:22.0264 0x1c30 ============================================================

01:32:22.0537 0x1c30 KLMD registered as C:\WINDOWS\system32\drivers\73199295.sys

01:32:23.0107 0x1c30 System UUID: {5A49C17F-A3A5-AE6D-07C4-D2AFF106C62F}

01:32:23.0540 0x1c30 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

01:32:23.0542 0x1c30 ============================================================

01:32:23.0542 0x1c30 \Device\Harddisk0\DR0:

01:32:23.0567 0x1c30 GPT partitions:

01:32:23.0567 0x1c30 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {75F1EDA7-17AA-485D-9B76-45B126E4592F}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000

01:32:23.0567 0x1c30 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DE8C141F-3D06-4192-A206-9309375FAF34}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000

01:32:23.0567 0x1c30 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F2B1FD08-6B18-419B-933E-55EC03BF6CB0}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000

01:32:23.0567 0x1c30 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7C2BA597-768C-4D0B-97CB-8CF339DF4148}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x2E886800

01:32:23.0567 0x1c30 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {93E15B68-BA0A-4D79-B554-29A8739D0944}, Name: , StartLBA 0x2EB1F000, BlocksNum 0xAF000

01:32:23.0567 0x1c30 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9C8E46CD-24C5-4689-8A9D-2AC37A5E8335}, Name: Basic data partition, StartLBA 0x2EBCE000, BlocksNum 0x43333800

01:32:23.0567 0x1c30 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6C1413B9-EB02-4D7F-8795-EBA5B5A474E1}, Name: Basic data partition, StartLBA 0x71F01800, BlocksNum 0x2805000

01:32:23.0567 0x1c30 MBR partitions:

01:32:23.0567 0x1c30 ============================================================

01:32:23.0647 0x1c30 C: <-> \Device\Harddisk0\DR0\Partition4

01:32:23.0731 0x1c30 D: <-> \Device\Harddisk0\DR0\Partition6

01:32:23.0731 0x1c30 ============================================================

01:32:23.0731 0x1c30 Initialize success

01:32:23.0731 0x1c30 ============================================================

01:33:32.0282 0x1724 ============================================================

01:33:32.0282 0x1724 Scan started

01:33:32.0282 0x1724 Mode: Manual; SigCheck; TDLFS;

01:33:32.0282 0x1724 ============================================================

01:33:32.0282 0x1724 KSN ping started

01:33:34.0621 0x1724 KSN ping finished: true

01:33:35.0972 0x1724 ================ Scan system memory ========================

01:33:35.0972 0x1724 System memory - ok

01:33:35.0972 0x1724 ================ Scan services =============================

01:33:36.0156 0x1724 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys

01:33:36.0182 0x1724 1394ohci - ok

01:33:36.0197 0x1724 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys

01:33:36.0205 0x1724 3ware - ok

01:33:36.0242 0x1724 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys

01:33:36.0260 0x1724 ACPI - ok

01:33:36.0274 0x1724 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys

01:33:36.0282 0x1724 acpiex - ok

01:33:36.0301 0x1724 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys

01:33:36.0308 0x1724 acpipagr - ok

01:33:36.0326 0x1724 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys

01:33:36.0334 0x1724 AcpiPmi - ok

01:33:36.0351 0x1724 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys

01:33:36.0359 0x1724 acpitime - ok

01:33:36.0439 0x1724 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

01:33:36.0446 0x1724 AdobeARMservice - ok

01:33:36.0714 0x1724 [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

01:33:36.0723 0x1724 AdobeFlashPlayerUpdateSvc - ok

01:33:36.0752 0x1724 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS

01:33:36.0774 0x1724 ADP80XX - ok

01:33:36.0803 0x1724 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll

01:33:36.0813 0x1724 AeLookupSvc - ok

01:33:36.0869 0x1724 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys

01:33:36.0885 0x1724 AFD - ok

01:33:36.0913 0x1724 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys

01:33:36.0920 0x1724 agp440 - ok

01:33:36.0935 0x1724 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys

01:33:36.0944 0x1724 ahcache - ok

01:33:36.0977 0x1724 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys

01:33:36.0985 0x1724 AiCharger - ok

01:33:37.0017 0x1724 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe

01:33:37.0036 0x1724 ALG - ok

01:33:37.0055 0x1724 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys

01:33:37.0063 0x1724 AmdK8 - ok

01:33:37.0080 0x1724 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys

01:33:37.0089 0x1724 AmdPPM - ok

01:33:37.0105 0x1724 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys

01:33:37.0112 0x1724 amdsata - ok

01:33:37.0131 0x1724 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys

01:33:37.0142 0x1724 amdsbs - ok

01:33:37.0159 0x1724 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys

01:33:37.0166 0x1724 amdxata - ok

01:33:37.0179 0x1724 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys

01:33:37.0187 0x1724 AppID - ok

01:33:37.0217 0x1724 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll

01:33:37.0224 0x1724 AppIDSvc - ok

01:33:37.0241 0x1724 [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\WINDOWS\System32\appinfo.dll

01:33:37.0250 0x1724 Appinfo - ok

01:33:37.0288 0x1724 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll

01:33:37.0304 0x1724 AppReadiness - ok

01:33:37.0356 0x1724 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll

01:33:37.0384 0x1724 AppXSvc - ok

01:33:37.0397 0x1724 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys

01:33:37.0405 0x1724 arcsas - ok

01:33:37.0491 0x1724 [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

01:33:37.0498 0x1724 ASLDRService - ok

01:33:37.0519 0x1724 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

01:33:37.0523 0x1724 ASMMAP64 - ok

01:33:37.0612 0x1724 [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

01:33:37.0620 0x1724 aspnet_state - ok

01:33:37.0680 0x1724 [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files\ASUS\P4G\InsOnSrv.exe

01:33:37.0688 0x1724 ASUS InstantOn - ok

01:33:37.0697 0x1724 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

01:33:37.0706 0x1724 AsyncMac - ok

01:33:37.0724 0x1724 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys

01:33:37.0730 0x1724 atapi - ok

01:33:37.0756 0x1724 [ 427A6D1397E826B370D025EE73A50E6E, FC8BAB3AA95B55D59B8DF9F97C87D1F3CEAB609A3E6C8BD576F3BF9047C6A120 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys

01:33:37.0762 0x1724 AthBTPort - ok

01:33:37.0817 0x1724 [ 54D0CDDB72425D42F7B504EE392E9653, 925FC00DC1222ECC8D750E240E8C159CF46F0BDBAADCDB2108892CF2CD91ED79 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

01:33:37.0825 0x1724 AtherosSvc - ok

01:33:37.0933 0x1724 [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys

01:33:37.0997 0x1724 athr - ok

01:33:38.0031 0x1724 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

01:33:38.0036 0x1724 ATKGFNEXSrv - ok

01:33:38.0067 0x1724 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

01:33:38.0071 0x1724 ATKWMIACPIIO - ok

01:33:38.0099 0x1724 [ 3903D1056E778BAEFA310B9B6EA6053E, 863977B4166A04557E154C41AC3B194A9F5C56C6090E8DE47C0D9D0E8CBD648E ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys

01:33:38.0104 0x1724 ATP - ok

01:33:38.0121 0x1724 [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

01:33:38.0147 0x1724 AudioEndpointBuilder - ok

01:33:38.0219 0x1724 [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll

01:33:38.0239 0x1724 Audiosrv - ok

01:33:38.0275 0x1724 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll

01:33:38.0282 0x1724 AxInstSV - ok

01:33:38.0355 0x1724 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys

01:33:38.0371 0x1724 b06bdrv - ok

01:33:38.0383 0x1724 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys

01:33:38.0390 0x1724 BasicDisplay - ok

01:33:38.0434 0x1724 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys

01:33:38.0441 0x1724 BasicRender - ok

01:33:38.0468 0x1724 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys

01:33:38.0473 0x1724 bcmfn2 - ok

01:33:38.0516 0x1724 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll

01:33:38.0528 0x1724 BDESVC - ok

01:33:38.0562 0x1724 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys

01:33:38.0569 0x1724 Beep - ok

01:33:38.0594 0x1724 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll

01:33:38.0613 0x1724 BFE - ok

01:33:38.0666 0x1724 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll

01:33:38.0706 0x1724 BITS - ok

01:33:38.0725 0x1724 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys

01:33:38.0733 0x1724 bowser - ok

01:33:38.0762 0x1724 [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

01:33:38.0773 0x1724 BrokerInfrastructure - ok

01:33:38.0802 0x1724 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\WINDOWS\System32\browser.dll

01:33:38.0810 0x1724 Browser - ok

01:33:38.0842 0x1724 [ E9B6AC24CB3737D2F93C05590B4A9048, 7CFDF93947925EDF6D6C0AD9E3A31AF098E8F8574AFCD8C7B3242E29A1F38CDD ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys

01:33:38.0852 0x1724 BTATH_A2DP - ok

01:33:38.0870 0x1724 [ 2BD94FC9AB890A7A7CEF81E5F1A2D421, 0B572D0F6558CA37164A15A8D9DF13160BBF6DA119B8E92436B3DCFA19361E31 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys

01:33:38.0875 0x1724 btath_avdt - ok

01:33:38.0889 0x1724 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys

01:33:38.0897 0x1724 BTATH_HCRP - ok

01:33:38.0909 0x1724 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys

01:33:38.0914 0x1724 BTATH_LWFLT - ok

01:33:38.0934 0x1724 [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys

01:33:38.0940 0x1724 BTATH_RCP - ok

01:33:38.0970 0x1724 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys

01:33:38.0983 0x1724 BtFilter - ok

01:33:39.0014 0x1724 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

01:33:39.0021 0x1724 BthAvrcpTg - ok

01:33:39.0037 0x1724 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys

01:33:39.0044 0x1724 BthEnum - ok

01:33:39.0061 0x1724 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys

01:33:39.0068 0x1724 BthHFEnum - ok

01:33:39.0079 0x1724 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys

01:33:39.0086 0x1724 bthhfhid - ok

01:33:39.0115 0x1724 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys

01:33:39.0125 0x1724 BthLEEnum - ok

01:33:39.0144 0x1724 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys

01:33:39.0151 0x1724 BTHMODEM - ok

01:33:39.0156 0x1724 [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys

01:33:39.0165 0x1724 BthPan - ok

01:33:39.0222 0x1724 [ 92370F46AF28D54B67C135FA8C2AFCFC, B1C0DBF27D392DEA8786AB9479C6CCD5A5DBDF3BE25ABA5FC7C6DB6D3EEE739B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys

01:33:39.0247 0x1724 BTHPORT - ok

01:33:39.0287 0x1724 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll

01:33:39.0296 0x1724 bthserv - ok

01:33:39.0406 0x1724 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys

01:33:39.0414 0x1724 BTHUSB - ok

01:33:39.0415 0x1724 c2wts - ok

01:33:39.0453 0x1724 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys

01:33:39.0461 0x1724 cdfs - ok

01:33:39.0486 0x1724 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys

01:33:39.0495 0x1724 cdrom - ok

01:33:39.0526 0x1724 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll

01:33:39.0551 0x1724 CertPropSvc - ok

01:33:39.0567 0x1724 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys

01:33:39.0574 0x1724 circlass - ok

01:33:39.0605 0x1724 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys

01:33:39.0618 0x1724 CLFS - ok

01:33:39.0649 0x1724 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys

01:33:39.0656 0x1724 CmBatt - ok

01:33:39.0696 0x1724 [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG C:\WINDOWS\system32\Drivers\cng.sys

01:33:39.0713 0x1724 CNG - ok

01:33:39.0731 0x1724 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys

01:33:39.0738 0x1724 CompositeBus - ok

01:33:39.0740 0x1724 COMSysApp - ok

01:33:39.0751 0x1724 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys

01:33:39.0759 0x1724 condrv - ok

01:33:39.0830 0x1724 [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

01:33:39.0839 0x1724 cphs - ok

01:33:39.0870 0x1724 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll

01:33:39.0885 0x1724 CryptSvc - ok

01:33:39.0903 0x1724 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys

01:33:39.0910 0x1724 dam - ok

01:33:39.0945 0x1724 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

01:33:39.0972 0x1724 DcomLaunch - ok

01:33:40.0017 0x1724 [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc C:\WINDOWS\System32\defragsvc.dll

01:33:40.0030 0x1724 defragsvc - ok

01:33:40.0063 0x1724 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll

01:33:40.0076 0x1724 DeviceAssociationService - ok

01:33:40.0103 0x1724 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll

01:33:40.0111 0x1724 DeviceInstall - ok

01:33:40.0128 0x1724 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys

01:33:40.0136 0x1724 Dfsc - ok

01:33:40.0181 0x1724 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll

01:33:40.0193 0x1724 Dhcp - ok

01:33:40.0229 0x1724 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys

01:33:40.0237 0x1724 disk - ok

01:33:40.0268 0x1724 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys

01:33:40.0275 0x1724 dmvsc - ok

01:33:40.0301 0x1724 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

01:33:40.0311 0x1724 Dnscache - ok

01:33:40.0356 0x1724 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll

01:33:40.0368 0x1724 dot3svc - ok

01:33:40.0387 0x1724 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll

01:33:40.0400 0x1724 DPS - ok

01:33:40.0432 0x1724 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

01:33:40.0438 0x1724 drmkaud - ok

01:33:40.0490 0x1724 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll

01:33:40.0504 0x1724 DsmSvc - ok

01:33:40.0534 0x1724 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys

01:33:40.0543 0x1724 dtsoftbus01 - ok

01:33:40.0598 0x1724 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys

01:33:40.0633 0x1724 DXGKrnl - ok

01:33:40.0658 0x1724 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll

01:33:40.0668 0x1724 Eaphost - ok

01:33:40.0770 0x1724 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys

01:33:40.0839 0x1724 ebdrv - ok

01:33:40.0871 0x1724 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe

01:33:40.0878 0x1724 EFS - ok

01:33:40.0887 0x1724 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys

01:33:40.0895 0x1724 EhStorClass - ok

01:33:40.0917 0x1724 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

01:33:40.0925 0x1724 EhStorTcgDrv - ok

01:33:40.0936 0x1724 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys

01:33:40.0942 0x1724 ErrDev - ok

01:33:40.0986 0x1724 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll

01:33:41.0001 0x1724 EventSystem - ok

01:33:41.0022 0x1724 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys

01:33:41.0036 0x1724 exfat - ok

01:33:41.0049 0x1724 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys

01:33:41.0059 0x1724 fastfat - ok

01:33:41.0099 0x1724 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe

01:33:41.0116 0x1724 Fax - ok

01:33:41.0134 0x1724 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys

01:33:41.0141 0x1724 fdc - ok

01:33:41.0164 0x1724 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll

01:33:41.0175 0x1724 fdPHost - ok

01:33:41.0184 0x1724 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll

01:33:41.0195 0x1724 FDResPub - ok

01:33:41.0216 0x1724 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll

01:33:41.0225 0x1724 fhsvc - ok

01:33:41.0246 0x1724 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys

01:33:41.0253 0x1724 FileInfo - ok

01:33:41.0270 0x1724 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys

01:33:41.0281 0x1724 Filetrace - ok

01:33:41.0300 0x1724 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys

01:33:41.0307 0x1724 flpydisk - ok

01:33:41.0337 0x1724 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

01:33:41.0350 0x1724 FltMgr - ok

01:33:41.0405 0x1724 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll

01:33:41.0433 0x1724 FontCache - ok

01:33:41.0583 0x1724 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

01:33:41.0589 0x1724 FontCache3.0.0.0 - ok

01:33:41.0625 0x1724 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys

01:33:41.0632 0x1724 FsDepends - ok

01:33:41.0663 0x1724 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

01:33:41.0669 0x1724 Fs_Rec - ok

01:33:41.0815 0x1724 [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe

01:33:41.0821 0x1724 fussvc - detected UnsignedFile.Multi.Generic ( 1 )

01:33:44.0169 0x1724 Detect skipped due to KSN trusted

01:33:44.0169 0x1724 fussvc - ok

01:33:44.0195 0x1724 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys

01:33:44.0212 0x1724 fvevol - ok

01:33:44.0224 0x1724 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys

01:33:44.0231 0x1724 FxPPM - ok

01:33:44.0241 0x1724 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys

01:33:44.0248 0x1724 gagp30kx - ok

01:33:44.0294 0x1724 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

01:33:44.0301 0x1724 GamesAppService - ok

01:33:44.0331 0x1724 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys

01:33:44.0338 0x1724 gencounter - ok

01:33:44.0356 0x1724 [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys

01:33:44.0365 0x1724 GPIOClx0101 - ok

01:33:44.0424 0x1724 [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc C:\WINDOWS\System32\gpsvc.dll

01:33:44.0451 0x1724 gpsvc - ok

01:33:44.0512 0x1724 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

01:33:44.0518 0x1724 gupdate - ok

01:33:44.0521 0x1724 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

01:33:44.0527 0x1724 gupdatem - ok

01:33:44.0538 0x1724 [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys

01:33:44.0545 0x1724 HDAudBus - ok

01:33:44.0564 0x1724 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys

01:33:44.0571 0x1724 HidBatt - ok

01:33:44.0639 0x1724 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys

01:33:44.0648 0x1724 HidBth - ok

01:33:44.0680 0x1724 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys

01:33:44.0687 0x1724 hidi2c - ok

01:33:44.0708 0x1724 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys

01:33:44.0715 0x1724 HidIr - ok

01:33:44.0747 0x1724 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll

01:33:44.0755 0x1724 hidserv - ok

01:33:44.0778 0x1724 [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys

01:33:44.0782 0x1724 HIDSwitch - ok

01:33:44.0816 0x1724 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys

01:33:44.0823 0x1724 HidUsb - ok

01:33:44.0845 0x1724 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll

01:33:44.0855 0x1724 hkmsvc - ok

01:33:44.0874 0x1724 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

01:33:44.0884 0x1724 HomeGroupListener - ok

01:33:44.0913 0x1724 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

01:33:44.0926 0x1724 HomeGroupProvider - ok

01:33:44.0943 0x1724 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys

01:33:44.0950 0x1724 HpSAMD - ok

01:33:44.0978 0x1724 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys

01:33:45.0003 0x1724 HTTP - ok

01:33:45.0014 0x1724 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys

01:33:45.0020 0x1724 hwpolicy - ok

01:33:45.0032 0x1724 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys

01:33:45.0038 0x1724 hyperkbd - ok

01:33:45.0048 0x1724 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

01:33:45.0054 0x1724 HyperVideo - ok

01:33:45.0070 0x1724 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys

01:33:45.0078 0x1724 i8042prt - ok

01:33:45.0089 0x1724 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

01:33:45.0094 0x1724 iaLPSSi_GPIO - ok

01:33:45.0112 0x1724 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

01:33:45.0118 0x1724 iaLPSSi_I2C - ok

01:33:45.0169 0x1724 [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys

01:33:45.0184 0x1724 iaStorA - ok

01:33:45.0210 0x1724 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys

01:33:45.0224 0x1724 iaStorAV - ok

01:33:45.0248 0x1724 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys

01:33:45.0262 0x1724 iaStorV - ok

01:33:45.0265 0x1724 IEEtwCollectorService - ok

01:33:45.0386 0x1724 [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

01:33:45.0476 0x1724 igfx - ok

01:33:45.0520 0x1724 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll

01:33:45.0544 0x1724 IKEEXT - ok

01:33:45.0571 0x1724 [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys

01:33:45.0577 0x1724 intaud_WaveExtensible - ok

01:33:45.0679 0x1724 [ D739148367AAE1DA0C12160DE141ECED, 471E6EA03F2BD7DD1E2812B56EFB00EDDCAA87E974833B75114B8EE93DC358A5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys

01:33:45.0739 0x1724 IntcAzAudAddService - ok

01:33:45.0814 0x1724 [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

01:33:45.0826 0x1724 IntcDAud - ok

01:33:45.0961 0x1724 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

01:33:45.0975 0x1724 Intel® Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )

01:33:48.0320 0x1724 Detect skipped due to KSN trusted

01:33:48.0320 0x1724 Intel® Capability Licensing Service Interface - ok

01:33:48.0428 0x1724 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

01:33:48.0448 0x1724 Intel® Capability Licensing Service TCP IP Interface - ok

01:33:48.0514 0x1724 [ 726BFAF3DC2071218F0AE53C919A4D3B, 7934BB42C16F1DAA80AB92FA4AF4BFDD2B8AF73EF55D95950E4A77DBB3DCBF4A ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

01:33:48.0520 0x1724 Intel® ME Service - ok

01:33:48.0544 0x1724 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys

01:33:48.0550 0x1724 intelide - ok

01:33:48.0574 0x1724 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys

01:33:48.0580 0x1724 intelpep - ok

01:33:48.0598 0x1724 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys

01:33:48.0606 0x1724 intelppm - ok

01:33:48.0620 0x1724 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

01:33:48.0630 0x1724 IpFilterDriver - ok

01:33:48.0670 0x1724 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll

01:33:48.0692 0x1724 iphlpsvc - ok

01:33:48.0725 0x1724 [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys

01:33:48.0732 0x1724 IPMIDRV - ok

01:33:48.0759 0x1724 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys

01:33:48.0767 0x1724 IPNAT - ok

01:33:48.0857 0x1724 [ 3E5757BE828CC404425DC5A5EBB5CEFB, 5BBD807951FFDF5B31031A9D68685010740DC0037963224C2547DB5FEE3D43AE ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe

01:33:48.0862 0x1724 IpOverUsbSvc - ok

01:33:48.0890 0x1724 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys

01:33:48.0898 0x1724 IRENUM - ok

01:33:48.0918 0x1724 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys

01:33:48.0925 0x1724 isapnp - ok

01:33:48.0962 0x1724 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys

01:33:48.0972 0x1724 iScsiPrt - ok

01:33:48.0991 0x1724 [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys

01:33:48.0995 0x1724 iwdbus - ok

01:33:49.0034 0x1724 [ 1128B38EEC9DAF1B36373B65E87C00A3, 071E9454B9B442C2C3272FBC1AE5E92911A23CDB99F1C718C34067A70B99F910 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

01:33:49.0042 0x1724 jhi_service - ok

01:33:49.0046 0x1724 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys

01:33:49.0052 0x1724 kbdclass - ok

01:33:49.0071 0x1724 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys

01:33:49.0078 0x1724 kbdhid - ok

01:33:49.0097 0x1724 [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys

01:33:49.0100 0x1724 kbfiltr - ok

01:33:49.0104 0x1724 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys

01:33:49.0110 0x1724 kdnic - ok

01:33:49.0125 0x1724 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe

01:33:49.0132 0x1724 KeyIso - ok

01:33:49.0150 0x1724 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys

01:33:49.0158 0x1724 KSecDD - ok

01:33:49.0183 0x1724 [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys

01:33:49.0193 0x1724 KSecPkg - ok

01:33:49.0207 0x1724 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys

01:33:49.0214 0x1724 ksthunk - ok

01:33:49.0248 0x1724 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll

01:33:49.0261 0x1724 KtmRm - ok

01:33:49.0299 0x1724 [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll

01:33:49.0311 0x1724 LanmanServer - ok

01:33:49.0356 0x1724 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

01:33:49.0368 0x1724 LanmanWorkstation - ok

01:33:49.0391 0x1724 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll

01:33:49.0406 0x1724 lfsvc - ok

01:33:49.0418 0x1724 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys

01:33:49.0427 0x1724 lltdio - ok

01:33:49.0455 0x1724 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll

01:33:49.0468 0x1724 lltdsvc - ok

01:33:49.0488 0x1724 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll

01:33:49.0495 0x1724 lmhosts - ok

01:33:49.0550 0x1724 [ 60471C88EB4906DB0C2026B3290EE4B6, D51752E4149A5BA578BF9F8DA83443BFF0719BAA34D91BD938DAC831BC0BA6DC ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

01:33:49.0560 0x1724 LMS - ok

01:33:49.0582 0x1724 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys

01:33:49.0592 0x1724 LSI_SAS - ok

01:33:49.0600 0x1724 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys

01:33:49.0608 0x1724 LSI_SAS2 - ok

01:33:49.0620 0x1724 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys

01:33:49.0628 0x1724 LSI_SAS3 - ok

01:33:49.0636 0x1724 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys

01:33:49.0644 0x1724 LSI_SSS - ok

01:33:49.0691 0x1724 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll

01:33:49.0709 0x1724 LSM - ok

01:33:49.0737 0x1724 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys

01:33:49.0746 0x1724 luafv - ok

01:33:49.0761 0x1724 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys

01:33:49.0768 0x1724 megasas - ok

01:33:49.0810 0x1724 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys

01:33:49.0827 0x1724 megasr - ok

01:33:49.0846 0x1724 [ 6FE7B681F1840366B2E4E8B15BE8E2CB, D60DB52345FB17160C1761AE5BF6C8CF56B350FC626A40C985CA2AE5C88B2F50 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys

01:33:49.0852 0x1724 MEIx64 - ok

01:33:49.0884 0x1724 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll

01:33:49.0892 0x1724 MMCSS - ok

01:33:49.0904 0x1724 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys

01:33:49.0913 0x1724 Modem - ok

01:33:49.0926 0x1724 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys

01:33:49.0932 0x1724 monitor - ok

01:33:49.0943 0x1724 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys

01:33:49.0950 0x1724 mouclass - ok

01:33:49.0968 0x1724 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys

01:33:49.0974 0x1724 mouhid - ok

01:33:49.0987 0x1724 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys

01:33:49.0995 0x1724 mountmgr - ok

01:33:50.0003 0x1724 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys

01:33:50.0013 0x1724 mpsdrv - ok

01:33:50.0058 0x1724 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll

01:33:50.0081 0x1724 MpsSvc - ok

01:33:50.0101 0x1724 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys

01:33:50.0109 0x1724 MRxDAV - ok

01:33:50.0142 0x1724 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

01:33:50.0155 0x1724 mrxsmb - ok

01:33:50.0173 0x1724 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

01:33:50.0183 0x1724 mrxsmb10 - ok

01:33:50.0217 0x1724 [ 5C42CEE3E2018E1DFC6E3E17240A432A, 7DFF61686167535125BA376A9BE3DD1C2AC7A2C13455E0FD8E83AAE88E52F987 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

01:33:50.0226 0x1724 mrxsmb20 - ok

01:33:50.0253 0x1724 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys

01:33:50.0263 0x1724 MsBridge - ok

01:33:50.0293 0x1724 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe

01:33:50.0302 0x1724 MSDTC - ok

01:33:50.0358 0x1724 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

01:33:50.0366 0x1724 Msfs - ok

01:33:50.0400 0x1724 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys

01:33:50.0406 0x1724 msgpiowin32 - ok

01:33:50.0449 0x1724 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys

01:33:50.0456 0x1724 mshidkmdf - ok

01:33:50.0490 0x1724 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys

01:33:50.0496 0x1724 mshidumdf - ok

01:33:50.0511 0x1724 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys

01:33:50.0517 0x1724 msisadrv - ok

01:33:50.0542 0x1724 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll

01:33:50.0552 0x1724 MSiSCSI - ok

01:33:50.0555 0x1724 msiserver - ok

01:33:50.0570 0x1724 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

01:33:50.0578 0x1724 MSKSSRV - ok

01:33:50.0610 0x1724 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys

01:33:50.0619 0x1724 MsLldp - ok

01:33:50.0630 0x1724 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

01:33:50.0637 0x1724 MSPCLOCK - ok

01:33:50.0648 0x1724 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

01:33:50.0655 0x1724 MSPQM - ok

01:33:50.0672 0x1724 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys

01:33:50.0685 0x1724 MsRPC - ok

01:33:50.0691 0x1724 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys

01:33:50.0697 0x1724 mssmbios - ok

01:33:50.0706 0x1724 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys

01:33:50.0713 0x1724 MSTEE - ok

01:33:50.0727 0x1724 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys

01:33:50.0734 0x1724 MTConfig - ok

01:33:50.0752 0x1724 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys

01:33:50.0759 0x1724 Mup - ok

01:33:50.0777 0x1724 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys

01:33:50.0784 0x1724 mvumis - ok

01:33:50.0875 0x1724 [ 0FC64133A8FB5342C6876982B01FA37F, FCF8CE0D3095ECB25242E1A18F16A70BA1D0BC64C6525D4497672AF1F0043C9E ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

01:33:50.0881 0x1724 NanoServiceMain - ok

01:33:50.0912 0x1724 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll

01:33:50.0929 0x1724 napagent - ok

01:33:50.0945 0x1724 [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys

01:33:50.0959 0x1724 NativeWifiP - ok

01:33:50.0991 0x1724 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll

01:33:51.0002 0x1724 NcaSvc - ok

01:33:51.0020 0x1724 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll

01:33:51.0029 0x1724 NcbService - ok

01:33:51.0041 0x1724 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll

01:33:51.0073 0x1724 NcdAutoSetup - ok

01:33:51.0123 0x1724 [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS C:\WINDOWS\system32\drivers\ndis.sys

01:33:51.0150 0x1724 NDIS - ok

01:33:51.0177 0x1724 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys

01:33:51.0186 0x1724 NdisCap - ok

01:33:51.0195 0x1724 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

01:33:51.0205 0x1724 NdisImPlatform - ok

01:33:51.0208 0x1724 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatformMp C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

01:33:51.0218 0x1724 NdisImPlatformMp - ok

01:33:51.0247 0x1724 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

01:33:51.0255 0x1724 NdisTapi - ok

01:33:51.0266 0x1724 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

01:33:51.0274 0x1724 Ndisuio - ok

01:33:51.0282 0x1724 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys

01:33:51.0291 0x1724 NdisVirtualBus - ok

01:33:51.0305 0x1724 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

01:33:51.0317 0x1724 NdisWan - ok

01:33:51.0322 0x1724 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys

01:33:51.0333 0x1724 NdisWanLegacy - ok

01:33:51.0351 0x1724 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

01:33:51.0360 0x1724 NDProxy - ok

01:33:51.0391 0x1724 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys

01:33:51.0400 0x1724 Ndu - ok

01:33:51.0414 0x1724 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

01:33:51.0423 0x1724 NetBIOS - ok

01:33:51.0460 0x1724 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

01:33:51.0471 0x1724 NetBT - ok

01:33:51.0488 0x1724 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe

01:33:51.0496 0x1724 Netlogon - ok

01:33:51.0626 0x1724 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll

01:33:51.0639 0x1724 Netman - ok

01:33:51.0703 0x1724 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll

01:33:51.0721 0x1724 netprofm - ok

01:33:51.0754 0x1724 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

01:33:51.0762 0x1724 NetTcpPortSharing - ok

01:33:51.0783 0x1724 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys

01:33:51.0790 0x1724 netvsc - ok

01:33:51.0811 0x1724 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll

01:33:51.0827 0x1724 NlaSvc - ok

01:33:51.0867 0x1724 [ ACC47D60E202EBA0A8A80768EC5D3C97, 3A26BA0A97201B55151D649DBCF048E0D72A933D4DDBE5FD415AB772C7C6C250 ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys

01:33:51.0873 0x1724 NNSALPC - ok

01:33:51.0908 0x1724 [ 4C7EAD79B914ADE44D68171AFEEF2AB3, 78D805FFC0DF4EB3D36B43CFD05CF7F5AFCC81B196224A09834EB17FA4D29838 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHttp.sys

01:33:51.0915 0x1724 NNSHTTP - ok

01:33:51.0926 0x1724 [ B40C57451477334E8A66F4823BE04AE3, B3E52FA1570D569F2C40716ED925E3D588489DF37D9639E3BA5B5C0AAFE91543 ] NNSHTTPS C:\WINDOWS\system32\DRIVERS\NNSHttps.sys

01:33:51.0932 0x1724 NNSHTTPS - ok

01:33:51.0943 0x1724 [ 222CF23D6FCEB616CA48BBA55FC4D5C0, DB61FEA4126005A226E88FD6590BC57B440047DFAC6531B3C91AFFEFB0AD6F6C ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIds.sys

01:33:51.0949 0x1724 NNSIDS - ok

01:33:51.0980 0x1724 [ 34944C0D7595E99FADF85F808E508EA3, ED8484DB7C6A012A20E23CCC057AE5553FE487D2BFF3F58D1CBFFA4059ED09F4 ] NNSNAHSL C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys

01:33:51.0985 0x1724 NNSNAHSL - ok

01:33:51.0998 0x1724 [ C5332A1FB751B8D5FD9D424D330BC91B, B2FEBEA06252457FF87B74D693E75B29CCF6839EA6FFD60007996B23A6D80154 ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPicc.sys

01:33:52.0005 0x1724 NNSPICC - ok

01:33:52.0022 0x1724 [ AA1A311C019288FFCCF3661B5EA27A99, BC91048E82C820CECBBDEDD9D9F7EDDBF6CBC88CE1D9C83A12C4A0E59CFAAC76 ] NNSPIHSW C:\WINDOWS\system32\DRIVERS\NNSPihsw.sys

01:33:52.0027 0x1724 NNSPIHSW - ok

01:33:52.0039 0x1724 [ EB153B4FA5200D1D3352D6C3FB7C9C38, 306805080F8FDB5D9299E93C7074F3B46F8E4B6623A3A75A83E98E6EB0E5BDC5 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPop3.sys

01:33:52.0045 0x1724 NNSPOP3 - ok

01:33:52.0063 0x1724 [ 425356A7A3657174C206AA3FDB3DDD35, 9634D9A2271C57051BBEC58020082B4CCF2A6583B8FB3C6AC22E9C81728E10F8 ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSProt.sys

01:33:52.0072 0x1724 NNSPROT - ok

01:33:52.0094 0x1724 [ FFDF3257F83A094941005EE607B8A905, D3E676A13175D329E2F3677D9B56ED7B4DCDCE6794C96025171B24140B543EDC ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPrv.sys

01:33:52.0101 0x1724 NNSPRV - ok

01:33:52.0117 0x1724 [ DE87A11CB1767ABDDE223D4CC0F7C221, 3D24BC83E4D88174CA08281C0B3E3E7BC44218F4C6950D28D37029AE39F68E50 ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys

01:33:52.0123 0x1724 NNSSMTP - ok

01:33:52.0140 0x1724 [ 537FB2F711E65475562FE29877F108E1, D2B486CBF3D4CF4AB5D6CCF34CAA57725C3027A2C3E0A1CF628D33546ACBF072 ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSStrm.sys

01:33:52.0148 0x1724 NNSSTRM - ok

01:33:52.0172 0x1724 [ 4F37DC4420A00BC6E9D22E3590806BFC, C65CEE11AFA68F9B870FB256AB53A04C32C1F73F6F4F209944815CC96F8FEB17 ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys

01:33:52.0178 0x1724 NNSTLSC - ok

01:33:52.0198 0x1724 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

01:33:52.0206 0x1724 Npfs - ok

01:33:52.0224 0x1724 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys

01:33:52.0232 0x1724 npsvctrig - ok

01:33:52.0244 0x1724 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll

01:33:52.0252 0x1724 nsi - ok

01:33:52.0260 0x1724 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys

01:33:52.0267 0x1724 nsiproxy - ok

01:33:52.0347 0x1724 [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

01:33:52.0391 0x1724 Ntfs - ok

01:33:52.0415 0x1724 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys

01:33:52.0422 0x1724 Null - ok

01:33:52.0693 0x1724 [ CE1B54F1ED2080B15DAF9044EC92075A, DD8557B0E159C09DF3195EC01545CCE2BD580DC2557CCC4F90D3B7C02D07FC36 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys

01:33:52.0875 0x1724 nvlddmkm - ok

01:33:52.0928 0x1724 [ A12E1047131E957456F63DB1FEAF6F64, 6F39F03E5954F4586A98D9C28A7300C1C4CAB7B8EF0CAC656FB34FA66D6AA158 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys

01:33:52.0933 0x1724 nvpciflt - ok

01:33:52.0968 0x1724 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys

01:33:52.0977 0x1724 nvraid - ok

01:33:53.0026 0x1724 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys

01:33:53.0035 0x1724 nvstor - ok

01:33:53.0098 0x1724 [ 67E9F641C1B5387F298F3063FAFA022B, F9C9974828632349E426C5375D2FD63744350D3D6FD693071231370D52E76DE7 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe

01:33:53.0118 0x1724 nvsvc - ok

01:33:53.0177 0x1724 [ D9A7AB15DE2AB9C3F6F4510C500268EC, B689DB58A58DCBDD82DDFB6F71C7F708A8BBAA6B97CEAAA1407943FFD8FB3E7C ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

01:33:53.0201 0x1724 nvUpdatusService - ok

01:33:53.0215 0x1724 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys

01:33:53.0223 0x1724 nv_agp - ok

01:33:53.0288 0x1724 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

01:33:53.0295 0x1724 ose64 - ok

01:33:53.0354 0x1724 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll

01:33:53.0367 0x1724 p2pimsvc - ok

01:33:53.0398 0x1724 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll

01:33:53.0413 0x1724 p2psvc - ok

01:33:53.0453 0x1724 [ A6B78F395F57E927A0F981D51A00CC5D, D06BFDCF435F80F64F97D225159AFCD3BD77D7D0D9FD6C90E7B89FF47BAC47F0 ] PandaAgent C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

01:33:53.0458 0x1724 PandaAgent - ok

01:33:53.0478 0x1724 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys

01:33:53.0486 0x1724 Parport - ok

01:33:53.0510 0x1724 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys

01:33:53.0518 0x1724 partmgr - ok

01:33:53.0534 0x1724 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll

01:33:53.0549 0x1724 PcaSvc - ok

01:33:53.0570 0x1724 [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci C:\WINDOWS\system32\drivers\pci.sys

01:33:53.0582 0x1724 pci - ok

01:33:53.0598 0x1724 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys

01:33:53.0604 0x1724 pciide - ok

01:33:53.0622 0x1724 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys

01:33:53.0630 0x1724 pcmcia - ok

01:33:53.0645 0x1724 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys

01:33:53.0651 0x1724 pcw - ok

01:33:53.0678 0x1724 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys

01:33:53.0686 0x1724 pdc - ok

01:33:53.0723 0x1724 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys

01:33:53.0740 0x1724 PEAUTH - ok

01:33:53.0804 0x1724 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe

01:33:53.0811 0x1724 PerfHost - ok

01:33:53.0869 0x1724 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll

01:33:53.0903 0x1724 pla - ok

01:33:53.0937 0x1724 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll

01:33:53.0946 0x1724 PlugPlay - ok

01:33:53.0961 0x1724 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll

01:33:53.0969 0x1724 PNRPAutoReg - ok

01:33:53.0987 0x1724 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll

01:33:54.0000 0x1724 PNRPsvc - ok

01:33:54.0055 0x1724 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll

01:33:54.0070 0x1724 PolicyAgent - ok

01:33:54.0094 0x1724 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll

01:33:54.0104 0x1724 Power - ok

01:33:54.0135 0x1724 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

01:33:54.0145 0x1724 PptpMiniport - ok

01:33:54.0265 0x1724 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll

01:33:54.0318 0x1724 PrintNotify - ok

01:33:54.0380 0x1724 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys

01:33:54.0388 0x1724 Processor - ok

01:33:54.0436 0x1724 [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc C:\WINDOWS\system32\profsvc.dll

01:33:54.0447 0x1724 ProfSvc - ok

01:33:54.0480 0x1724 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys

01:33:54.0491 0x1724 Psched - ok

01:33:54.0523 0x1724 [ C6FBFC8B41D51A80433D97337515DA39, 10B0DF9E476FE5DED6ABD42372A9F38288207AB11606C03C814FCEF457D4F9BC ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys

01:33:54.0530 0x1724 PSINAflt - ok

01:33:54.0544 0x1724 [ 65D5DB4FA4C17795860DC736B1054EA2, 422B6FF6588355D1774803293EF77F2B8BF22F769244DD575675430C7116EAA7 ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys

01:33:54.0550 0x1724 PSINFile - ok

01:33:54.0578 0x1724 [ 305FCF2F725B806BC5E69AC95340A271, FCA0EF28DE5F4DAF8E3E4BB70C7668A0E1990CC080D52BA711DFB9CC5C369230 ] PSINKNC C:\WINDOWS\system32\DRIVERS\psinknc.sys

01:33:54.0585 0x1724 PSINKNC - ok

01:33:54.0603 0x1724 [ ED6B1CDE5B178B057F64B2AF682EB45A, BDD46380BF51A48982E81F1D5EDAC2D9B16D2C03E886144279F4505ADA247EE2 ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys

01:33:54.0609 0x1724 PSINProc - ok

01:33:54.0625 0x1724 [ 171F1C6F49142F2D1C174B817F46EC0F, 96F6B021CBEA2F0787A01E323EED626B380DAD13FC91EE4552F4DEEEC95DBD2C ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys

01:33:54.0631 0x1724 PSINProt - ok

01:33:54.0663 0x1724 [ E962316E38ABC537821C3651AAC0B7CC, 80821A37A035F662CC20C5E8EA8D06E1106F24EA0B6DB35995C6174601E21AFD ] PSINReg C:\WINDOWS\system32\DRIVERS\PSINReg.sys

01:33:54.0669 0x1724 PSINReg - ok

01:33:54.0710 0x1724 [ 105ACC469DF34C8BD0D5E68A70C774E5, 983A759339E058AAE779EB9476EC2AEE8B379F0C60E5E2FD73826155827F5518 ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys

01:33:54.0716 0x1724 PSKMAD - ok

01:33:54.0813 0x1724 [ 586823A8CF9F975CE994EA5E05569156, B4AFA337417001CCE867EB809D3F766B2C6B14C53D1C59DE649068557702F88E ] PSUAService C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

01:33:54.0818 0x1724 PSUAService - ok

01:33:54.0849 0x1724 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll

01:33:54.0862 0x1724 QWAVE - ok

01:33:54.0875 0x1724 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys

01:33:54.0884 0x1724 QWAVEdrv - ok

01:33:54.0894 0x1724 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

01:33:54.0903 0x1724 RasAcd - ok

01:33:54.0928 0x1724 [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys

01:33:54.0935 0x1724 RasAgileVpn - ok

01:33:54.0958 0x1724 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll

01:33:54.0968 0x1724 RasAuto - ok

01:33:54.0986 0x1724 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

01:33:54.0995 0x1724 Rasl2tp - ok

01:33:55.0034 0x1724 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll

01:33:55.0049 0x1724 RasMan - ok

01:33:55.0070 0x1724 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

01:33:55.0079 0x1724 RasPppoe - ok

01:33:55.0095 0x1724 [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys

01:33:55.0105 0x1724 RasSstp - ok

01:33:55.0136 0x1724 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

01:33:55.0149 0x1724 rdbss - ok

01:33:55.0167 0x1724 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys

01:33:55.0174 0x1724 rdpbus - ok

01:33:55.0199 0x1724 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys

01:33:55.0208 0x1724 RDPDR - ok

01:33:55.0227 0x1724 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

01:33:55.0233 0x1724 RdpVideoMiniport - ok

01:33:55.0254 0x1724 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys

01:33:55.0264 0x1724 rdyboost - ok

01:33:55.0310 0x1724 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys

01:33:55.0333 0x1724 ReFS - ok

01:33:55.0365 0x1724 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

01:33:55.0378 0x1724 RemoteAccess - ok

01:33:55.0404 0x1724 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

01:33:55.0417 0x1724 RemoteRegistry - ok

01:33:55.0448 0x1724 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys

01:33:55.0457 0x1724 RFCOMM - ok

01:33:55.0536 0x1724 [ 616F6E52CAE254727A886BA8EDA1BEEA, 537EE7A8959E4CBCD243C66A54AF64E5D48F9780893D8450A07645FC3DA61C0B ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

01:33:55.0544 0x1724 RichVideo - ok

01:33:55.0609 0x1724 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll

01:33:55.0618 0x1724 RpcEptMapper - ok

01:33:55.0659 0x1724 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe

01:33:55.0666 0x1724 RpcLocator - ok

01:33:55.0711 0x1724 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll

01:33:55.0730 0x1724 RpcSs - ok

01:33:55.0753 0x1724 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys

01:33:55.0763 0x1724 rspndr - ok

01:33:55.0802 0x1724 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

01:33:55.0818 0x1724 RTL8168 - ok

01:33:55.0833 0x1724 [ C3FCFB3072F5AB95C31D4E80978C3CA1, 5F08B8A0151EC30594E12F432B2F3DA81DF1DB8E034DD032760FDB25B6B4FACA ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys

01:33:55.0845 0x1724 RTSPER - ok

01:33:55.0863 0x1724 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys

01:33:55.0870 0x1724 s3cap - ok

01:33:55.0903 0x1724 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe

01:33:55.0911 0x1724 SamSs - ok

01:33:55.0944 0x1724 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys

01:33:55.0952 0x1724 sbp2port - ok

01:33:55.0996 0x1724 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll

01:33:56.0008 0x1724 SCardSvr - ok

01:33:56.0022 0x1724 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll

01:33:56.0033 0x1724 ScDeviceEnum - ok

01:33:56.0046 0x1724 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys

01:33:56.0056 0x1724 scfilter - ok

01:33:56.0116 0x1724 [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule C:\WINDOWS\system32\schedsvc.dll

01:33:56.0142 0x1724 Schedule - ok

01:33:56.0169 0x1724 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll

01:33:56.0180 0x1724 SCPolicySvc - ok

01:33:56.0209 0x1724 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys

01:33:56.0219 0x1724 sdbus - ok

01:33:56.0247 0x1724 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys

01:33:56.0255 0x1724 sdstor - ok

01:33:56.0272 0x1724 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys

01:33:56.0279 0x1724 secdrv - ok

01:33:56.0292 0x1724 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll

01:33:56.0302 0x1724 seclogon - ok

01:33:56.0339 0x1724 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll

01:33:56.0351 0x1724 SENS - ok

01:33:56.0378 0x1724 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsSimulatorDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

01:33:56.0388 0x1724 SensorsSimulatorDriver - ok

01:33:56.0404 0x1724 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll

01:33:56.0414 0x1724 SensrSvc - ok

01:33:56.0440 0x1724 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys

01:33:56.0447 0x1724 SerCx - ok

01:33:56.0483 0x1724 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys

01:33:56.0492 0x1724 SerCx2 - ok

01:33:56.0508 0x1724 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys

01:33:56.0515 0x1724 Serenum - ok

01:33:56.0529 0x1724 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys

01:33:56.0537 0x1724 Serial - ok

01:33:56.0548 0x1724 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys

01:33:56.0555 0x1724 sermouse - ok

01:33:56.0593 0x1724 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll

01:33:56.0606 0x1724 SessionEnv - ok

01:33:56.0615 0x1724 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys

01:33:56.0622 0x1724 sfloppy - ok

01:33:56.0653 0x1724 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

01:33:56.0666 0x1724 SharedAccess - ok

01:33:56.0707 0x1724 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

01:33:56.0729 0x1724 ShellHWDetection - ok

01:33:56.0758 0x1724 [ 3A1172AF9F927473D60CE3315318307A, 9F948DDC629D8C747E983ACABF8705F5F70EFFB4E6EDF3EDE21B297D19044C1E ] simptcp C:\WINDOWS\System32\tcpsvcs.exe

01:33:56.0766 0x1724 simptcp - ok

01:33:56.0784 0x1724 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys

01:33:56.0790 0x1724 SiSRaid2 - ok

01:33:56.0809 0x1724 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys

01:33:56.0817 0x1724 SiSRaid4 - ok

01:33:56.0881 0x1724 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

01:33:56.0889 0x1724 SkypeUpdate - ok

01:33:56.0914 0x1724 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll

01:33:56.0921 0x1724 smphost - ok

01:33:56.0944 0x1724 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe

01:33:56.0954 0x1724 SNMPTRAP - ok

01:33:56.0980 0x1724 [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys

01:33:56.0993 0x1724 spaceport - ok

01:33:57.0015 0x1724 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys

01:33:57.0022 0x1724 SpbCx - ok

01:33:57.0065 0x1724 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\WINDOWS\System32\spoolsv.exe

01:33:57.0085 0x1724 Spooler - ok

01:33:57.0256 0x1724 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe

01:33:57.0387 0x1724 sppsvc - ok

01:33:57.0513 0x1724 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

01:33:57.0521 0x1724 SQLWriter - ok

01:33:57.0554 0x1724 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys

01:33:57.0567 0x1724 srv - ok

01:33:57.0621 0x1724 [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys

01:33:57.0638 0x1724 srv2 - ok

01:33:57.0655 0x1724 [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys

01:33:57.0664 0x1724 srvnet - ok

01:33:57.0702 0x1724 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

01:33:57.0715 0x1724 SSDPSRV - ok

01:33:57.0745 0x1724 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll

01:33:57.0756 0x1724 SstpSvc - ok

01:33:57.0818 0x1724 [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

01:33:57.0835 0x1724 Steam Client Service - ok

01:33:57.0865 0x1724 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys

01:33:57.0872 0x1724 stexstor - ok

01:33:57.0908 0x1724 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll

01:33:57.0925 0x1724 stisvc - ok

01:33:57.0940 0x1724 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys

01:33:57.0948 0x1724 storahci - ok

01:33:57.0973 0x1724 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys

01:33:57.0980 0x1724 storflt - ok

01:33:57.0997 0x1724 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys

01:33:58.0004 0x1724 stornvme - ok

01:33:58.0023 0x1724 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll

01:33:58.0031 0x1724 StorSvc - ok

01:33:58.0050 0x1724 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys

01:33:58.0056 0x1724 storvsc - ok

01:33:58.0069 0x1724 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll

01:33:58.0079 0x1724 svsvc - ok

01:33:58.0090 0x1724 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys

01:33:58.0096 0x1724 swenum - ok

01:33:58.0165 0x1724 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

01:33:58.0178 0x1724 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )

01:34:00.0559 0x1724 Detect skipped due to KSN trusted

01:34:00.0560 0x1724 SwitchBoard - ok

01:34:00.0594 0x1724 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll

01:34:00.0612 0x1724 swprv - ok

01:34:00.0680 0x1724 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll

01:34:00.0706 0x1724 SysMain - ok

01:34:00.0728 0x1724 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

01:34:00.0741 0x1724 SystemEventsBroker - ok

01:34:00.0759 0x1724 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

01:34:00.0769 0x1724 TabletInputService - ok

01:34:00.0790 0x1724 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\WINDOWS\system32\DRIVERS\tap0901.sys

01:34:00.0797 0x1724 tap0901 - ok

01:34:00.0813 0x1724 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

01:34:00.0825 0x1724 TapiSrv - ok

01:34:00.0898 0x1724 [ 25AC0B50A71938890970E1508F107196, 6FAFBA2DFFFF9916CC304AE7E6AD0F6CE1D6F4AAE6B2C113202D78310EFEBC58 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys

01:34:00.0952 0x1724 Tcpip - ok

01:34:01.0010 0x1724 [ 25AC0B50A71938890970E1508F107196, 6FAFBA2DFFFF9916CC304AE7E6AD0F6CE1D6F4AAE6B2C113202D78310EFEBC58 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys

01:34:01.0064 0x1724 TCPIP6 - ok

01:34:01.0083 0x1724 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys

01:34:01.0090 0x1724 tcpipreg - ok

01:34:01.0123 0x1724 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys

01:34:01.0132 0x1724 tdx - ok

01:34:01.0210 0x1724 [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe

01:34:01.0215 0x1724 Te.Service - detected UnsignedFile.Multi.Generic ( 1 )

01:34:03.0589 0x1724 Detect skipped due to KSN trusted

01:34:03.0589 0x1724 Te.Service - ok

01:34:03.0612 0x1724 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys

01:34:03.0618 0x1724 terminpt - ok

01:34:03.0681 0x1724 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll

01:34:03.0704 0x1724 TermService - ok

01:34:03.0731 0x1724 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll

01:34:03.0744 0x1724 Themes - ok

01:34:03.0784 0x1724 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll

01:34:03.0792 0x1724 THREADORDER - ok

01:34:03.0806 0x1724 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll

01:34:03.0820 0x1724 TimeBroker - ok

01:34:03.0846 0x1724 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys

01:34:03.0855 0x1724 TPM - ok

01:34:03.0866 0x1724 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll

01:34:03.0875 0x1724 TrkWks - ok

01:34:03.0920 0x1724 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

01:34:03.0928 0x1724 TrustedInstaller - ok

01:34:03.0949 0x1724 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys

01:34:03.0956 0x1724 TsUsbFlt - ok

01:34:03.0971 0x1724 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys

01:34:03.0978 0x1724 TsUsbGD - ok

01:34:03.0993 0x1724 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys

01:34:04.0004 0x1724 tunnel - ok

01:34:04.0018 0x1724 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys

01:34:04.0025 0x1724 uagp35 - ok

01:34:04.0037 0x1724 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys

01:34:04.0044 0x1724 UASPStor - ok

01:34:04.0068 0x1724 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys

01:34:04.0077 0x1724 UCX01000 - ok

01:34:04.0099 0x1724 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys

01:34:04.0114 0x1724 udfs - ok

01:34:04.0128 0x1724 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys

01:34:04.0135 0x1724 UEFI - ok

01:34:04.0155 0x1724 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe

01:34:04.0166 0x1724 UI0Detect - ok

01:34:04.0208 0x1724 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys

01:34:04.0215 0x1724 uliagpkx - ok

01:34:04.0227 0x1724 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys

01:34:04.0234 0x1724 umbus - ok

01:34:04.0253 0x1724 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys

01:34:04.0260 0x1724 UmPass - ok

01:34:04.0294 0x1724 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll

01:34:04.0306 0x1724 UmRdpService - ok

01:34:04.0326 0x1724 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll

01:34:04.0342 0x1724 upnphost - ok

01:34:04.0373 0x1724 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys

01:34:04.0382 0x1724 usbccgp - ok

01:34:04.0400 0x1724 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys

01:34:04.0408 0x1724 usbcir - ok

01:34:04.0434 0x1724 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys

01:34:04.0442 0x1724 usbehci - ok

01:34:04.0465 0x1724 [ 93435654DCA210298BA0F986EB51C679, 926313A0499100EA5C49C5EC44BB8FE5F8F2A7F57F3EA56D59DA694F8396A409 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys

01:34:04.0479 0x1724 usbhub - ok

01:34:04.0499 0x1724 [ 83C9C45D59C72FEFDAE9A5686BE31FEA, 12FC2C3C3C5CD5F2EFBAA11A1AD06FDD7DDB6EECF6F2684BBAAF88198D976316 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys

01:34:04.0513 0x1724 USBHUB3 - ok

01:34:04.0553 0x1724 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys

01:34:04.0559 0x1724 usbohci - ok

01:34:04.0577 0x1724 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys

01:34:04.0584 0x1724 usbprint - ok

01:34:04.0650 0x1724 [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS

01:34:04.0659 0x1724 USBSTOR - ok

01:34:04.0673 0x1724 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys

01:34:04.0680 0x1724 usbuhci - ok

01:34:04.0694 0x1724 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys

01:34:04.0704 0x1724 usbvideo - ok

01:34:04.0737 0x1724 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS

01:34:04.0749 0x1724 USBXHCI - ok

01:34:04.0757 0x1724 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe

01:34:04.0765 0x1724 VaultSvc - ok

01:34:04.0775 0x1724 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys

01:34:04.0782 0x1724 vdrvroot - ok

01:34:04.0831 0x1724 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe

01:34:04.0857 0x1724 vds - ok

01:34:04.0879 0x1724 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys

01:34:04.0888 0x1724 VerifierExt - ok

01:34:04.0933 0x1724 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys

01:34:04.0949 0x1724 vhdmp - ok

01:34:04.0960 0x1724 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys

01:34:04.0967 0x1724 viaide - ok

01:34:04.0979 0x1724 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys

01:34:04.0987 0x1724 vmbus - ok

01:34:05.0003 0x1724 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys

01:34:05.0010 0x1724 VMBusHID - ok

01:34:05.0067 0x1724 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll

01:34:05.0082 0x1724 vmicguestinterface - ok

01:34:05.0093 0x1724 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll

01:34:05.0108 0x1724 vmicheartbeat - ok

01:34:05.0119 0x1724 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

01:34:05.0134 0x1724 vmickvpexchange - ok

01:34:05.0145 0x1724 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll

01:34:05.0159 0x1724 vmicrdv - ok

01:34:05.0170 0x1724 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll

01:34:05.0185 0x1724 vmicshutdown - ok

01:34:05.0196 0x1724 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll

01:34:05.0211 0x1724 vmictimesync - ok

01:34:05.0222 0x1724 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll

01:34:05.0237 0x1724 vmicvss - ok

01:34:05.0267 0x1724 [ 21C96AA588D3993191761A08DBAABB15, 11F7336CA9C73808F9C0F19C56C52B1967B486E5E9C07454C08C626BF59283CF ] vmm C:\WINDOWS\system32\Drivers\vmm.sys

01:34:05.0275 0x1724 vmm - ok

01:34:05.0287 0x1724 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys

01:34:05.0294 0x1724 volmgr - ok

01:34:05.0316 0x1724 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys

01:34:05.0330 0x1724 volmgrx - ok

01:34:05.0437 0x1724 [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys

01:34:05.0449 0x1724 volsnap - ok

01:34:05.0475 0x1724 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys

01:34:05.0482 0x1724 vpci - ok

01:34:05.0522 0x1724 [ 6814DDD37C300F845C4FFE4D4CC9A8C7, 206D5D0A803B8EC26A190C5BF72FF12137C1B8D76A674B6C7C16C8C9BBE44C29 ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe

01:34:05.0529 0x1724 VsEtwService120 - ok

01:34:05.0548 0x1724 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys

01:34:05.0557 0x1724 vsmraid - ok

01:34:05.0609 0x1724 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe

01:34:05.0639 0x1724 VSS - ok

01:34:05.0673 0x1724 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys

01:34:05.0685 0x1724 VSTXRAID - ok

01:34:05.0724 0x1724 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys

01:34:05.0731 0x1724 vwifibus - ok

01:34:05.0757 0x1724 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys

01:34:05.0765 0x1724 vwififlt - ok

01:34:05.0795 0x1724 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys

01:34:05.0802 0x1724 vwifimp - ok

01:34:05.0850 0x1724 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll

01:34:05.0865 0x1724 W32Time - ok

01:34:05.0876 0x1724 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys

01:34:05.0883 0x1724 WacomPen - ok

01:34:05.0903 0x1724 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

01:34:05.0912 0x1724 Wanarp - ok

01:34:05.0915 0x1724 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys

01:34:05.0924 0x1724 Wanarpv6 - ok

01:34:05.0985 0x1724 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe

01:34:06.0017 0x1724 wbengine - ok

01:34:06.0052 0x1724 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll

01:34:06.0067 0x1724 WbioSrvc - ok

01:34:06.0106 0x1724 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll

01:34:06.0118 0x1724 Wcmsvc - ok

01:34:06.0165 0x1724 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll

01:34:06.0179 0x1724 wcncsvc - ok

01:34:06.0188 0x1724 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

01:34:06.0197 0x1724 WcsPlugInService - ok

01:34:06.0222 0x1724 [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys

01:34:06.0230 0x1724 WdBoot - ok

01:34:06.0251 0x1724 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys

01:34:06.0257 0x1724 WDC_SAM - ok

01:34:06.0293 0x1724 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys

01:34:06.0313 0x1724 Wdf01000 - ok

01:34:06.0329 0x1724 [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys

01:34:06.0339 0x1724 WdFilter - ok

01:34:06.0353 0x1724 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll

01:34:06.0366 0x1724 WdiServiceHost - ok

01:34:06.0369 0x1724 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll

01:34:06.0381 0x1724 WdiSystemHost - ok

01:34:06.0399 0x1724 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys

01:34:06.0407 0x1724 WdNisDrv - ok

01:34:06.0426 0x1724 WdNisSvc - ok

01:34:06.0470 0x1724 [ D261A12A43D33122CB90E70D3BC1CC68, 1B5237909CDD5DC4982599E94C2AAC37FEA6B1C282249DEB13E84A826C6E4B01 ] WebClient C:\WINDOWS\System32\webclnt.dll

01:34:06.0480 0x1724 WebClient - ok

01:34:06.0532 0x1724 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll

01:34:06.0543 0x1724 Wecsvc - ok

01:34:06.0561 0x1724 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll

01:34:06.0570 0x1724 WEPHOSTSVC - ok

01:34:06.0605 0x1724 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll

01:34:06.0645 0x1724 wercplsupport - ok

01:34:06.0668 0x1724 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll

01:34:06.0678 0x1724 WerSvc - ok

01:34:06.0698 0x1724 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

01:34:06.0707 0x1724 WFPLWFS - ok

01:34:06.0727 0x1724 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll

01:34:06.0736 0x1724 WiaRpc - ok

01:34:06.0755 0x1724 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys

01:34:06.0761 0x1724 WIMMount - ok

01:34:06.0764 0x1724 WinDefend - ok

01:34:06.0819 0x1724 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

01:34:06.0840 0x1724 WinHttpAutoProxySvc - ok

01:34:06.0893 0x1724 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

01:34:06.0904 0x1724 Winmgmt - ok

01:34:06.0984 0x1724 [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll

01:34:07.0032 0x1724 WinRM - ok

01:34:07.0064 0x1724 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys

01:34:07.0072 0x1724 WinUsb - ok

01:34:07.0146 0x1724 [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll

01:34:07.0177 0x1724 WlanSvc - ok

01:34:07.0246 0x1724 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll

01:34:07.0277 0x1724 wlidsvc - ok

01:34:07.0315 0x1724 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys

01:34:07.0321 0x1724 WmiAcpi - ok

01:34:07.0355 0x1724 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe

01:34:07.0365 0x1724 wmiApSrv - ok

01:34:07.0392 0x1724 WMPNetworkSvc - ok

01:34:07.0430 0x1724 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys

01:34:07.0439 0x1724 Wof - ok

01:34:07.0514 0x1724 [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll

01:34:07.0546 0x1724 workfolderssvc - ok

01:34:07.0566 0x1724 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

01:34:07.0573 0x1724 wpcfltr - ok

01:34:07.0600 0x1724 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll

01:34:07.0607 0x1724 WPCSvc - ok

01:34:07.0612 0x1724 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll

01:34:07.0621 0x1724 WPDBusEnum - ok

01:34:07.0649 0x1724 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys

01:34:07.0656 0x1724 WpdUpFltr - ok

01:34:07.0666 0x1724 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys

01:34:07.0674 0x1724 ws2ifsl - ok

01:34:07.0719 0x1724 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll

01:34:07.0729 0x1724 wscsvc - ok

01:34:07.0732 0x1724 WSearch - ok

01:34:07.0830 0x1724 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll

01:34:07.0903 0x1724 WSService - ok

01:34:07.0997 0x1724 [ E66AC3CA92FC471BFE69F61549193A64, E2DD7EA4ED164EE8FB07546896BE743734B04DE4C9480E84231901CB2C63F31C ] wuauserv C:\WINDOWS\system32\wuaueng.dll

01:34:08.0059 0x1724 wuauserv - ok

01:34:08.0091 0x1724 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys

01:34:08.0100 0x1724 WudfPf - ok

01:34:08.0115 0x1724 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys

01:34:08.0126 0x1724 WUDFRd - ok

01:34:08.0144 0x1724 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll

01:34:08.0154 0x1724 wudfsvc - ok

01:34:08.0160 0x1724 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

01:34:08.0170 0x1724 WUDFWpdFs - ok

01:34:08.0176 0x1724 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

01:34:08.0186 0x1724 WUDFWpdMtp - ok

01:34:08.0214 0x1724 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll

01:34:08.0232 0x1724 WwanSvc - ok

01:34:08.0294 0x1724 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

01:34:08.0302 0x1724 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )

01:34:10.0664 0x1724 Detect skipped due to KSN trusted

01:34:10.0664 0x1724 ZAtheros Bt and Wlan Coex Agent - ok

01:34:10.0670 0x1724 ================ Scan global ===============================

01:34:10.0724 0x1724 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll

01:34:10.0751 0x1724 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll

01:34:10.0780 0x1724 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll

01:34:10.0818 0x1724 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe

01:34:10.0824 0x1724 [ Global ] - ok

01:34:10.0824 0x1724 ================ Scan MBR ==================================

01:34:10.0831 0x1724 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

01:34:10.0891 0x1724 \Device\Harddisk0\DR0 - ok

01:34:10.0892 0x1724 ================ Scan VBR ==================================

01:34:10.0916 0x1724 [ 351416E93A671AB5955F3E378F00B139 ] \Device\Harddisk0\DR0\Partition1

01:34:10.0970 0x1724 \Device\Harddisk0\DR0\Partition1 - ok

01:34:10.0983 0x1724 [ 73C524AA2DD2EF468C3680E6D18421C5 ] \Device\Harddisk0\DR0\Partition2

01:34:11.0052 0x1724 \Device\Harddisk0\DR0\Partition2 - ok

01:34:11.0070 0x1724 [ F8084B9D1247E38CEBBDD6018A4322A1 ] \Device\Harddisk0\DR0\Partition3

01:34:11.0070 0x1724 \Device\Harddisk0\DR0\Partition3 - ok

01:34:11.0079 0x1724 [ C5D4954E33964544231B1453EC181540 ] \Device\Harddisk0\DR0\Partition4

01:34:11.0146 0x1724 \Device\Harddisk0\DR0\Partition4 - ok

01:34:11.0169 0x1724 [ 82495C8D059A3C8E9D9F6557D098B6D4 ] \Device\Harddisk0\DR0\Partition5

01:34:11.0177 0x1724 \Device\Harddisk0\DR0\Partition5 - ok

01:34:11.0188 0x1724 [ 7CDC327BF39E095D544043D28929B836 ] \Device\Harddisk0\DR0\Partition6

01:34:11.0197 0x1724 \Device\Harddisk0\DR0\Partition6 - ok

01:34:11.0223 0x1724 [ 348E4CE7125059C4835D0E28613C7474 ] \Device\Harddisk0\DR0\Partition7

01:34:11.0238 0x1724 \Device\Harddisk0\DR0\Partition7 - ok

01:34:11.0238 0x1724 ================ Scan generic autorun ======================

01:34:11.0292 0x1724 [ CFF4C979AA720C73EC93918D9730B9E9, 0DC04ACD258DD5FC4A7EA81AC3F8876675424EC35F7ECB996B7C132BAB430A33 ] C:\WINDOWS\system32\igfxtray.exe

01:34:11.0305 0x1724 IgfxTray - ok

01:34:11.0339 0x1724 [ 4B9D449ED9880477DEFBA85D512E05F9, B50C589A1F8953617FAD961363CA3538F6C0539FA06D7FAA2EA88320410C7F43 ] C:\WINDOWS\system32\hkcmd.exe

01:34:11.0358 0x1724 HotKeysCmds - ok

01:34:11.0385 0x1724 [ 2498449B5CA65A640125164EE0019B14, F4EF4EA34A656984C83DB3BFCD8390ACD76C922A1C253335104C31D371EEDA17 ] C:\WINDOWS\system32\igfxpers.exe

01:34:11.0404 0x1724 Persistence - ok

01:34:11.0923 0x1724 [ E05849E5D0E51EB52080E7D2987B9D3B, E68E43CF0FFD69C193C5B692A019CE13D3FB58197E5827720B3ACDDE0812AAFA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

01:34:12.0275 0x1724 RTHDVCPL - ok

01:34:12.0339 0x1724 [ F66CE44D86EA704B31BED2BF2BEDDF75, EC0B3AB0B2011B718299BFF743A28117A3436E9431B6F31CF34416D68AAF1B56 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

01:34:12.0368 0x1724 RtHDVBg - ok

01:34:12.0442 0x1724 [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

01:34:12.0456 0x1724 AdobeAAMUpdater-1.0 - ok

01:34:12.0509 0x1724 [ 6BA03B5AF0B49BFEFC5DF84C8DBE5209, C1C77823C4E97F70CCA10777C213A70E74FD372B74C96AA6D00D147A8B9656F4 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe

01:34:12.0514 0x1724 Adobe Reader Speed Launcher - ok

01:34:12.0577 0x1724 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

01:34:12.0600 0x1724 Adobe ARM - ok

01:34:12.0723 0x1724 [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE

01:34:12.0787 0x1724 ASUSPRP - ok

01:34:12.0878 0x1724 [ 607FCAE0B447C1B917DADBF0BE9A83FE, 1400420835C4E523595A4700ABC2E0F66B7BBC6AC48DB334F4E41DA3B1581F20 ] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe

01:34:12.0886 0x1724 UpdatePSTShortCut - ok

01:34:12.0936 0x1724 [ 1C923DBE5D95AD7608CD7DB50816C923, 0AD5012936ED3BE9C9437B29C9D203523855546F3E49CF30E75BB35818BF0F44 ] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe

01:34:12.0953 0x1724 ASUS InstantKey - ok

01:34:13.0035 0x1724 [ 4BB64C52326B2043B36FBBED40C925B2, 216287EFFE2DF16FBC709F7AE0BB48DFFD5B70BCAD76F0CFD145F592D8D81680 ] C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe

01:34:13.0066 0x1724 ACSW17EN - ok

01:34:13.0188 0x1724 [ C968C10B4BB91A65E03C6B9F7969E900, 91EB893A3431457A6DF5C4A39B53C02D86E52DE700BD0D268C849D9927F44CFF ] C:\Users\Fearen\AppData\Local\Beeline Network Manager\notifier.exe

01:34:13.0191 0x1724 BNM - detected UnsignedFile.Multi.Generic ( 1 )

01:34:15.0550 0x1724 Detect skipped due to KSN trusted

01:34:15.0550 0x1724 BNM - ok

01:34:15.0608 0x1724 [ AEA383D349B7D5AB52FE0B969849A545, A9F1FB265C7F7C554CD6ED69D919C43672E8119AE688C3F61A1FFAB7D457CDFB ] C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\chp.exe

01:34:15.0610 0x1724 BNM Updater - detected UnsignedFile.Multi.Generic ( 1 )

01:34:17.0967 0x1724 Detect skipped due to KSN trusted

01:34:17.0967 0x1724 BNM Updater - ok

01:34:17.0991 0x1724 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

01:34:18.0004 0x1724 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )

01:34:18.0004 0x1724 Detect skipped due to KSN trusted

01:34:18.0004 0x1724 SwitchBoard - ok

01:34:18.0058 0x1724 [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

01:34:18.0069 0x1724 AdobeCS5ServiceManager - ok

01:34:18.0152 0x1724 [ BF52C0C77799E091AC68D339BED0C11D, 9590A875598BAA16BAE2DC1C0C4A2C57A249C1E86DE53B97CCA0913DA46DFA28 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

01:34:18.0157 0x1724 PSUAMain - ok

01:34:18.0204 0x1724 [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe

01:34:18.0236 0x1724 WAB Migrate - ok

01:34:18.0366 0x1724 [ 776F1F9447FDA3F568EC6D1FB74DDD27, A53409B29ACDDB901D395EC4217F5BF366B3F8AFF2817B007AC7558505D18863 ] D:\games\Steam\steam.exe

01:34:18.0399 0x1724 Steam - ok

01:34:18.0537 0x1724 [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

01:34:18.0622 0x1724 DAEMON Tools Lite - ok

01:34:18.0653 0x1724 Skype - ok

01:34:18.0745 0x1724 [ 5BAFB8A5A86D8D60879CE568534FCE46, E55D01BA10F277A18CD705CE4B0E686BD95D990DA859B3482266929838CC0B19 ] C:\Users\Fearen\AppData\Roaming\uTorrent\uTorrent.exe

01:34:18.0777 0x1724 uTorrent - ok

01:34:18.0778 0x1724 Waiting for KSN requests completion. In queue: 6

01:34:19.0779 0x1724 Waiting for KSN requests completion. In queue: 6

01:34:20.0780 0x1724 Waiting for KSN requests completion. In queue: 6

01:34:21.0787 0x1724 AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x70000 ( disabled : updated )

01:34:21.0810 0x1724 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )

01:34:21.0811 0x1724 FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x70010 ( disabled )

01:34:21.0812 0x1724 Win FW state via NFP2: disabled

01:34:24.0107 0x1724 ============================================================

01:34:24.0107 0x1724 Scan finished

01:34:24.0107 0x1724 ============================================================

01:34:24.0111 0x1d14 Detected object count: 0

01:34:24.0111 0x1d14 Actual detected object count: 0

01:34:45.0567 0x19f8 Deinitialize success

#5 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 10 September 2014 - 03:57 PM

Hello,

I must notify you, that simultaneously with the post here I scanned my computer with AVZ, so there may be some changes in logs.

No problem. Did AVZ detect anything?

Panda antivirus sometimes delete this file, but I can't rid of this error.

Do you know the full file path of the file Panda deleted?

What exactly does the error say when your computer starts?

Would you like to help others with malware removal? Join our Classroom and learn how!

#6 Fearen

New Member

Authentic Member
9 posts

Posted 10 September 2014 - 11:32 PM

Full path from Panda logs:

C:\Users\Fearen\AppData\Local\Temp\init.exe

C:\Users\Fearen\AppData\Local\Temp\init.sfx.exe

As for AVZ - here's files that was deleted:

C:\Windows\Installer\3e1d2b31.msi

C:\Users\Fearen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\initsrv.exe

C:\Users\Fearen\Start Menu\Programs\Startup\initsrv.exe

C:\ProgramData\Packeage Cache\{05198C22-FFCE-374A-B190-9F18CC99DAEA}v12.0.21005\packages\BuildTools_MSBuildResMsi_amd64\BuildTools_MSBuildResMsi.msi

C:\ProgramData\Packeage Cache\{7F251C22-15B1-3122-907D-999087D4B07C}v12.0.21005\packages\CoreCon\MobileTools_WPImages.msi

C:\ProgramData\Packeage Cache\{9347889B-C22A-3905-901F-C05D8F73C929}v12.0.21005\packages\BuildTools_MSBuildResMsi_x86\BuildTools_MSBuildResMsi.msi

C:\ProgramData\Packeage Cache\{9E673C3F-423B-8EA4-9AE87C49AFC8}v12.0.21005\packages\lightswitchv4tools\vs_lightswitchv4tools.msi

#7 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 11 September 2014 - 06:01 AM

Hello,

Unfortunately, I have bad news. Please let me know your thoughts on the warning below.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

Please disconnect your computer from the internet immediately. If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, email, eBay, paypal, online forums, etc). Consider these accounts already compromised.

If you have used a router, you will need to reset it with a strong logon/password to ensure the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified infection(s) can be removed, there is no way to guarantee that your computer will be trustworthy again. This is due to the nature of the infection, which allows the attacker complete control over the computer. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat the hard drive and reinstall the Operating System. Please read the following articles for more information.

When should I re-format? How should I reinstall?

Help: I Got Hacked. Now What Do I Do?

Where to draw the line? When to recommend a format and reinstall?

Please let me know how you wish to proceed, and if you have any questions.

Would you like to help others with malware removal? Join our Classroom and learn how!

#8 Fearen

New Member

Authentic Member
9 posts

Posted 11 September 2014 - 10:06 AM

So, I have no way to get rid of all bad things and just make sure that everything is ok without reformatting my computer? May be some tools to check all critical files? I don't have anything so valuable to steal, but get my computer to the exactly state will take quite a lot of time. I can do that, but I want to know are there some other methods?

#9 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 11 September 2014 - 10:33 AM

Hello,

So, I have no way to get rid of all bad things and just make sure that everything is ok without reformatting my computer? May be some tools to check all critical files? I don't have anything so valuable to steal, but get my computer to the exactly state will take quite a lot of time. I can do that, but I want to know are there some other methods?

The identified infection can be removed (the files removed by Panda and AVZ are part of it). The issue is the nature of a backdoor, that allows any number of modifications to be made. I cannot guarantee that your computer will be trustworthy again.

If you want complete peace of mind, the only option is a reformat. I will say that most go with the cleaning option. It all comes down to what you are most comfortable with.

Please let me know how you wish to proceed.

Would you like to help others with malware removal? Join our Classroom and learn how!

#10 Fearen

New Member

Authentic Member
9 posts

Posted 11 September 2014 - 11:51 AM

I can format it anytime, so it's not a problem at least for now. I would be most grateful if you discribe cleaning method.

Advertisements

Register to Remove

#11 LiquidTension

SuperMember

Retired Classroom Teacher
2,566 posts

Posted 11 September 2014 - 11:54 AM

Hello,

After running the two programmes below, please rerun FRST, ensuring Addition.txt is checked.

STEP 1
AdwCleaner

Please download AdwCleaner and save the file to your Desktop.
Right-Click AdwCleaner.exe and select Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

STEP 2
Junkware Removal Tool (JRT)

Please download Junkware Removal Tool and save the file to your Desktop.
Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
Temporarily disable your anti-virus software. For instructions, please refer to the following link.
Right-Click JRT.exe and select Run as administrator to run the programme.
Follow the prompts and allow the scan to run uninterrupted.
Upon completion, a log (JRT.txt) will open on your desktop.
Re-enable your anti-virus software.
Copy the contents of JRT.txt and paste in your next reply.

AdwCleaner[S0].txt
JRT.txt
FRST.txt
Addition.txt

Would you like to help others with malware removal? Join our Classroom and learn how!

#12 Fearen

New Member

Authentic Member
9 posts

Posted 12 September 2014 - 10:11 AM

Thank you for your advices, I made all as you mention above. Here is all logs that you asked.

# AdwCleaner v3.309 - Report created 12/09/2014 at 19:48:16

# Updated 02/09/2014 by Xplode

# Operating System : Windows 8.1 Single Language (64 bits)

# Username : Fearen - FEAREN-PC

# Running from : C:\Users\Fearen\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\DSearchLink

Folder Deleted : C:\Users\Fearen\AppData\Local\Bundled software uninstaller

Folder Deleted : C:\Users\Fearen\AppData\Roaming\Systweak

Folder Deleted : C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi

File Deleted : C:\WINDOWS\System32\roboot64.exe

File Deleted : C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage

File Deleted : C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

File Deleted : C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage

File Deleted : C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\5fe8ad8e26ae940

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0041554.BHO

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0041554.BHO.1

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0041554.Sandbox

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0041554.Sandbox.1

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422152254}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155554}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156654}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444154454}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422152254}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155554}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156654}

Key Deleted : HKCU\Software\BABSOLUTION

Key Deleted : HKCU\Software\BI

Key Deleted : HKCU\Software\Brothersoft

Key Deleted : HKCU\Software\DataMngr

[#] Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\InstalledBrowserExtensions

Key Deleted : HKCU\Software\InstalledThirdPartyPrograms

Key Deleted : HKCU\Software\systweak

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKLM\SOFTWARE\DataMngr

Key Deleted : HKLM\SOFTWARE\Delta

Key Deleted : HKLM\SOFTWARE\a2zLyrics-1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a2zLyrics-1

Key Deleted : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0 (ru)

[ File : C:\Users\Fearen\AppData\Roaming\Mozilla\Firefox\Profiles\215zjo49.default\prefs.js ]

-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Fearen\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : dgpdioedihjhncjafcpgbbjdpbbkikmi

Deleted [Extension] : eooncjejnppfjjklapaamhcdmjbilmde

*************************

AdwCleaner[R0].txt - [4827 octets] - [12/09/2014 19:43:56]

AdwCleaner[S0].txt - [3955 octets] - [12/09/2014 19:48:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4015 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 8.1 Single Language x64

Ran by Fearen on 12/09/14 at 20:02:36.99

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-985896895-1321975429-906874235-1002\Software\sweetim

~~~ Files

Successfully deleted: [File] C:\WINDOWS\Tasks\a2zLyrics-1-chromeinstaller.job

Successfully deleted: [File] C:\WINDOWS\Tasks\a2zLyrics-1-codedownloader.job

Successfully deleted: [File] C:\WINDOWS\Tasks\a2zLyrics-1-enabler.job

Successfully deleted: [File] C:\WINDOWS\Tasks\a2zLyrics-1-updater.job

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 12/09/14 at 20:06:31.46

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014

Ran by Fearen (administrator) on FEAREN-PC on 12-09-2014 20:07:42

Running from C:\Users\Fearen\Desktop

Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe

(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Valve Corporation) D:\games\Steam\Steam.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(BitTorrent Inc.) C:\Users\Fearen\AppData\Roaming\uTorrent\uTorrent.exe

(Dropbox, Inc.) C:\Users\Fearen\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe

(Sun Microsystems, Inc.) C:\Users\Fearen\AppData\Local\Beeline Network Manager\jre6\launch4j-tmp\notifier.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

() C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\bash.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE

() C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\bash.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

() C:\Users\Fearen\AppData\Local\Beeline Network Manager\updater\bin\sleep.exe

(Valve Corporation) D:\games\Steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe