Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possibly Hijacked


  • This topic is locked This topic is locked
5 replies to this topic

#1 drj020

drj020

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:07 AM

Posted 19 November 2013 - 10:03 PM

I am not sure what my exact problem may be.  I ran Hijackthis and when I click analyze I get a message "no internet connection" but my computer is connected.  I also get an error message about (x86) which I do not understand.   I ran various clean-up programs but still seem to have problems.

 

I hope someone will be able to give me guidance.  I posted hijackthis log below.

 

I have windows 8.1 OS

 

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 20 November 2013 - 03:30 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.

 

 

 

Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 drj020

drj020
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:07 AM

Posted 20 November 2013 - 08:04 PM

Thank you for your assistance, I really appreciate you taking the time to help me.   I have followed your instructions but had to send the logfiles in two separate replies.  Initially on one post it was two long.   This is the first two logfiles requested.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by johnson (administrator) on DRJ on 20-11-2013 16:09:18
Running from C:\Users\johnson\Desktop
Windows 8.1 Preview (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
() C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Reimage®) C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Microsoft Corporation) C:\WINDOWS\system32\wwahost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe
(Microsoft Corporation) C:\WINDOWS\system32\atbroker.exe
(Microsoft Corporation) C:\WINDOWS\System32\Magnify.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-30] (NTI Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-04-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-04-25] (Iminent)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2420248 2013-11-18] ()
HKU\Administrator\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-06-15] (Microsoft Corporation)
HKU\Guest\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-06-15] (Microsoft Corporation)
Startup: C:\Users\johnson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x698DA8A07DC9CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {FC9C7D4D-7E87-4EA5-9D3D-EF526B54DF75} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {FC9C7D4D-7E87-4EA5-9D3D-EF526B54DF75} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {FC9C7D4D-7E87-4EA5-9D3D-EF526B54DF75} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {FC9C7D4D-7E87-4EA5-9D3D-EF526B54DF75} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {FC9C7D4D-7E87-4EA5-9D3D-EF526B54DF75} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={5D8D4271-467E-4D09-A33E-2E9A641C155C}&mid=7d683b94098047d39d5669c1a5b39f71-5846e487ca2b94fd4c235c49c3a45001e539cd9b&lang=en&ds=re011&coid=avgtbdisre&pr=sa&d=2013-11-18 22:05:37&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {FC9C7D4D-7E87-4EA5-9D3D-EF526B54DF75} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
Hosts: 127.0.0.1    localhost
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\johnson\AppData\Roaming\Mozilla\Firefox\Profiles\y64zbka7.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: https://www.google.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @starfield.com/off - C:\Users\johnson\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
FF Plugin HKCU: @starfield.com/off64 - C:\Users\johnson\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF Plugin HKCU: @starfield.com/wbe - C:\Users\johnson\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
FF Plugin HKCU: @starfield.com/wbe64 - C:\Users\johnson\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
FF SearchPlugin: C:\Users\johnson\AppData\Roaming\Mozilla\Firefox\Profiles\y64zbka7.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: WBE Paste - C:\Users\johnson\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield
FF Extension: Workspace Email Zoom - C:\Users\johnson\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\zoomext@starfield
FF Extension: webbooster - C:\Users\johnson\AppData\Roaming\Mozilla\Firefox\Profiles\y64zbka7.default\Extensions\webbooster@iminent.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF Extension: Iminent Minibar - C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.1.2.1
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.1.2.1
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR RestoreOnStartup: "hxxp://1071.mtravel.com/", "hxxp://mysearch.avg.com?cid={5D8D4271-467E-4D09-A33E-2E9A641C155C}&mid=7d683b94098047d39d5669c1a5b39f71-5846e487ca2b94fd4c235c49c3a45001e539cd9b&lang=en&ds=re011&coid=avgtbdisre&pr=sa&d=2013-11-18 22:05:37&v=17.1.2.1&pid=safeguard&sg=0&sap=hp"
CHR Extension: (Google Docs) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Iminent) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0
CHR Extension: (AVG SafeGuard) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - C:\Program Files (x86)\Iminent\Iminent.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.1.2.1\avg.crx

==================== Services (Whitelisted) =================

R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [1183456 2013-02-28] (Starfield Technologies)
R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()
R2 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] ()
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-11-19] (SurfRight B.V.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-30] (NTI Corporation)
R2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [5084008 2013-11-07] (Reimage®)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-28] (Dritek System INC.)
R2 vToolbarUpdater17.1.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680 2013-11-18] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [345336 2013-06-15] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-06-15] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [788240 2013-06-15] (PMC-Sierra)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [46368 2013-11-18] (AVG Technologies)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2013-02-28] (Broadcom Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [650736 2013-06-05] (Intel Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [37640 2013-06-15] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81672 2013-06-15] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-06-15] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [88064 2013-06-15] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-28] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [934152 2013-06-15] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [138752 2013-06-15] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56584 2013-06-15] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [27912 2013-06-15] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [126216 2013-06-15] (Microsoft Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
S3 cpuz134; \??\C:\Users\johnson\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
S1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
U2 TMAgent;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-20 16:09 - 2013-11-20 16:09 - 00018994 _____ C:\Users\johnson\Desktop\FRST.txt
2013-11-20 16:08 - 2013-11-20 16:08 - 00000000 ____D C:\FRST
2013-11-20 16:06 - 2013-11-20 16:07 - 01957964 _____ (Farbar) C:\Users\johnson\Desktop\FRST64.exe
2013-11-19 23:43 - 2013-11-19 23:43 - 00000749 _____ C:\Users\johnson\Documents\RKreport[0]_PR_11192013_234238.txt
2013-11-19 23:26 - 2013-11-19 23:26 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2013-11-19 23:17 - 2013-11-19 23:17 - 00001909 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-11-19 22:28 - 2013-11-19 22:28 - 00000000 ____D C:\Users\johnson\AppData\Local\CrashDumps
2013-11-19 17:32 - 2013-11-19 23:56 - 00695710 _____ C:\Users\johnson\Desktop\MGlogs.zip
2013-11-19 17:25 - 2013-11-19 23:56 - 00695710 _____ C:\MGlogs.zip
2013-11-19 17:07 - 2013-11-19 17:07 - 00000258 __RSH C:\ProgramData\ntuser.pol
2013-11-19 10:49 - 2013-11-19 10:49 - 00231960 _____ C:\WINDOWS\RegBootClean64.exe
2013-11-19 10:19 - 2013-11-19 10:19 - 00000000 ____D C:\Program Files\HitmanPro
2013-11-19 10:18 - 2013-11-19 23:26 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-19 00:48 - 2013-11-19 17:12 - 00000000 ____D C:\Users\johnson\Desktop\Trend Micro
2013-11-19 00:43 - 2013-11-19 23:34 - 00000000 ____D C:\Users\johnson\Desktop\Major Geeks
2013-11-18 23:02 - 2013-11-19 23:57 - 00000000 ____D C:\MGtools
2013-11-18 23:00 - 2013-11-18 23:00 - 00000000 ____D C:\Users\johnson\Documents\MG
2013-11-18 22:47 - 2013-11-18 22:47 - 00000000 ____D C:\Users\johnson\AppData\Roaming\Malwarebytes
2013-11-18 22:47 - 2013-11-18 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 22:47 - 2013-11-18 22:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 22:47 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-11-18 22:38 - 2013-11-19 23:44 - 00000000 ____D C:\Users\johnson\Desktop\RK_Quarantine
2013-11-18 22:32 - 2013-11-18 22:32 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\johnson\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-18 22:29 - 2013-11-18 22:29 - 00000000 ____D C:\Users\johnson\Downloads\MajorGeeks
2013-11-18 22:07 - 2013-11-19 23:10 - 00003432 _____ C:\WINDOWS\System32\Tasks\Reimage Reminder
2013-11-18 22:06 - 2013-11-18 22:06 - 00000000 ____D C:\ProgramData\CDB
2013-11-18 22:05 - 2013-11-19 23:10 - 00000000 ____D C:\rei
2013-11-18 22:05 - 2013-11-18 22:05 - 00046368 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2013-11-18 22:05 - 2013-11-18 22:05 - 00003745 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-11-18 22:05 - 2013-11-18 22:05 - 00000000 ____D C:\Users\johnson\AppData\Local\AVG SafeGuard toolbar
2013-11-18 22:05 - 2013-11-18 22:05 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-11-18 22:05 - 2013-11-18 22:05 - 00000000 ____D C:\Program Files\Reimage
2013-11-18 22:05 - 2013-11-18 22:05 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-11-18 22:04 - 2013-11-19 23:10 - 00000162 _____ C:\WINDOWS\Reimage.ini
2013-11-18 21:40 - 2013-11-19 23:49 - 00012420 _____ C:\Users\johnson\Documents\hijackthis.log
2013-11-18 00:25 - 2013-11-19 17:07 - 00000000 ____D C:\ProgramData\Trend Micro
2013-11-18 00:24 - 2013-11-18 00:24 - 00000036 _____ C:\Users\johnson\AppData\Local\housecall.guid.cache
2013-11-18 00:15 - 2013-11-18 22:44 - 00000000 ____D C:\Users\johnson\Documents\TM
2013-11-18 00:14 - 2013-11-18 00:14 - 05228804 _____ C:\Users\johnson\Documents\sysclean.zip
2013-11-17 22:41 - 2013-11-17 22:44 - 00000000 ____D C:\WINDOWS\softwaredistribution.bak2
2013-11-17 22:30 - 2013-11-17 22:30 - 00000824 _____ C:\Users\johnson\Documents\hosts.txt
2013-11-17 22:15 - 2013-11-18 00:35 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-11-17 22:15 - 2013-11-17 22:15 - 00000000 ____D C:\Users\johnson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-11-17 22:13 - 2013-11-17 22:13 - 01402880 _____ C:\Users\johnson\Downloads\HiJackThis.msi
2013-11-17 22:07 - 2013-11-17 22:07 - 00001187 _____ C:\Users\Guest\Desktop\Continue Zip Opener Installation.lnk
2013-11-17 22:07 - 2013-11-17 22:07 - 00001187 _____ C:\Users\Administrator\Desktop\Continue Zip Opener Installation.lnk
2013-11-17 22:07 - 2013-11-17 22:07 - 00001165 _____ C:\Users\johnson\Desktop\Continue Zip Opener Installation.lnk
2013-11-17 00:42 - 2013-11-17 00:42 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-11-15 16:27 - 2013-11-20 15:57 - 00011292 _____ C:\WINDOWS\setupact.log
2013-11-15 16:27 - 2013-11-15 16:27 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-15 16:26 - 2013-11-19 17:09 - 00231446 _____ C:\WINDOWS\PFRO.log
2013-11-15 15:08 - 2013-11-15 15:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-12 18:32 - 2013-10-18 20:30 - 16980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-12 18:32 - 2013-10-18 20:14 - 22566912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-12 18:32 - 2013-10-18 19:18 - 05636608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-12 18:32 - 2013-10-18 19:12 - 04247040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-12 18:32 - 2013-10-18 19:00 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-12 18:32 - 2013-10-18 18:47 - 11087360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-12 18:32 - 2013-10-18 18:22 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-12 18:32 - 2013-10-18 18:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-12 18:32 - 2013-10-18 18:06 - 01788928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-12 18:32 - 2013-10-18 18:06 - 01140224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-12 18:32 - 2013-10-05 00:57 - 01337704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-12 18:32 - 2013-10-04 18:41 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-10-31 08:18 - 2013-11-20 15:59 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-31 08:17 - 2013-11-20 15:58 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-31 08:17 - 2013-11-20 01:22 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-31 08:17 - 2013-10-31 08:17 - 00003880 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-31 08:17 - 2013-10-31 08:17 - 00003644 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-31 08:17 - 2013-10-31 08:17 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-30 16:33 - 2013-10-30 16:33 - 00000727 _____ C:\Users\johnson\Documents\My Calendar.11.1.13.ics
2013-10-30 15:49 - 2013-11-20 16:01 - 01252090 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-23 00:26 - 2013-10-23 00:26 - 00099583 _____ C:\Users\johnson\Downloads\Asian Beauties California 13. Part 2 - Asian porn tube video at YourLust.com!.htm
2013-10-22 23:46 - 2013-10-22 23:46 - 00032220 _____ C:\Users\johnson\Downloads\Mexican Wife Full Home Sex Video - XVIDEOS.COM.htm

==================== One Month Modified Files and Folders =======

2013-11-20 16:09 - 2013-11-20 16:09 - 00018994 _____ C:\Users\johnson\Desktop\FRST.txt
2013-11-20 16:08 - 2013-11-20 16:08 - 00000000 ____D C:\FRST
2013-11-20 16:07 - 2013-11-20 16:06 - 01957964 _____ (Farbar) C:\Users\johnson\Desktop\FRST64.exe
2013-11-20 16:04 - 2013-04-11 19:01 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4223917168-3260533592-693802220-1001
2013-11-20 16:03 - 2013-07-01 17:07 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-20 16:02 - 2013-06-15 21:37 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-20 16:01 - 2013-10-30 15:49 - 01252090 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-20 15:59 - 2013-10-31 08:18 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-20 15:58 - 2013-10-31 08:17 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-20 15:57 - 2013-11-15 16:27 - 00011292 _____ C:\WINDOWS\setupact.log
2013-11-20 15:57 - 2013-06-15 20:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-20 01:44 - 2013-06-15 19:17 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-11-20 01:22 - 2013-10-31 08:17 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-20 00:52 - 2013-07-11 11:11 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-20 00:48 - 2013-04-28 22:36 - 00004958 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for drj-johnson drj
2013-11-19 23:57 - 2013-11-18 23:02 - 00000000 ____D C:\MGtools
2013-11-19 23:57 - 2013-04-11 18:54 - 00000000 ____D C:\Users\johnson\AppData\Local\VirtualStore
2013-11-19 23:56 - 2013-11-19 17:32 - 00695710 _____ C:\Users\johnson\Desktop\MGlogs.zip
2013-11-19 23:56 - 2013-11-19 17:25 - 00695710 _____ C:\MGlogs.zip
2013-11-19 23:49 - 2013-11-18 21:40 - 00012420 _____ C:\Users\johnson\Documents\hijackthis.log
2013-11-19 23:44 - 2013-11-18 22:38 - 00000000 ____D C:\Users\johnson\Desktop\RK_Quarantine
2013-11-19 23:43 - 2013-11-19 23:43 - 00000749 _____ C:\Users\johnson\Documents\RKreport[0]_PR_11192013_234238.txt
2013-11-19 23:34 - 2013-11-19 00:43 - 00000000 ____D C:\Users\johnson\Desktop\Major Geeks
2013-11-19 23:26 - 2013-11-19 23:26 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2013-11-19 23:26 - 2013-11-19 10:18 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-19 23:17 - 2013-11-19 23:17 - 00001909 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-11-19 23:10 - 2013-11-18 22:07 - 00003432 _____ C:\WINDOWS\System32\Tasks\Reimage Reminder
2013-11-19 23:10 - 2013-11-18 22:05 - 00000000 ____D C:\rei
2013-11-19 23:10 - 2013-11-18 22:04 - 00000162 _____ C:\WINDOWS\Reimage.ini
2013-11-19 22:28 - 2013-11-19 22:28 - 00000000 ____D C:\Users\johnson\AppData\Local\CrashDumps
2013-11-19 17:12 - 2013-11-19 00:48 - 00000000 ____D C:\Users\johnson\Desktop\Trend Micro
2013-11-19 17:09 - 2013-11-15 16:26 - 00231446 _____ C:\WINDOWS\PFRO.log
2013-11-19 17:07 - 2013-11-19 17:07 - 00000258 __RSH C:\ProgramData\ntuser.pol
2013-11-19 17:07 - 2013-11-18 00:25 - 00000000 ____D C:\ProgramData\Trend Micro
2013-11-19 17:07 - 2013-06-15 21:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-11-19 17:07 - 2012-07-26 00:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-11-19 16:56 - 2013-06-15 19:17 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-11-19 10:49 - 2013-11-19 10:49 - 00231960 _____ C:\WINDOWS\RegBootClean64.exe
2013-11-19 10:19 - 2013-11-19 10:19 - 00000000 ____D C:\Program Files\HitmanPro
2013-11-19 02:30 - 2013-06-12 01:41 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-19 01:32 - 2013-06-04 01:39 - 00000000 ____D C:\Users\johnson\Documents\Blog
2013-11-18 23:00 - 2013-11-18 23:00 - 00000000 ____D C:\Users\johnson\Documents\MG
2013-11-18 22:47 - 2013-11-18 22:47 - 00000000 ____D C:\Users\johnson\AppData\Roaming\Malwarebytes
2013-11-18 22:47 - 2013-11-18 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 22:47 - 2013-11-18 22:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 22:44 - 2013-11-18 00:15 - 00000000 ____D C:\Users\johnson\Documents\TM
2013-11-18 22:32 - 2013-11-18 22:32 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\johnson\Desktop\mbam-setup-1.75.0.1300.exe
2013-11-18 22:29 - 2013-11-18 22:29 - 00000000 ____D C:\Users\johnson\Downloads\MajorGeeks
2013-11-18 22:06 - 2013-11-18 22:06 - 00000000 ____D C:\ProgramData\CDB
2013-11-18 22:05 - 2013-11-18 22:05 - 00046368 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2013-11-18 22:05 - 2013-11-18 22:05 - 00003745 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-11-18 22:05 - 2013-11-18 22:05 - 00000000 ____D C:\Users\johnson\AppData\Local\AVG SafeGuard toolbar
2013-11-18 22:05 - 2013-11-18 22:05 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-11-18 22:05 - 2013-11-18 22:05 - 00000000 ____D C:\Program Files\Reimage
2013-11-18 22:05 - 2013-11-18 22:05 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-11-18 00:35 - 2013-11-17 22:15 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-11-18 00:24 - 2013-11-18 00:24 - 00000036 _____ C:\Users\johnson\AppData\Local\housecall.guid.cache
2013-11-18 00:14 - 2013-11-18 00:14 - 05228804 _____ C:\Users\johnson\Documents\sysclean.zip
2013-11-17 22:44 - 2013-11-17 22:41 - 00000000 ____D C:\WINDOWS\softwaredistribution.bak2
2013-11-17 22:30 - 2013-11-17 22:30 - 00000824 _____ C:\Users\johnson\Documents\hosts.txt
2013-11-17 22:15 - 2013-11-17 22:15 - 00000000 ____D C:\Users\johnson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-11-17 22:13 - 2013-11-17 22:13 - 01402880 _____ C:\Users\johnson\Downloads\HiJackThis.msi
2013-11-17 22:07 - 2013-11-17 22:07 - 00001187 _____ C:\Users\Guest\Desktop\Continue Zip Opener Installation.lnk
2013-11-17 22:07 - 2013-11-17 22:07 - 00001187 _____ C:\Users\Administrator\Desktop\Continue Zip Opener Installation.lnk
2013-11-17 22:07 - 2013-11-17 22:07 - 00001165 _____ C:\Users\johnson\Desktop\Continue Zip Opener Installation.lnk
2013-11-17 05:30 - 2013-06-15 21:37 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-11-17 00:42 - 2013-11-17 00:42 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-11-16 01:22 - 2013-05-31 12:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 23:57 - 2013-08-12 00:15 - 00000000 ____D C:\Users\johnson\Documents\DrJ
2013-11-15 18:21 - 2013-04-11 19:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-15 16:31 - 2013-04-29 08:29 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-11-15 16:27 - 2013-11-15 16:27 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-15 16:23 - 2013-06-01 20:10 - 00000000 ____D C:\Users\johnson\Documents\Outlook Files
2013-11-15 16:22 - 2013-06-25 00:28 - 00000727 _____ C:\Users\johnson\Documents\My Calendar.ics
2013-11-15 15:08 - 2013-11-15 15:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 11:21 - 2013-10-11 05:25 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-13 11:21 - 2013-10-08 12:40 - 00001951 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-12 19:53 - 2012-07-25 21:26 - 00000199 _____ C:\WINDOWS\win.ini
2013-11-08 16:57 - 2013-09-05 13:12 - 00000000 ____D C:\Users\johnson\Documents\CEDARS
2013-11-05 15:18 - 2013-06-15 21:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-05 15:18 - 2013-06-15 21:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-31 08:17 - 2013-10-31 08:17 - 00003880 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-31 08:17 - 2013-10-31 08:17 - 00003644 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-31 08:17 - 2013-10-31 08:17 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-31 08:16 - 2013-04-11 19:47 - 00819184 _____ (Google Inc.) C:\Users\johnson\Downloads\ChromeSetup.exe
2013-10-30 16:33 - 2013-10-30 16:33 - 00000727 _____ C:\Users\johnson\Documents\My Calendar.11.1.13.ics
2013-10-30 15:49 - 2013-08-07 09:48 - 00000000 ____D C:\WINDOWS\softwaredistribution.bak1
2013-10-29 00:39 - 2013-06-15 21:37 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-10-23 00:26 - 2013-10-23 00:26 - 00099583 _____ C:\Users\johnson\Downloads\Asian Beauties California 13. Part 2 - Asian porn tube video at YourLust.com!.htm
2013-10-22 23:46 - 2013-10-22 23:46 - 00032220 _____ C:\Users\johnson\Downloads\Mexican Wife Full Home Sex Video - XVIDEOS.COM.htm
2013-10-22 11:30 - 2013-10-07 22:04 - 00000000 ____D C:\Users\johnson\Documents\JACOB

Some content of TEMP:
====================
C:\Users\johnson\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.hijackthis.exe
C:\Users\johnson\AppData\Local\Temp\ntdll_dump.dll
C:\Users\johnson\AppData\Local\Temp\oi_{D027473E-BC1F-49D6-B66D-56BD639F2947}.exe
C:\Users\johnson\AppData\Local\Temp\sqlite3.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2013-06-15 14:48] - [2013-06-15 14:48] - 0558080 ____A (Microsoft Corporation) DEB887EA2EBEDF01644A200B4BDB181B

C:\Windows\System32\wininit.exe
[2013-06-15 14:52] - [2013-06-15 14:52] - 0145408 ____A (Microsoft Corporation) CACA6578AF9C48C29D7BF6AEFAF00599

C:\Windows\explorer.exe
[2013-06-15 14:01] - [2013-06-15 18:25] - 2254384 ____A (Microsoft Corporation) 2CF1204E913AEA5A492D89C153F3345E

C:\Windows\SysWOW64\explorer.exe
[2013-06-15 13:33] - [2013-06-15 17:33] - 2009104 ____A (Microsoft Corporation) 253252BBC9E61728986CB54261F8AECD

C:\Windows\System32\svchost.exe
[2013-06-15 14:48] - [2013-06-15 18:30] - 0037768 ____A (Microsoft Corporation) F7191317F1CD10F35DC74E24C1B71E06

C:\Windows\SysWOW64\svchost.exe
[2013-06-15 14:07] - [2013-06-15 17:38] - 0031552 ____A (Microsoft Corporation) D9F8FA4911FBF85919BA17FFE5B34430

C:\Windows\System32\services.exe
[2013-06-15 19:17] - [2013-06-15 19:17] - 0403408 ____A (Microsoft Corporation) 258527780FC8FFCF0A29F7455073C529

C:\Windows\System32\User32.dll
[2013-06-15 14:50] - [2013-06-15 18:25] - 1513264 ____A (Microsoft Corporation) 42F67E93E2C853A915E73F3A4645E3C9

C:\Windows\SysWOW64\User32.dll
[2013-06-15 14:10] - [2013-06-15 14:10] - 1359360 ____A (Microsoft Corporation) FCDCDEFD5A8BA26FDCD950607162339C

C:\Windows\System32\userinit.exe
[2013-06-15 14:56] - [2013-06-15 14:56] - 0025088 ____A (Microsoft Corporation) 166CB1E28BED6196B5030E91AD932998

C:\Windows\SysWOW64\userinit.exe
[2013-06-15 14:13] - [2013-06-15 14:13] - 0021504 ____A (Microsoft Corporation) 7AFC7764F71DBB1BC5A60EE67FE94C70

C:\Windows\System32\Drivers\volsnap.sys
[2013-06-15 16:36] - [2013-06-15 18:26] - 0312072 ___AC (Microsoft Corporation) 9365B092503F8B0B6C724D1A8E4433D4



LastRegBack: 2013-11-20 00:15

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by johnson at 2013-11-20 16:10:11
Running from C:\Users\johnson\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.1910)
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910)
Acer Backup Manager (x32 Version: 4.0.0.0053)
Acer Device Fast-lane (Version: 1.00.3003)
Acer Power Management (Version: 7.00.3003)
Acer Recovery Management (Version: 6.00.3006)
AcerCloud (x32 Version: 2.01.3112)
AcerCloud Docs (x32 Version: 1.00.3103)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
AVG SafeGuard toolbar (x32 Version: 17.1.2.1)
Backup Manager v4 (x32 Version: 4.0.0.0053)
Bejeweled 3 (x32 Version: 2.2.0.98)
Broadcom Card Reader Driver Installer (Version: 15.4.4.2)
CCleaner (Version: 4.05)
clear.fi Media (x32 Version: 2.01.3107)
clear.fi Photo (x32 Version: 2.01.3107)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
Dora's World Adventure (x32 Version: 2.2.0.95)
eBay Worldwide (x32 Version: 2.3.0630)
ETDWare PS/2-X64 11.6.4.001_WHQL (Version: 11.6.4.001)
Final Drive: Nitro (x32 Version: 2.2.0.95)
FlipShare (x32 Version: 5.12.3.0)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
HiJackThis (x32 Version: 1.0.0)
HitmanPro 3.7 (Version: 3.7.8.208)
Identity Card (x32 Version: 2.00.3002)
Iminent (x32 Version: 6.17.41.0)
Intel® Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Processor Graphics (x32 Version: 9.17.10.2932)
Intel® Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Match 3 (x32 Version: 2.2.0.98)
Launch Manager (x32 Version: 7.0.4)
Live Updater (x32 Version: 2.00.3002)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft Access database engine 2010 (English) (x32 Version: 14.0.6029.1000)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft MapPoint North America 2013 (x32 Version: 19.0.18.1100)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 17.0.2006.0314)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4420.1017)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
NTI Media Maker 9 (x32 Version: 9.0.2.9008)
Office Addin (x32 Version: 2.01.3102)
Office Addin 2003 (x32 Version: 2.01.3102)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017)
Peggle Nights (x32 Version: 2.2.0.98)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Polar Golfer (x32 Version: 2.2.0.98)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657)
Reimage Repair (Version: 1.6.4.6)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (x32)
Update for Microsoft InfoPath 2013 (KB2752078) 32-Bit Edition (x32)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (x32)
Update for Microsoft Lync 2013 (KB2825630) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760257) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817309) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817311) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817640) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2837643) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2837649) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2837642) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2726947) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2013 (KB2817625) 32-Bit Edition (x32)
Update for Microsoft Project 2013 (KB2767859) 32-Bit Edition (x32)
Update for Microsoft Publisher 2013 (KB2752097) 32-Bit Edition (x32)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (x32)
Update for Microsoft Visio 2013 (KB2752018) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2817631) 32-Bit Edition (x32)
Update for Microsoft Word 2013 (KB2837630) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.10.16)
Workspace Desktop (HKCU)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points  =========================

05-11-2013 12:03:29 Scheduled Checkpoint
13-11-2013 03:49:28 Windows Update
16-11-2013 09:21:24 Windows Update
18-11-2013 06:14:44 Installed HiJackThis
18-11-2013 06:44:08 November 1, 2013

==================== Hosts content: ==========================

2013-06-15 19:17 - 2013-11-19 23:42 - 00000741 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1    localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0394935B-5DBE-4826-9827-334B3886A3AD} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {054662DB-950C-4340-B5E9-2AEBA495A24F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {073FDA5A-800B-4E98-8425-B9B3D615313D} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {08FE8991-7AC6-4095-9B19-95D1C29513DC} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-06-15] (Microsoft Corporation)
Task: {18307659-600C-4DB4-8633-3F454A465308} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-31] (Google Inc.)
Task: {1DBA1874-1C07-4233-BA14-A89E2616EC60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {218F5672-606B-421A-B771-6A9CF5F481B3} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-12] ()
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe
Task: {4BE54EE6-AD4A-4E4E-8B73-24735EED6C21} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {533B55E2-5676-4162-8943-E1F0B1A1EC54} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {58135C79-42C7-448D-8BE1-A4E7C1068EF8} - System32\Tasks\Microsoft\Windows\AppReadiness\TriggerTask
Task: {72FFFA2E-C2DB-4E38-B85D-7E4B8FE18649} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {793A2F99-BFAA-4CF1-A768-BC205EEB90FD} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {7A544711-C654-41FB-8F21-57CCB3203E61} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {80DF0F41-0376-4F5C-95C6-C7E44576BD1A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {8B700344-4A5E-47F6-8AE4-FD2A75744BF5} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {961CF1BF-9D29-4710-970F-9132C61C5BF6} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PmmUpdate.exe [2012-07-11] (Egis Technology Inc.)
Task: {A9715841-AB9B-4B3A-9692-87890E56B895} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {AE420812-EF96-402E-AF6D-0C8D79949860} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {AF1C95BA-6F6E-4C86-9039-BC96C5FE0410} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {AF510D31-4569-4C19-8B59-4B1AC42A326F} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2013-11-07] (Reimage ltd.)
Task: {B8C50D36-8E8F-4CE5-A100-375C71EFFDAF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {C1750726-9CFF-4E67-9918-176DC7A23301} - System32\Tasks\Microsoft Office 15 Sync Maintenance for drj-johnson drj => C:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE [2012-10-01] (Microsoft Corporation)
Task: {C2C5A71F-A5EC-4D1A-B92A-7FB2A626F00E} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {DE45264C-A43B-4364-8BB7-9D2BC57EE15F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {E96D9AC7-366A-47CC-BC40-7AF90A6ADCB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-31] (Google Inc.)
Task: {F28968FE-579E-4128-9D20-69FA4CC8E719} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-06-15] (Microsoft Corporation)
Task: {F2B43BC6-1FCC-421C-9DD2-2F6217F7CA0F} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {F750183B-FC93-4D03-B7B9-D60550478E37} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-17 11:23 - 2013-10-17 11:23 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-06-21 17:12 - 2012-06-21 17:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2013-07-01 18:32 - 2013-07-01 18:32 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\bcb97267f7a1fa3f3cbb7a6e70523162\Windows.Foundation.ni.dll
2013-11-19 17:44 - 2013-11-19 17:44 - 00326656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\87c9e7c1831d4cba17643dd3ceaf6ce6\Windows.Globalization.ni.dll
2013-11-19 17:44 - 2013-11-19 17:44 - 01820672 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\b057fbf73cfeb47b6835359aea83d43e\Windows.ApplicationModel.ni.dll
2013-06-15 12:09 - 2013-06-15 11:43 - 00019968 _____ () C:\WINDOWS\system32\WinMetadata\Windows.System.winmd
2013-06-16 00:33 - 2013-06-16 00:33 - 00012216 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.0.693_x64__8wekyb3d8bbwe\Microsoft.PerfTrack.winmd
2013-06-15 12:09 - 2013-06-15 11:43 - 00096256 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Storage.winmd
2013-06-15 12:09 - 2013-06-15 11:43 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-06-15 12:09 - 2013-06-15 11:43 - 00108544 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Networking.winmd
2013-06-16 00:33 - 2013-06-16 00:33 - 00015288 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.0.693_x64__8wekyb3d8bbwe\SqliteWrapper.winmd
2013-06-16 00:33 - 2013-06-16 00:33 - 00477632 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.0.693_x64__8wekyb3d8bbwe\SqliteWrapper.dll
2013-06-16 00:33 - 2013-06-16 00:33 - 00660920 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.0.693_x64__8wekyb3d8bbwe\Sqlite3.dll
2013-06-15 12:09 - 2013-06-15 11:43 - 00049152 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Graphics.winmd
2013-06-16 00:33 - 2013-06-16 00:33 - 00036792 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.0.693_x64__8wekyb3d8bbwe\Microsoft.AppEx.Sports.SportsEnums.winmd
2013-06-16 00:33 - 2013-06-16 00:33 - 00720824 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.0.693_x64__8wekyb3d8bbwe\Microsoft.AppEx.Sports.Schemas.winmd
2013-06-15 12:09 - 2013-06-15 11:43 - 00093696 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Web.winmd
2013-06-15 12:09 - 2013-06-15 11:43 - 00066048 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Security.winmd
2013-06-15 12:09 - 2013-06-15 11:43 - 00168960 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Devices.winmd
2012-12-14 01:42 - 2012-12-14 01:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
2011-05-06 12:07 - 2011-05-06 12:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll
2011-05-06 12:02 - 2011-05-06 12:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll
2010-10-26 07:34 - 2010-10-26 07:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll
2010-10-25 23:37 - 2010-10-25 23:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00175616 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00291840 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00110592 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll
2013-11-18 22:05 - 2013-11-18 22:05 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\log4cplusU.dll
2012-07-30 15:04 - 2012-07-30 15:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2013-11-18 22:05 - 2013-11-18 22:05 - 00142360 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\SiteSafety.dll
2013-11-15 15:08 - 2013-11-15 15:08 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-17 11:23 - 2013-10-17 11:23 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-08-28 13:47 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/20/2013 00:20:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (11/20/2013 00:20:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (11/20/2013 00:20:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (11/20/2013 00:17:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (11/20/2013 00:17:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (11/20/2013 00:17:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (11/19/2013 10:28:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: LiveComm.exe, version: 17.3.9431.0, time stamp: 0x51bd4f0a
Faulting module name: twinapi.appcore.dll, version: 6.3.9431.0, time stamp: 0x51bce883
Exception code: 0xc000027b
Fault offset: 0x0000000000052321
Faulting process id: 0xf24
Faulting application start time: 0xLiveComm.exe0
Faulting application path: LiveComm.exe1
Faulting module path: LiveComm.exe2
Report Id: LiveComm.exe3
Faulting package full name: LiveComm.exe4
Faulting package-relative application ID: LiveComm.exe5

Error: (11/19/2013 08:08:04 PM) (Source: Application Hang) (User: )
Description: The program Setup.exe version 2.0.4.63 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d6c

Start Time: 01cee5a5eb783554

Termination Time: 4294967295

Application Path: C:\Users\johnson\Desktop\Setup.exe

Report Id: 59c724a1-5199-11e3-beff-b888e3577682

Faulting package full name:

Faulting package-relative application ID:

Error: (11/19/2013 05:49:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.

Error: (11/19/2013 05:49:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.


System errors:
=============
Error: (11/20/2013 00:17:04 AM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (11/20/2013 00:16:30 AM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (11/19/2013 05:45:20 PM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (11/19/2013 05:44:48 PM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (11/19/2013 01:32:50 AM) (Source: DCOM) (User: drj)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (11/18/2013 03:57:15 AM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (11/18/2013 03:56:44 AM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (11/18/2013 01:23:08 AM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (11/18/2013 01:14:15 AM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}

Error: (11/18/2013 01:13:14 AM) (Source: DCOM) (User: drj)
Description: {AB807329-7324-431B-8B36-DBD581F56E0B}


Microsoft Office Sessions:
=========================
Error: (11/20/2013 00:20:47 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (11/20/2013 00:20:47 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (11/20/2013 00:20:47 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (11/20/2013 00:17:27 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (11/20/2013 00:17:27 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (11/20/2013 00:17:27 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (11/19/2013 10:28:44 PM) (Source: Application Error)(User: )
Description: LiveComm.exe17.3.9431.051bd4f0atwinapi.appcore.dll6.3.9431.051bce883c000027b0000000000052321f2401cee5b90e3b47ccC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.3.9431.0_x64__8wekyb3d8bbwe\LiveComm.exeC:\WINDOWS\SYSTEM32\twinapi.appcore.dll009cf44a-51ad-11e3-bf00-b888e3577682microsoft.windowscommunicationsapps_17.3.9431.0_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (11/19/2013 08:08:04 PM) (Source: Application Hang)(User: )
Description: Setup.exe2.0.4.63d6c01cee5a5eb7835544294967295C:\Users\johnson\Desktop\Setup.exe59c724a1-5199-11e3-beff-b888e3577682

Error: (11/19/2013 05:49:33 PM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (11/19/2013 05:49:33 PM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4


CodeIntegrity Errors:
===================================
  Date: 2013-11-19 23:42:41.811
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-19 23:42:41.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-19 23:42:41.358
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-17 01:58:52.518
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-17 01:58:52.503
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-17 01:58:52.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-17 01:58:52.284
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-17 01:58:52.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-17 01:58:52.081
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-11-17 01:58:51.846
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 3909.28 MB
Available physical RAM: 2350.95 MB
Total Pagefile: 4933.28 MB
Available Pagefile: 3116.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:445.81 GB) (Free:399.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 14D03F53)

Partition: GPT Partition Type
==================== End Of Log ============================



#4 drj020

drj020
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:07 AM

Posted 20 November 2013 - 08:10 PM

These are the remaining logfiles.

 

16:23:33.0882 0x12a8  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
16:23:33.0882 0x12a8  UEFI system
16:23:42.0431 0x12a8  ============================================================
16:23:42.0431 0x12a8  Current date / time: 2013/11/20 16:23:42.0431
16:23:42.0431 0x12a8  SystemInfo:
16:23:42.0431 0x12a8  
16:23:42.0431 0x12a8  OS Version: 6.3.9431 ServicePack: 0.0
16:23:42.0431 0x12a8  Product type: Workstation
16:23:42.0431 0x12a8  ComputerName: DRJ
16:23:42.0431 0x12a8  UserName: johnson
16:23:42.0431 0x12a8  Windows directory: C:\WINDOWS
16:23:42.0431 0x12a8  System windows directory: C:\WINDOWS
16:23:42.0431 0x12a8  Running under WOW64
16:23:42.0431 0x12a8  Processor architecture: Intel x64
16:23:42.0431 0x12a8  Number of processors: 4
16:23:42.0431 0x12a8  Page size: 0x1000
16:23:42.0431 0x12a8  Boot type: Normal boot
16:23:42.0431 0x12a8  ============================================================
16:23:43.0011 0x12a8  KLMD registered as C:\WINDOWS\system32\drivers\99200812.sys
16:23:43.0438 0x12a8  System UUID: {68261358-7622-460B-6ED3-71B90A7FDCCD}
16:23:44.0394 0x12a8  !crdlk
16:23:44.0531 0x12a8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
16:23:44.0545 0x12a8  ============================================================
16:23:44.0545 0x12a8  \Device\Harddisk0\DR0:
16:23:44.0547 0x12a8  GPT partitions:
16:23:44.0548 0x12a8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {29FD9149-886F-4532-9B71-50E7A9923F32}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
16:23:44.0548 0x12a8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A18C4A1D-D210-4332-86A9-868DF9C8BFE7}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
16:23:44.0548 0x12a8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {11D56F4B-3902-4CF3-B881-79CE71A0FC75}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
16:23:44.0548 0x12a8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EE1D2C2B-AFAE-4E4B-B315-AFF06753886E}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x37B9D800
16:23:44.0548 0x12a8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CE3EDCBC-E0D8-4C17-A60A-FD01CD54886F}, Name: , StartLBA 0x37D3C000, BlocksNum 0xC4800
16:23:44.0548 0x12a8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CD2DE415-4D16-4A14-8EEA-9D3823B8A247}, Name: Basic data partition, StartLBA 0x37E00800, BlocksNum 0x2585800
16:23:44.0548 0x12a8  MBR partitions:
16:23:44.0548 0x12a8  ============================================================
16:23:44.0550 0x12a8  C: <-> \Device\Harddisk0\DR0\Partition4
16:23:44.0550 0x12a8  ============================================================
16:23:44.0550 0x12a8  Initialize success
16:23:44.0550 0x12a8  ============================================================
16:23:51.0214 0x12e0  ============================================================
16:23:51.0214 0x12e0  Scan started
16:23:51.0214 0x12e0  Mode: Manual;
16:23:51.0215 0x12e0  ============================================================
16:23:51.0215 0x12e0  KSN ping started
16:23:53.0673 0x12e0  KSN ping finished: true
16:23:53.0947 0x12e0  ================ Scan system memory ========================
16:23:53.0947 0x12e0  System memory - ok
16:23:53.0949 0x12e0  ================ Scan services =============================
16:23:54.0181 0x12e0  [ C8D5817CB166EF5D711DA4532FE60C62, B5046A0732CF4259E9A630066157A581F15B26168B2085031CC384FC42E3B773 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:23:54.0194 0x12e0  1394ohci - ok
16:23:54.0231 0x12e0  [ 5E9733DF3E49390A27FD7301A1B69514, 4B7182B632E97BF51AE6B209E0EB5101A75A92D2BADCC374B7BAB415218FDDBA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
16:23:54.0236 0x12e0  3ware - ok
16:23:54.0281 0x12e0  [ 8E9BC38D32EE9CC2E01FC5C3BDE57AB4, 1883FEEA5A7C85B931AE32F2089C5CAAEFDD8D037D67004E8D854C67700814B6 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:23:54.0300 0x12e0  ACPI - ok
16:23:54.0320 0x12e0  [ ED364377AC247E4590AF7635272F5223, 2F0CCA4520A90A0E1CC00BB74A2879BB4BFE1E4DC11EC29D30F6621BABEF6A02 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:23:54.0324 0x12e0  acpiex - ok
16:23:54.0342 0x12e0  [ 56A8C8EA8CAEB3DE413272F13EFD8ACD, BD414E8A0AB736D5DF4353D04DBFA40B73E048FD207D87DCC9D16126BB64AF4E ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:23:54.0343 0x12e0  acpipagr - ok
16:23:54.0385 0x12e0  [ 50182B4EF99FACE0B5ADE21E7B5303C7, 59175D87DB5C0433E715DBFDFA71900B1F6B957C9333A75E2BC4C437504A5178 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
16:23:54.0387 0x12e0  AcpiPmi - ok
16:23:54.0403 0x12e0  [ B6FA798944F45D64BBBA5010490BD85B, 14030EC18D0DEDB67666CD1F3EF30A03706E325F7DFF32D8A9AA868F7FA9F180 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:23:54.0404 0x12e0  acpitime - ok
16:23:54.0496 0x12e0  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:23:54.0501 0x12e0  AdobeARMservice - ok
16:23:54.0631 0x12e0  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:23:54.0647 0x12e0  AdobeFlashPlayerUpdateSvc - ok
16:23:54.0729 0x12e0  [ 08BCF86A13887B37022F48D1DDD7BBA6, 955E396CCCBC1671CB7D76D0A62C4F02F272EBF30FE03FCD5AA04315B710D549 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:23:54.0759 0x12e0  ADP80XX - ok
16:23:54.0789 0x12e0  [ 211154750FCAAF053CA43B84467AC944, E5108711F8E3FBB523224ABED03341DF801739747C3A8670B854322BE79BED88 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
16:23:54.0796 0x12e0  AeLookupSvc - ok
16:23:54.0849 0x12e0  [ 14CDFA692B6147CBB4A496C536754791, 2CD4F25B36CAC02CD362EF2926E9C2535BDB8B71C0D86653681BD6D91EA53C44 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
16:23:54.0869 0x12e0  AFD - ok
16:23:54.0885 0x12e0  [ B72EB453FE72B4F1B4DF2F6AD26A7AEE, 1449281CEDE3A85549A3C961924882430A4030B5114917946B9D6F8622955400 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
16:23:54.0888 0x12e0  agp440 - ok
16:23:54.0927 0x12e0  [ AC43213279F368B02B8B50CB7825E1EC, 9737AD0E381D1FC28E27BA591D05476CF7CEC3543E261444E9D0152FFE89EC24 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:23:54.0930 0x12e0  ahcache - ok
16:23:54.0965 0x12e0  [ 7E9D33DAFAF2C2E2210A4448A3960A28, E00D596ED013AE0DC92BD5000F608C0DA87E3AD20793AD3487171D78342EE7B7 ] ALG             C:\WINDOWS\System32\alg.exe
16:23:54.0970 0x12e0  ALG - ok
16:23:55.0010 0x12e0  [ 4AF9C948A2466F924FE9494E782C2E2F, 072791BEF6F510B0DD8080AF5D125C8467CFDD1E5CB2B429E53D1FD9F633312B ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
16:23:55.0019 0x12e0  AllUserInstallAgent - ok
16:23:55.0052 0x12e0  [ 4AC2BF152526F56C5566AFC5CE353A18, C392FDBC21E325ECD905B5AB6A7D9EFBF87B6B66BC29589F9F85D84F58D48874 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
16:23:55.0056 0x12e0  AmdK8 - ok
16:23:55.0070 0x12e0  [ 313A39D788EBC68F354F1CADAD72FB83, 34B8E4E5C949C6214876F7945302BE55DD1E885A4B2E56FB9DC2E1406F31511D ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:23:55.0073 0x12e0  AmdPPM - ok
16:23:55.0095 0x12e0  [ 60CA69B56818F60605A05A77B3CE918B, 533926F6DAE956E9332F0B857C64A6CBC0B59F925DDAD671218251D9738AA3C0 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
16:23:55.0098 0x12e0  amdsata - ok
16:23:55.0119 0x12e0  [ 17592D6F173B04C3FFE4F06DBD4D3FD6, 95910C3D05F23817572054FFB8D85A2F82C2105A3ED7B263BCC99C0981D132E4 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:23:55.0128 0x12e0  amdsbs - ok
16:23:55.0144 0x12e0  [ C950BD3A649C0DB5F64DC20FCB65B82F, 0CF3B24076F6D1682419C44AD0DDCAF56813DC170D4CBF30238AB595C8E78B79 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
16:23:55.0145 0x12e0  amdxata - ok
16:23:55.0164 0x12e0  [ 3D7BADAF205247882A688CA790BA04F8, 1B77062DE83FF0A95C43789CA90C3290E39C4AF2711A2BBDC8E80FAE4B2B4138 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
16:23:55.0168 0x12e0  AppID - ok
16:23:55.0192 0x12e0  [ EE99F8725CFBF82289C7EF7F51F2A427, 11216FF1790F887FB7A0249D0DC6599B120BFF86AF8401294FB238F01049A255 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:23:55.0195 0x12e0  AppIDSvc - ok
16:23:55.0211 0x12e0  [ D0B353208D2C7882E2B1771D86042FE6, 4A3669792FD1D6209B5E0FA04928342781FEE58B85973A0F227A2CDF2655610C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
16:23:55.0218 0x12e0  Appinfo - ok
16:23:55.0256 0x12e0  [ 45DB18F41DFB4DD321C5A80E9B5125FD, 8668C807D9013367F358575B3EF6576290F9FBC0E8A8083C2FE54990EB9E9897 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
16:23:55.0290 0x12e0  AppReadiness - ok
16:23:55.0360 0x12e0  [ 1484FA04784C1128EA6DBF2108DCDECA, 18461E80E0D08E40BAC6DFD3965FA4C6B9567DCF3712ED6F04B237B00F1CB144 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
16:23:55.0435 0x12e0  AppXSvc - ok
16:23:55.0460 0x12e0  [ DD43486C2B72B5B6F3B2B30FA436E648, A31613C6756EF5045E91E8DBD8DC4A0B1715094945F4876EA5CD8132A1D10E34 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:23:55.0464 0x12e0  arcsas - ok
16:23:55.0484 0x12e0  [ 09CAD69EA320052C14F270DD2C33672E, 026616C641FBFE7C571DCE535C66945B2E04A9893A4DE507E900FFB5E3E1F84E ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
16:23:55.0486 0x12e0  atapi - ok
16:23:55.0501 0x12e0  [ B2CE831094C13C39F06ADE005587618D, 68F2B0F04115ACC57FC1766F583107B8AED50E1779CD5F7BA21803F0AED1BB3B ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:23:55.0509 0x12e0  AudioEndpointBuilder - ok
16:23:55.0564 0x12e0  [ 60E2946E3E2F472E771E2A428BD0C221, 6C77A5EF8A24A7E5CD05A4E6B69DE2B2E8FA40440787A1FB4F62D51C718F5B7D ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:23:55.0610 0x12e0  Audiosrv - ok
16:23:55.0649 0x12e0  [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp           C:\WINDOWS\system32\drivers\avgtpx64.sys
16:23:55.0651 0x12e0  avgtp - ok
16:23:55.0682 0x12e0  [ F9792A524AFA6E31E183D9B0C43EBCC6, 5A89899197EC73FFCAFBD13D6AA75B0E6FC6BF8E467B0F35A6EC9245E7388E7E ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:23:55.0692 0x12e0  AxInstSV - ok
16:23:55.0762 0x12e0  [ 547287C1D3E864A0754B44902F13D9AD, 699423EF90B12B841114BD74A4AA1E94EAFABF03AB6ABE2B6A9C8526124BD179 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
16:23:55.0789 0x12e0  b06bdrv - ok
16:23:55.0834 0x12e0  [ 458AF8D6C7B837B3169750254E531095, 0CA3DB39C706A06D90B95D7377A0FEBEFBBBFAD69F7F5087F7DF128C69D674D9 ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
16:23:55.0837 0x12e0  b57xdbd - ok
16:23:55.0858 0x12e0  [ B97D9ADFEB4F0AADD3DAC9F8D427AA7A, 1F52B09264715192ED73A2871254675425C211BDBFF3575F96A85DE0411B5D7A ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
16:23:55.0859 0x12e0  b57xdmp - ok
16:23:55.0876 0x12e0  [ FAC3B3CD73A5F5C5E3C2FB2F9AE1D8D1, 9FDF15B4266EFB648F6F4AB5AF9903021BB24EBF1F44782193F6FB9E17402F8F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:23:55.0878 0x12e0  BasicDisplay - ok
16:23:55.0898 0x12e0  [ A57A7E39B995E1B567CA54819D361F70, 4674CED9DAAA71A5395744C03980DCA5EF1A3807ADF3AF5F30A41A9423BB5F19 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
16:23:55.0899 0x12e0  BasicRender - ok
16:23:56.0127 0x12e0  [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
16:23:56.0342 0x12e0  BCM43XX - ok
16:23:56.0395 0x12e0  [ E582B9FC56BDD68EFE667A3F651B0FA3, 03D7D9995CB68365D0EC0086850F63E9B9CFD1F564FB071DCB6B978C26A18E93 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:23:56.0417 0x12e0  BDESVC - ok
16:23:56.0449 0x12e0  [ 6FF677A2279F481E93D693E14721DD4C, 6B2EC9FE2954C3251ABA56B98937EC8DC97F3068219856E0FA046FD055E2518D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:23:56.0449 0x12e0  Beep - ok
16:23:56.0505 0x12e0  [ 191BBCE9B9501B31DE6C83E9911233B6, 349AC1CB5348D37E0E4CEEDB3AC73146752FDD157652CC95D278E9A278F48E36 ] BFE             C:\WINDOWS\System32\bfe.dll
16:23:56.0539 0x12e0  BFE - ok
16:23:56.0589 0x12e0  [ BBD75C50935F7BC182213D9E00E59DBE, 673FB8BF58E5D53590A99B3261A2FEE3E87BB92198EFF1474A3B1EB859DF8EAB ] BITS            C:\WINDOWS\System32\qmgr.dll
16:23:56.0649 0x12e0  BITS - ok
16:23:56.0689 0x12e0  [ 5E913407F5D47F8A6EFB212B0068B0C6, 48E691037EFDCB8220907A2ED6094BEFA4428F923FEEF37409ACBEA4C1CE0788 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:23:56.0696 0x12e0  bowser - ok
16:23:56.0748 0x12e0  [ 1A3461328A1DF10AA9B1046C88DDF3DA, 2EA2EBA6A3B7A9CF4F2130B61A862C4CD962900C79E3564B5421A4049C977470 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:23:56.0779 0x12e0  BrokerInfrastructure - ok
16:23:56.0812 0x12e0  [ 990BF791A3A77AE3706F53EF6460C55E, AEA89125CEE7AE7661D57357C19E5551C7CA0C979D56E9A00062E20DE8DBF23D ] Browser         C:\WINDOWS\System32\browser.dll
16:23:56.0823 0x12e0  Browser - ok
16:23:56.0863 0x12e0  [ 0E9B28782D0E5DE7C25207432B791B33, FE33E3B27BEED03922DB2565DECC0E12F8CD586B5060EE4A1A87FF99EEC77B22 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
16:23:56.0867 0x12e0  bScsiMSa - ok
16:23:56.0892 0x12e0  [ 8168FE3CA8C6C3F18137FF422F3C37DE, 5C0906D50D3585A2850316072FFC8726A70BCFBE7AFB17EE69A70A736125AD7A ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
16:23:56.0897 0x12e0  bScsiSDa - ok
16:23:56.0933 0x12e0  [ 5B7074A53E8C672AC25D33351791EC04, 232034C5F658B2ADF49A50E3E365DBD2D332467231AC2C79CF55A7A4DB72B06B ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:23:56.0936 0x12e0  BthAvrcpTg - ok
16:23:56.0965 0x12e0  [ 17BAC9A0A0426884756E71B7535FB052, B0EE260081E904C44769A13095C6C0F01321184CD07232F4C249F34468F5044E ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
16:23:56.0969 0x12e0  BthHFEnum - ok
16:23:56.0990 0x12e0  [ D7A1BA88369671DCC79491F2AD8CBC76, 901249ECEE25F2D3353685A8F6E843635A473ADA8DA7AF955622931DFA0DBBA1 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
16:23:56.0993 0x12e0  bthhfhid - ok
16:23:57.0021 0x12e0  [ 4DE1964FA416C7A307375E225E6EC480, 10896EED0DA229D21A646F50629F129B82B7AFF17D0A7168C643DA2C02B2CA44 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:23:57.0025 0x12e0  BTHMODEM - ok
16:23:57.0065 0x12e0  [ 9D9F1F812DA58D944F8FBEA23427AADB, B92F834A16727D3D01310D816DDCA5E662B765000DEAB319D68B357F8747974F ] bthserv         C:\WINDOWS\system32\bthserv.dll
16:23:57.0073 0x12e0  bthserv - ok
16:23:57.0273 0x12e0  [ F9709CC185D19D73F036CF2E47B6DEA5, 9A811FF234EC256A3A9ACDE7CFA23D9797321010E70CA3C2824AB8BBF07B80C0 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
16:23:57.0328 0x12e0  CCDMonitorService - ok
16:23:57.0348 0x12e0  [ 8A7558811823FF432385CC1228A20ECB, B75C92D6D3BCB4C63AE6F9A24EDE7A44DC3AEBA50CCAA2CFB17B75BAE5153576 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:23:57.0351 0x12e0  cdfs - ok
16:23:57.0376 0x12e0  [ B10BFE7F254E57FE9D37BEE4CA525475, 61469808CFAE2048A40857E7C8765C8234F16FE4F314A148E2708E52DAEC719D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
16:23:57.0385 0x12e0  cdrom - ok
16:23:57.0420 0x12e0  [ 8DDF8E236CD88EE9CA3C8A40900DA63A, 075DE602220597EA309E44DC3B52B4F46D123161F8522E6AB43976682715644B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
16:23:57.0432 0x12e0  CertPropSvc - ok
16:23:57.0469 0x12e0  [ 489848699954FF8F1BAD88FF598DBAB2, 899771F3B3DC8C1DCDBCDA2AE76B457A132DDD27105FC0BE23C78E1E31C992D3 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:23:57.0472 0x12e0  circlass - ok
16:23:57.0478 0x12e0  cleanhlp - ok
16:23:57.0527 0x12e0  [ 648866C7E3053ED055C0D42A9CF4F798, 1D673A02674E5621F12D5EE5A3901B7CDFD90AAB2787D2F174426F4C43241478 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:23:57.0551 0x12e0  CLFS - ok
16:23:57.0579 0x12e0  [ 54519A1D912F3C23C5140A7215F602FC, 3AFD11E0F99E8E25FCBCD18793C417FB842B585A570F0A15E678EAD7F6B08E15 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:23:57.0581 0x12e0  CmBatt - ok
16:23:57.0610 0x12e0  [ 891B5794233F16A7A8F0D0EF60A07234, 12F012F9E2B04A60F78ED9094CE240C4700E5A83AB172587DC73276D94B28867 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
16:23:57.0630 0x12e0  CNG - ok
16:23:57.0652 0x12e0  [ A543E65AFD623E70FEE1982082F4263E, FA726B7DDF0D93D48C9ECD88488F6CCAF973770C090E70DDF04367A41CD986EA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
16:23:57.0654 0x12e0  CompositeBus - ok
16:23:57.0662 0x12e0  COMSysApp - ok
16:23:57.0684 0x12e0  [ 392BA755FC1F5CD09AB6CFA359495990, 2F32A5FBD6605678B60CFA63CD167C0CA3E8C70FDD0BD20EA3F1A7F77E53919C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:23:57.0686 0x12e0  condrv - ok
16:23:57.0726 0x12e0  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:23:57.0743 0x12e0  cphs - ok
16:23:57.0832 0x12e0  cpuz134 - ok
16:23:57.0871 0x12e0  [ 4067644422B0CE868B8F4902E4FDF78B, A72B66C30FDF2ABC66A532691A846BB9F5DB770DE6AE58B344FB53701249EC13 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:23:57.0883 0x12e0  CryptSvc - ok
16:23:57.0930 0x12e0  [ 5E6F8A31FBDD1C77B5F7D874A9039DC8, 387B0652F933247DF1F4359AF6EAA1E396962C8CDCFADD0016D469E4CC069B82 ] dam             C:\WINDOWS\system32\drivers\dam.sys
16:23:57.0935 0x12e0  dam - ok
16:23:58.0026 0x12e0  [ 0A5D7B49DDE56316CA11EA0FEDD364AD, B8676EAB4D6171A53995B52A4A3885579A721CCBDCBF80837960CE432BA6A607 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:23:58.0060 0x12e0  DcomLaunch - ok
16:23:58.0092 0x12e0  [ 6DC562177A21EC671779B77167A8BD75, A52920A4BE151A43A9164996DD32DAF6E464C5629FBD6C080E8EEE032A6C4848 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
16:23:58.0120 0x12e0  defragsvc - ok
16:23:58.0183 0x12e0  [ 119790A1D3CEB8FD3E01D357580AAD10, AD0A8F44E06E336B47634891BA11F6748AC517653E7D72AD661D44C6754EA809 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:23:58.0223 0x12e0  DeviceAssociationService - ok
16:23:58.0344 0x12e0  [ 6EC5098678F3E8724A9F3E151031FEDE, 50D8BF9AC08497FA45C097186BD5C0E85C265DDC40A48491E78249BB7243649D ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
16:23:58.0367 0x12e0  DeviceFastLaneService - ok
16:23:58.0398 0x12e0  [ F32027C62CE671B09A7078183F961545, FFF87739DCEEA27F16005401E7E9A203A8044626B6E7170EE90B77E746A6D9CB ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
16:23:58.0406 0x12e0  DeviceInstall - ok
16:23:58.0435 0x12e0  [ 8B138B1BB0D08DAB0C5D06F6E375143E, 1B83DC001C01493320BAE9CC7A867B2F93F985DC1AFE7D5613D87C949E390A29 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:23:58.0440 0x12e0  Dfsc - ok
16:23:58.0493 0x12e0  [ ABE8EB8397CF7FF6FB7F69660828E21E, 78BF78FA1598B7CC6373543D5926310381793EB8834EB927CC657CAADF63865C ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:23:58.0530 0x12e0  Dhcp - ok
16:23:58.0562 0x12e0  [ 483FE296E5EA7B1FEFA06B849D9B14C6, 7945110DC81ED3FC03DE29422CA264F8A8EBBCECC39A77C7D9537726C7D0F715 ] disk            C:\WINDOWS\system32\drivers\disk.sys
16:23:58.0569 0x12e0  disk - ok
16:23:58.0592 0x12e0  [ 39FDA75560CB482C12C393F19CAFB247, 74045B24C3B026BD7EBD652480AAEA585735E78D6A60612A0CCDA00A9D9D5566 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
16:23:58.0594 0x12e0  dmvsc - ok
16:23:58.0629 0x12e0  [ 64CB0A845BF3EE8D57C73435ED7314BE, F40E402E1B8B1C12F4BE28FD2AE7F7976FDA0E39ADF4690988E9B990B679C8E1 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:23:58.0659 0x12e0  Dnscache - ok
16:23:58.0708 0x12e0  [ 0DA4B486DEF70E3CE27787B7B0E168AD, 25FB26FB0B1D2DFC196F1FCBB2E96E7F75C1CBBB2ED963AAB3FF9A13DBA352A5 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:23:58.0741 0x12e0  dot3svc - ok
16:23:58.0775 0x12e0  [ D65EE5C3B8507D17CE73AA063358C592, 09C8E75B0212748A2AE8FF61EAEFC8DADC1235D3E1ED3A477810D669A15BEBE7 ] DPS             C:\WINDOWS\system32\dps.dll
16:23:58.0795 0x12e0  DPS - ok
16:23:58.0830 0x12e0  [ 1EF980A714486FB04E2EC1E9E71089C3, 1D1E090E47A496779FD15B03BFD9F1F9463735406FB1D09F3A5405E02B0CC6DD ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:23:58.0832 0x12e0  drmkaud - ok
16:23:58.0922 0x12e0  [ 4E2C9C48316B2156B45B58687C7435AC, EDB2C48E10F4E6A2E1F9FDC1C62E5E59C50BA4F7D37CD0BDB11F4F888D5720B3 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
16:23:58.0938 0x12e0  DsiWMIService - ok
16:23:58.0983 0x12e0  [ 642E0C050A5EA226C1D347C85954F3B5, 58AA4239CBD610AA255DA1389F2B5B8409FA4552DE4BD52F19AA045F239E2BBD ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:23:58.0994 0x12e0  DsmSvc - ok
16:23:59.0102 0x12e0  [ 86B213002C4CA3C533866E654B7BFC15, ED19E77BBCF96F506C6CC1BA67AC72822B92EEDC4759D885FEEDF5B06E9A82CF ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:23:59.0139 0x12e0  DXGKrnl - ok
16:23:59.0169 0x12e0  [ 543CD04015CFBC6A6F28A192A8FE5667, 6FD4F2232193AD4958DAFFFB53638C426B3D12AE4199744DF4DB87823F57F04F ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
16:23:59.0177 0x12e0  Eaphost - ok
16:23:59.0355 0x12e0  [ 8AAE68B2F914E1BD4BF2DB5C7CAD94B4, 8F35EED5DFFE27FBB47BF3689E8DEE60FE9566AD02B85B5C690E140820F84F4C ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
16:23:59.0427 0x12e0  ebdrv - ok
16:23:59.0452 0x12e0  [ 355E261B1B3B74818E81DB84D66F623E, 5B1D25A96701FD4D3342B9A9EC4F7A0BF45DFE218E466CFAC4F5D31AE2A28992 ] EFS             C:\WINDOWS\System32\lsass.exe
16:23:59.0454 0x12e0  EFS - ok
16:23:59.0499 0x12e0  [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
16:23:59.0509 0x12e0  EgisTec Ticket Service - ok
16:23:59.0549 0x12e0  [ EB6EC9372763F8DF998C5CE8C3CE99CF, 11EE41ECDB6A5FBAEBD421BEAB60C48912B994B6DA085A55E28570FFF957B59C ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
16:23:59.0555 0x12e0  EhStorClass - ok
16:23:59.0584 0x12e0  [ 389B7C123EE66AAA4237A26A19EC91DE, 90D0E4130E7D06D7F4FC2CB9AC553D4CC6FEFA9BA4AB4ACB8BF8E3BFF50CD6F4 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:23:59.0592 0x12e0  EhStorTcgDrv - ok
16:23:59.0710 0x12e0  [ C9455140176A5D1F05FDA44E5F319856, 2FE7ED1C70BFF238F7EB5CFF76552F272A4C95449A8D5C264E340C46281C1F75 ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
16:23:59.0732 0x12e0  ePowerSvc - ok
16:23:59.0744 0x12e0  [ 3B3551C7B576C3DCF19A23C16C841868, 77AF1C9F79F422409765AE02AFC43BD7CE13A65EA4AA07F6552CA5ACB2EBED05 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:23:59.0745 0x12e0  ErrDev - ok
16:23:59.0796 0x12e0  [ 2D055FAB756A79F5221ADF56EAE4CB3B, ED8D2CA2EDBD23C794C1B183DD2622A8273E5767D2417FF923A569D07C85773D ] ETD             C:\WINDOWS\System32\drivers\ETD.sys
16:23:59.0816 0x12e0  ETD - ok
16:23:59.0887 0x12e0  [ 02927ADA6439276DF23BF0D0B5052D4A, BBA5D3AC8D0B51E106018725E19A553DF8D7390C5D953DD24D22984C2E08527F ] EventSystem     C:\WINDOWS\system32\es.dll
16:23:59.0906 0x12e0  EventSystem - ok
16:23:59.0938 0x12e0  [ 8D3E304241E477BE7D64A9C68777C406, D577CD4E53B822B5088E0FC1DDF252BB6FC8679133C6E4D871416542BE3F5C79 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
16:23:59.0945 0x12e0  exfat - ok
16:23:59.0979 0x12e0  [ 3D11AD9D2E49CA3D2C9379D557F63478, A4D8BF2146F62BC5E10C7F1EA910EA86C26160029C3BABE85310043FBBBAB7D2 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
16:23:59.0992 0x12e0  fastfat - ok
16:24:00.0075 0x12e0  [ 9CCDD4166E4AA8AB649178688D2CCE0C, 8BEC47E095CC7474BD1B94CE6B9520C09EE80DDDECFB5E7679A95BB86C9168A6 ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:24:00.0119 0x12e0  Fax - ok
16:24:00.0142 0x12e0  [ B9B2BC418B4D438732C2B435758727DC, DA37447C2D585D75DEB6C326EAEADE3D4AFDACDE0A822CBCE99ED1549FC3255A ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
16:24:00.0145 0x12e0  fdc - ok
16:24:00.0172 0x12e0  [ 173C8435715E9D570BEF1E149B298ED8, 10F887126D6943ADD629DA2433FD53B3E422D9A38597A0F730D4D83FFBE27856 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
16:24:00.0178 0x12e0  fdPHost - ok
16:24:00.0201 0x12e0  [ E0CA611AB4A88922F2C85939389DAC53, B7BF6C3616C4C1813ADA6C118D2FC2B8B4E8413819A28F97A2B6B4545B537644 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:24:00.0207 0x12e0  FDResPub - ok
16:24:00.0235 0x12e0  [ 7C75F73B80F0EAB90188D8848577857F, CAA557C16EABEE30AAB66FC2E36D8F17896BCFD6A1838745C003DDFB1327764B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
16:24:00.0247 0x12e0  fhsvc - ok
16:24:00.0336 0x12e0  [ 654A537CF7FE15A41373E85D1167040B, 947402F354B9F0BD027998D7518B2159281CC20D1AD360EE946998EADC98394E ] File Backup     C:\Program Files (x86)\Workspace\offSyncService.exe
16:24:00.0364 0x12e0  File Backup - ok
16:24:00.0379 0x12e0  [ 2834348509C2B4D684530E1B6D55DF9E, FBA1CFA49CE9C7F50399002F8BA7ADD80CF5298104DE56964E9642276C472F38 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:24:00.0384 0x12e0  FileInfo - ok
16:24:00.0417 0x12e0  [ 1E1102BEDEA9022454B6CDB636DC0950, 00729AC321F697C842FEC98069B19A379A8FB707B7D0186AC4A9833896499F3C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
16:24:00.0420 0x12e0  Filetrace - ok
16:24:00.0509 0x12e0  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:24:00.0536 0x12e0  FLEXnet Licensing Service - ok
16:24:00.0624 0x12e0  [ B8602C90D3C427D8A86CE60437615CF5, E8058E71FD60D21884CBCF398338A65A92926BAC406F96713A262BDFDD04C80A ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
16:24:00.0647 0x12e0  FlipShare Service - ok
16:24:00.0718 0x12e0  [ AC5FB7094F31534594CAE48306972CBD, DB5A0F63EF6ABF68B1A952A05646A163A5C075E3571682FC1C4B32918E1569FC ] FlipShareServer C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
16:24:00.0746 0x12e0  FlipShareServer - ok
16:24:00.0756 0x12e0  [ EA78BBA112D40DA691FCCBA7F3A5F0E7, 35D1FFBCFF813D256FC5A7C6CEF7B5ECFB0E3114D3F383183311E7569BD41616 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:24:00.0757 0x12e0  flpydisk - ok
16:24:00.0783 0x12e0  [ 482A7C9F4C191DF44F705A16811DC9B9, F86FA4DE45BCF641CAEE58E916994B4E617767720F931875265F8F2AE6F502EE ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:24:00.0791 0x12e0  FltMgr - ok
16:24:00.0881 0x12e0  [ 33ADD16C1E12311C2ABB5599676CC1AA, 495CD624210FF9AC552B6AA26C525A2C27401E8272DEF801073A1F764969C0FD ] FontCache       C:\WINDOWS\system32\FntCache.dll
16:24:00.0985 0x12e0  FontCache - ok
16:24:01.0077 0x12e0  [ 9BDDB7F62E93009106CE38929AD40921, 54DB282B1D3A88AAD7ED71BA75C749643D5F0D5955AC77E58C739F2BA4A8678B ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:24:01.0081 0x12e0  FontCache3.0.0.0 - ok
16:24:01.0103 0x12e0  [ 84318B26770925D080606BA23F06FBAB, 6AA2DDA60C42117D265F58CB9EB211820C39D0DE0A65C7781FB1E80A97D3145F ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
16:24:01.0108 0x12e0  FsDepends - ok
16:24:01.0130 0x12e0  [ 085EF917B1ADC563D670D7FD369CEFD4, D6081B60793810755AAEF9446CFB3A4FBFA847E4CEC8D8F8D29DF21B9097D052 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:24:01.0133 0x12e0  Fs_Rec - ok
16:24:01.0180 0x12e0  [ 63CC9D976BF7D6DCA4C0D66A87F4CA31, D02F5E7C94445B23D287F4862E8BE893EFAFB9BD6D820469FEB58D78F3B46D6B ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:24:01.0200 0x12e0  fvevol - ok
16:24:01.0220 0x12e0  [ E8F0F9F9278AE83AE7290E8D139E2B82, C3F8FF656C65DB8DC81D8919C3C7550D0414737AD35953902194D9ACC3AEA8CA ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
16:24:01.0221 0x12e0  FxPPM - ok
16:24:01.0236 0x12e0  [ C72A82F475DACC66B7C20B5138E3A3B8, 1F9EC59FAD375CBC45D641F42283C4C01A4442210CA2AF586EB9A97821D0D4CB ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
16:24:01.0239 0x12e0  gagp30kx - ok
16:24:01.0310 0x12e0  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:24:01.0318 0x12e0  GamesAppService - ok
16:24:01.0344 0x12e0  [ AECBCC1093B42DEFD46DB57592D23D41, 0B0D5F6DE713751AAB04B2378C7CBCC5E42800EA66846CEB2375360B0190E239 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:24:01.0345 0x12e0  gencounter - ok
16:24:01.0373 0x12e0  [ 71AD1FE737DA40820F44983FF3936502, C512148738B9A11C879FD55A4ADBFF6603D419961BA54B21E7A6BCD917422F0C ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:24:01.0383 0x12e0  GPIOClx0101 - ok
16:24:01.0495 0x12e0  [ 47581CFFA38CA6727879DE018D965AB5, BFFF4A0BB5891D6C937A882B48044388C9007F64EF3950D2EE5C20EA93117C56 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
16:24:01.0529 0x12e0  gpsvc - ok
16:24:01.0564 0x12e0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:24:01.0567 0x12e0  gupdate - ok
16:24:01.0573 0x12e0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:24:01.0576 0x12e0  gupdatem - ok
16:24:01.0591 0x12e0  [ 02B883148A47B549DBCDB15CDC0C5F06, A16482D7661A0DC2C457FDB8641C51B72D1C3DAD9464D5CD4020D4AF00218F3B ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:24:01.0594 0x12e0  HDAudBus - ok
16:24:01.0617 0x12e0  [ BE8F75F1D2C8EE558E2DC4DAD6053509, B68A56254A5CC038BC1BB6E542B65212D8007F10834807B4CF283FFABAE62088 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
16:24:01.0618 0x12e0  HidBatt - ok
16:24:01.0646 0x12e0  [ F601337F3A170AE908F1891050835613, FA5B1FA0EDF585A1ED14208736DF4DE43C87D8A8A123878B5CBC754FEC676B56 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:24:01.0651 0x12e0  HidBth - ok
16:24:01.0674 0x12e0  [ 41073ACD5D08258C166AFFD94599A438, 69346EE2AC49B683A3E4707F97DA1EC96139FA7349F56EE3B7D6CC3E736D8851 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:24:01.0677 0x12e0  hidi2c - ok
16:24:01.0711 0x12e0  [ 789A11CB60A50E9A06EAA6FAD13A3397, B3C7F4F62EC962000E8FA75C973266C56CEA55BE40F5D48EE72BF7E30832169B ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
16:24:01.0714 0x12e0  HidIr - ok
16:24:01.0745 0x12e0  [ 498A59D4BF0BAC5337604335ED03792E, D7F51B23AF13093F2B8141ACAB5378BE35F021DE0B2F8A78EA53EC329C0813B5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
16:24:01.0750 0x12e0  hidserv - ok
16:24:01.0778 0x12e0  [ 5BD65F6865F3F125E4B920A151F2DBFD, 648629AE9A3A8C74CE628B3CBB89A1552076CCEAB7080384653DE02AE43F0E7A ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:24:01.0781 0x12e0  HidUsb - ok
16:24:01.0813 0x12e0  [ AACD31D9B4129F05ECDE27DE98E6D96A, A07BBDF2B4D40D5B59A0E6C92C2A9805BACD3A7A53658DA62EF46F17079FF7A3 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
16:24:01.0819 0x12e0  HitmanProScheduler - ok
16:24:01.0858 0x12e0  [ 61C162C75E2A86127CBE2804F1AEB233, B92236952527FE8CA03618CF66337103F733248043AE86BBDF099B28AB9830EE ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
16:24:01.0867 0x12e0  hkmsvc - ok
16:24:01.0901 0x12e0  [ 2AD0F602509DECE8B8FFB4116C007ABD, 842A87443884E78057CFE22960731C46568C00333AF8C15C201CD65FA2DC7D21 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:24:01.0931 0x12e0  HomeGroupListener - ok
16:24:01.0977 0x12e0  [ D45B242BE8DF6BF44AFF33795A044977, 7AB0BB8D6B278542F59817B07613B30347C2AA52E9874662A1EF6640FE3296E6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:24:02.0010 0x12e0  HomeGroupProvider - ok
16:24:02.0029 0x12e0  [ 204DD944BC04AF1E65BA8E1E4C89064E, 4A6D233673B4C317B30E4D8D3D71F5118AA6147736CAD6729AB0F64D6B3BDDAB ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:24:02.0033 0x12e0  HpSAMD - ok
16:24:02.0114 0x12e0  [ 1659B082E485690158521D8BDBE217EA, 6CE7286C7469D9228D02F758ED71DF8563B8B10ECAA0A1013843FD4608749E0D ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:24:02.0143 0x12e0  HTTP - ok
16:24:02.0178 0x12e0  [ A5D4268719A6D73F4DCAB36FFF8294B7, 59335D6744D4CD3FA6A35A11926535A0511B859F5DBA1C6367CEBE3E4A0AB8C3 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:24:02.0179 0x12e0  hwpolicy - ok
16:24:02.0211 0x12e0  [ E6DFF1337326B90E41DD8EB931C52998, C4398A607C5299E7F5C9A7373488C54E4EEF50595396E17534D34888A0F3C55A ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:24:02.0212 0x12e0  hyperkbd - ok
16:24:02.0229 0x12e0  [ 8B80A3B93A31F033688E34BD26876AA3, 121B09A9EC60BF5F609B87C5D1081B32EB6042291BB19F927EA0BB6E3204B885 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:24:02.0230 0x12e0  HyperVideo - ok
16:24:02.0249 0x12e0  [ C5683F37B8D77E58C385F4424AB53DDA, F410FDF5F59C3498DDE2F0B098FFD20C726FB1BA03723F0AB8F48E7391B538AA ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:24:02.0255 0x12e0  i8042prt - ok
16:24:02.0327 0x12e0  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
16:24:02.0355 0x12e0  iaStorA - ok
16:24:02.0397 0x12e0  [ 81664CB58E9DB3E6CF24A46384E7BF12, 647F1E22D646AC6D900A73C23FCF5584E8531E0490516B138BE2507490E42A80 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
16:24:02.0417 0x12e0  iaStorAV - ok
16:24:02.0467 0x12e0  [ A052B18135149D95D7E2897BDBA072DB, 3F2402404698D8B685DBC6034DD7458AE59D0BBD7469FE09A856A1BE4A2C935C ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
16:24:02.0487 0x12e0  iaStorV - ok
16:24:02.0497 0x12e0  IEEtwCollectorService - ok
16:24:02.0753 0x12e0  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:24:02.0869 0x12e0  igfx - ok
16:24:02.0964 0x12e0  [ 3139A17580B96BA0D2EC5CD8B738FC56, 812223D1E2E30DD6308D40C001A402BB12784FF0B1D3977D55415A0A94C93D4B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:24:03.0019 0x12e0  IKEEXT - ok
16:24:03.0214 0x12e0  [ 9CC645EB9697AA4F2D5A39835C80A0A2, 39861B19E9BF17F5250D571996167A178606150B62C876529D3699817FDDC42A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:24:03.0303 0x12e0  IntcAzAudAddService - ok
16:24:03.0357 0x12e0  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:24:03.0374 0x12e0  IntcDAud - ok
16:24:03.0478 0x12e0  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:24:03.0506 0x12e0  Intel® Capability Licensing Service Interface - ok
16:24:03.0525 0x12e0  [ 67B6525A46BD0EC32ECC6148D702954C, 5151BB4AD79E5DA6EAE75FC99F58F164621C33F7E87B8BD007E6D6FAE9FEE621 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:24:03.0526 0x12e0  intelide - ok
16:24:03.0549 0x12e0  [ AD9BCCD4DC72974623B15965235FF4DE, BE27F798E4F81CEE628CFA3A48BC1202F46E11705BCD6DBAD98775E01E1E817A ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
16:24:03.0551 0x12e0  intelpep - ok
16:24:03.0585 0x12e0  [ C0E7309A30511D600CE84C1D053D19FF, 37AAE2E2540B47C5AE1E05AD968B52A154E441AEBBB72A8147ABE47761707977 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:24:03.0589 0x12e0  intelppm - ok
16:24:03.0610 0x12e0  [ 3ACE5DCA1648969E7247F4DA14DB3749, 032DBDABC7E026CCEDBF641F1BDA075BD3C11367803387E956C109B10EC53C53 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:24:03.0613 0x12e0  IpFilterDriver - ok
16:24:03.0673 0x12e0  [ A8EA8FF3F0CEE0DF7D3C73AB9A31E024, BDB7168CDF7E746E121D760B33B6C72C44B899CC82D3B2B589C8F32E401375E5 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:24:03.0711 0x12e0  iphlpsvc - ok
16:24:03.0731 0x12e0  [ 0A26D7083BF502A0011B64A770675004, A149DD139FC8F3017E3607C2FC829406B56049CC36AFF759086E0B95BB8610C7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:24:03.0734 0x12e0  IPMIDRV - ok
16:24:03.0742 0x12e0  [ A45092ABDBC0B76DBBD430236BC60DA5, D3D9B47AEB61FE57A71B7A3110401CDAD74E2891DC5CE975DFBF31DFAB5A9EA6 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
16:24:03.0746 0x12e0  IPNAT - ok
16:24:03.0778 0x12e0  [ 7A9CAF3F1A4961A7B77E58F81900BDCB, A169736691C611C80143334C55022652685D28C1C1EA5B11C3D478DC0C33DEB5 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:24:03.0779 0x12e0  IRENUM - ok
16:24:03.0793 0x12e0  [ 1DD8065B5CC61E0DA4EF9C719B94B126, 259B3926BDFCF6FFF7FEB432DF74FB6B81594A0569F99AEABFB3E2E432B21FF3 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:24:03.0795 0x12e0  isapnp - ok
16:24:03.0845 0x12e0  [ F072AD7B6100162DAD6CDEF2121F548A, F51CE767BC97F43F147C5227A5C6D36323C31FFCB92BC4B8FE157C3B9B7A746A ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:24:03.0860 0x12e0  iScsiPrt - ok
16:24:03.0955 0x12e0  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
16:24:03.0965 0x12e0  jhi_service - ok
16:24:04.0029 0x12e0  [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a        C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
16:24:04.0070 0x12e0  k57nd60a - ok
16:24:04.0101 0x12e0  [ C45147D40D702D99DB20640B59C47F2C, 2871B927BCB22A9052064103A0D3417A8F08676C62962D7B7C2692D504831CA6 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:24:04.0105 0x12e0  kbdclass - ok
16:24:04.0124 0x12e0  [ B8382A1F520B75D8456482B0CBEA38F0, B2D9195DE658BE2B392B5146753177B4E4C6249B2AA68140C75DF39E27E3E9E9 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:24:04.0127 0x12e0  kbdhid - ok
16:24:04.0152 0x12e0  [ 58A515DA793D041956A6F14FD807F6DA, F69497E21A18B0E9E1B9DB2CBA9E80D9422C40D77562D561FC28BFD047411B24 ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:24:04.0154 0x12e0  kdnic - ok
16:24:04.0176 0x12e0  [ 355E261B1B3B74818E81DB84D66F623E, 5B1D25A96701FD4D3342B9A9EC4F7A0BF45DFE218E466CFAC4F5D31AE2A28992 ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:24:04.0182 0x12e0  KeyIso - ok
16:24:04.0204 0x12e0  [ 52BF62E7BFD4516FAD95C35EC9A01B49, 8BA52E465057A8BAC86BCF37CF24C2DC12B57B335893F33A6997B902C7423EEE ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:24:04.0210 0x12e0  KSecDD - ok
16:24:04.0233 0x12e0  [ 9886ADDD3C14D66A0C3F8C7BA7F3C4BD, 801678CDAB5487DC108A688603390B8BAC12D5D70ED6ECBA3015C8A06372FFF8 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:24:04.0244 0x12e0  KSecPkg - ok
16:24:04.0258 0x12e0  [ A4FF87CA6FBE918C8B1DB0B822411090, 9655D820003727C8186209031045FC0AFB0AEF064404FB4157FFC9BDAB6ECCC1 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
16:24:04.0261 0x12e0  ksthunk - ok
16:24:04.0317 0x12e0  [ 9C66A5295E52BC60FD66476E97FD7687, DA409B6FC47A65FA486634E26976F09436893FB8122AC17AB4AF0B340C1422FE ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
16:24:04.0350 0x12e0  KtmRm - ok
16:24:04.0391 0x12e0  [ AD9AC6FCD441C61F3ADED4536C828519, 69BDD9D0A7A8535C183E8C80356C57B667889DAA6F45777C99F5C9F6C0F34DD9 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:24:04.0413 0x12e0  LanmanServer - ok
16:24:04.0442 0x12e0  [ CAE10A8062F5E71E0AA1F39A39CDEFA2, 75E0D4A2689BBCF9C692B4DA217AB003A2ABF106A6AC06368AEE787E150382FF ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:24:04.0464 0x12e0  LanmanWorkstation - ok
16:24:04.0515 0x12e0  [ A11CAE19E2130869328B493D1BF68BCD, 70D0F21DB101A6D6AD3AB0EE26007036F453526953CCA4BE5A35DDA89E4AADFD ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
16:24:04.0552 0x12e0  lfsvc - ok
16:24:04.0569 0x12e0  [ D057815983766EA815CBD755E983F7F5, 635009ABDF5CDB289B9A586D5F4F410D90B78D1012A4E675D7E88285297335AC ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:24:04.0572 0x12e0  lltdio - ok
16:24:04.0611 0x12e0  [ CE9037D7A388CE7582EAA1E99714011E, 514F19CC09EE5E94D173E802A12A497C9F85E548F50783369D46AFFD6F5469EE ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
16:24:04.0633 0x12e0  lltdsvc - ok
16:24:04.0657 0x12e0  [ 62869798DFE9F451C92C095EBE42777D, 1433085F7ABC549001E926C50EA279816356B9D805CBEBC34F87AE252894A7A4 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
16:24:04.0661 0x12e0  lmhosts - ok
16:24:04.0712 0x12e0  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:24:04.0729 0x12e0  LMS - ok
16:24:04.0767 0x12e0  [ D760053492857E34CFBBE0F3CF77171B, B239CB2AEB1BB72BEC1DBB6A6DFF6F6DBCC1105DA6BCD07EE995A0BE866356D1 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
16:24:04.0775 0x12e0  LSI_SAS - ok
16:24:04.0797 0x12e0  [ E53E1C4F84C72371658A0E63C8489D02, D1D6B6D519E4820C4376BC044E7466D4D51212774622853462475B964322C524 ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:24:04.0803 0x12e0  LSI_SAS2 - ok
16:24:04.0829 0x12e0  [ FD3923AAF98BC339B418B7CE25C05B0C, F261315D68D70F7EB029E4074D8A6BF8C5C26EE13306D094D4F2307B9F027CE3 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
16:24:04.0835 0x12e0  LSI_SAS3 - ok
16:24:04.0850 0x12e0  [ 88832B324F64CC0A784A531CAD9C7D99, 91EA857023E94890712C6CF735647C5DDDBDAB682F95C4BD4A624BF65256DA7A ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
16:24:04.0857 0x12e0  LSI_SSS - ok
16:24:04.0918 0x12e0  [ 32D62A7C7D305AD19B719F6F64F2CEC2, C536099BF7E907F29235A3185EE9FC7FFEEB6514575BB2966F9D3149C2AC8086 ] LSM             C:\WINDOWS\System32\lsm.dll
16:24:04.0975 0x12e0  LSM - ok
16:24:05.0023 0x12e0  [ CB8EA2EEE75B1E6F088DFCCBD8DD4BF9, D6D22D028DAAA78A0C57B5B7525E2E4DF0557773A74A64B083D25BB27EC7A3EA ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
16:24:05.0028 0x12e0  luafv - ok
16:24:05.0057 0x12e0  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
16:24:05.0059 0x12e0  MBAMProtector - ok
16:24:05.0101 0x12e0  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:24:05.0117 0x12e0  MBAMScheduler - ok
16:24:05.0164 0x12e0  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:24:05.0190 0x12e0  MBAMService - ok
16:24:05.0251 0x12e0  [ 968BFF74AEB683C962960ECE0CAE4135, 3E08B39DE27FE27A27BD3E81486F0FCA1947D4B50BFE0167A0C27CE48DD56793 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
16:24:05.0265 0x12e0  McComponentHostService - ok
16:24:05.0299 0x12e0  [ F54C1B9F97AE7950302FB19FE7821223, 85518FF693775A9DC1B0A5115B712C3AAC50277B5EB1C7BFA6F8B7C4FD1E9708 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
16:24:05.0302 0x12e0  megasas - ok
16:24:05.0343 0x12e0  [ 351A36A44B56CCB60E51BBACC13AA0BD, ABFFE89CFDD34CDEFDB6DB28F9C9FC472D9C9EE64B3D602E0F351423115D3E0D ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
16:24:05.0366 0x12e0  megasr - ok
16:24:05.0397 0x12e0  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
16:24:05.0400 0x12e0  MEIx64 - ok
16:24:05.0428 0x12e0  [ FC9FE5DB6866E28ED4CB4FEA31EDDF16, A0D1456824D9AA4FC3DCC8ABE313AE415473EED068ECBF43D2D7D719AD8BF71A ] MMCSS           C:\WINDOWS\system32\mmcss.dll
16:24:05.0434 0x12e0  MMCSS - ok
16:24:05.0454 0x12e0  [ 072FA45EDF71A8BCD62ED2D7BA6D4486, 30F8C5A1F2EDC430ED9F010D3537FA9DD88B4371A68B4513F34EEBB1303ABFA5 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
16:24:05.0456 0x12e0  Modem - ok
16:24:05.0484 0x12e0  [ 3D83A18A03F369D05AD241CB0C158804, 730489EC2D5DB70EB0C6B6C7F830A69238A2A82E881B3FDE83F8FA2FDC83C0D2 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
16:24:05.0486 0x12e0  monitor - ok
16:24:05.0501 0x12e0  [ 7A058076D290F6B11E966D9F3A6F5050, 7BF01A0B15A1A440C890B2E0371C45F64573D5E4AA23501BBB7B6F36832EC480 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:24:05.0503 0x12e0  mouclass - ok
16:24:05.0521 0x12e0  [ E817D4FE150DAD83134C4A36D1331557, 971114371948DFE8D940A99B6F273BEBEE133E6A4F5E3EA7B6951EBAE8A2CA68 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:24:05.0523 0x12e0  mouhid - ok
16:24:05.0549 0x12e0  [ 5E4EE7B237E715F45A6A59B3BC9796EB, 6BBFDF78176B9C5F1EBDDBA00A38355C1AF7E2E792B26DF445DF3424902C249B ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:24:05.0553 0x12e0  mountmgr - ok
16:24:05.0589 0x12e0  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:24:05.0595 0x12e0  MozillaMaintenance - ok
16:24:05.0605 0x12e0  [ 45088E6982B123C2BDC8F5D7D0A98D9D, 9F23EA33734C4587AC2D1F4C6D812E732857CD1D663D3C4C4D8C4A2DBF422A07 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:24:05.0609 0x12e0  mpsdrv - ok
16:24:05.0700 0x12e0  [ F353DFB05A00C293C2CD547C878215FE, 28E6D0914F838F91C95A9B5904A9459F47939F2092FE4FCC01CB33669C0FA3AB ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
16:24:05.0755 0x12e0  MpsSvc - ok
16:24:05.0794 0x12e0  [ 4F9F7BCCFF1CFEA1E08BAB811FE122FF, 824BEACD41C9BFC2BFFDA04C6086F5B821470387E157DB0B3BEA1D106AEBF48B ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:24:05.0800 0x12e0  MRxDAV - ok
16:24:05.0839 0x12e0  [ 6892450714B110D2BCDB86A5DED74A1B, 996F442652C53359456CA5833FEFDFC58BDC89417AEC2F09F6E148181ED84CF2 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:24:05.0854 0x12e0  mrxsmb - ok
16:24:05.0872 0x12e0  [ 642186DE6372BA97E810F9AEB99456ED, 91E17A5B8541384DCFA5AEA73FD09CEB362B7778B4AADBA24F1528FCD57321F0 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:24:05.0883 0x12e0  mrxsmb10 - ok
16:24:05.0898 0x12e0  [ 2C0E550B5FC2BDDB08EF9E578D4103BD, ECFEDAFF8AD93975904DC77245164E06CD2997964996F1AC351F0FE686D01CC5 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:24:05.0906 0x12e0  mrxsmb20 - ok
16:24:05.0967 0x12e0  [ 9D498C63A3CE9173CCB2D856A516DEAA, E50DAEFA52ABA57A7546B168A48EE929B83CDADD841B84C86F8AEEEC206492FE ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
16:24:05.0976 0x12e0  MsBridge - ok
16:24:06.0020 0x12e0  [ 75CBD5E55C26702C8B8E1CD6351BCC53, 2B64329B47524C317605124A6D4FEFA7D063250CED54B6009D8ACFD285E2664B ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:24:06.0041 0x12e0  MSDTC - ok
16:24:06.0076 0x12e0  [ C2B7352B8903B80048CD8078686833E2, C0CE2CC1ED2D40381E88C80E6DA9C92A235ABC64A77559B36A923A4360F3428F ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:24:06.0079 0x12e0  Msfs - ok
16:24:06.0101 0x12e0  [ 185A49CE03A051FBEF89E7F5518D1CE4, F9DF182AA89CC325CFA227D09D5571E2EDBBC8EC42BDF23529CC3A500B1773DC ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:24:06.0105 0x12e0  msgpiowin32 - ok
16:24:06.0124 0x12e0  [ F46F59F1A0DF6F21B98411946342FB01, F583CBA6A8E628D049D02F7A99F5064CE5DB1A50D6EF984CF0277E7FA42B87A4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:24:06.0125 0x12e0  mshidkmdf - ok
16:24:06.0147 0x12e0  [ BD7658E677BD2ED0C093503721B6F797, 34C9D090124F04F2FE0DBFC7A2274C58F00E7343E5A42F323E9AA75F0A65DBB0 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
16:24:06.0149 0x12e0  mshidumdf - ok
16:24:06.0167 0x12e0  [ D6EB40F88B694F16EDF709A503B0B273, 768C4BEDF685D655C16D748574A4F67AADA89878AD0A1404D3F91D1ACC62CC57 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
16:24:06.0169 0x12e0  msisadrv - ok
16:24:06.0213 0x12e0  [ 7428ADB9F57A55CA13433614592E4697, 835143FF39FB5EDD8106383DFC755895A94FAFF75A3923CB04A1610EBE8570FE ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
16:24:06.0236 0x12e0  MSiSCSI - ok
16:24:06.0245 0x12e0  msiserver - ok
16:24:06.0264 0x12e0  [ C569DA668E3C631449DBBFEBB5F8834B, CEECF5462272C666B6F4E3066EBCE772B7E518DF9BA72C8339DDE02DDA70155F ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:24:06.0266 0x12e0  MSKSSRV - ok
16:24:06.0290 0x12e0  [ 0B1A18A872A403E1D018FA46F6CCB998, 9A4411B655EB7DD7F27F4DCE257CAD940F27BD3BFC6088F04CCD5DCB148BC830 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:24:06.0294 0x12e0  MsLldp - ok
16:24:06.0315 0x12e0  [ 4E2A3EC0FD2CAA099E6265AE5F5D8FC4, 46652CA86F8DB553917954BD6DB137D658356757F0C31716DB68C83E1A48A15A ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:24:06.0316 0x12e0  MSPCLOCK - ok
16:24:06.0335 0x12e0  [ 1E7A81D0EA8949B8018A121EEB9CC2CA, 3375447827803B786056A1CA944E5A136ED75C558967E5FCD6741B0D0D4D295E ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:24:06.0337 0x12e0  MSPQM - ok
16:24:06.0384 0x12e0  [ 20D224621A73F3C9008BD9FE62E0DADE, 246F178F598DBEF46DFFAED624F12E1BC266D0EEC4B137720812C9C0C7DC56B9 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
16:24:06.0404 0x12e0  MsRPC - ok
16:24:06.0429 0x12e0  [ F81A7F496C45B0DED6E528B35F4A23E4, CE592EFE449084F015416431EB5618F04DAF20704FD655998943300F1404773D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:24:06.0431 0x12e0  mssmbios - ok
16:24:06.0438 0x12e0  [ C600E788712EA065ABE4D61D04B4030E, E3A733B578FBF5A070110FBAD7035E17529B5A5DACCDB0A6145021E42E0F60AB ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
16:24:06.0439 0x12e0  MSTEE - ok
16:24:06.0455 0x12e0  [ EA9B2F3183327BF7DBF87DF9EE3F555B, 84F149505921CD1A59CC095F9350C0BDB96F756EB73D85304A699FFEC306C4C9 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:24:06.0457 0x12e0  MTConfig - ok
16:24:06.0466 0x12e0  [ 4BE952B7E402BE567AAB571195286A8F, 961BF17EF11811645F6B1184F8E83D452F8511F7436DF315A12DDFF30332085B ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
16:24:06.0469 0x12e0  Mup - ok
16:24:06.0488 0x12e0  [ 668E7AA69AD85FDB31266C6CA1CF8DAA, 149C3B604BF998FE4C31EFCD620643FB7E4DA81091E7202CD5DC9BE1393446E6 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:24:06.0490 0x12e0  mvumis - ok
16:24:06.0518 0x12e0  [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter    C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys
16:24:06.0520 0x12e0  mwlPSDFilter - ok
16:24:06.0527 0x12e0  [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ     C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys
16:24:06.0528 0x12e0  mwlPSDNServ - ok
16:24:06.0537 0x12e0  [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk     C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys
16:24:06.0540 0x12e0  mwlPSDVDisk - ok
16:24:06.0597 0x12e0  [ 40DA3030C1FEF6B18E7D4ABBE42FBE47, 0D8F4F1F586672E6A897A56DAF0EE7A9044C4833A1BB915F33AA86A466F35013 ] napagent        C:\WINDOWS\system32\qagentRT.dll
16:24:06.0645 0x12e0  napagent - ok
16:24:06.0718 0x12e0  [ 216DAFE7C5D36E581801F11DA15E3071, D141041B54D3991A29245FE48B6148FEE8205AC1AB3AF75C08D2CC055BCC5952 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:24:06.0740 0x12e0  NativeWifiP - ok
16:24:06.0782 0x12e0  [ B8A96B1CE0D3E7D7897D80034513B9D4, FAAA3750D9C58F56EB58F21116A485855CEE0A5BC5907B4DB2D23D7E4E351136 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:24:06.0793 0x12e0  NcaSvc - ok
16:24:06.0816 0x12e0  [ 662EE94EEFD4DA2B1EAAF938290B046E, 405508BA38F9DEDCFB3B3338A2F2C964620C7963C277FB4E492749784ECDD3BB ] NcbService      C:\WINDOWS\System32\ncbservice.dll
16:24:06.0829 0x12e0  NcbService - ok
16:24:06.0848 0x12e0  [ 3F6F33CC346DE5FC6974C2F26EE4820F, 6682C544A7AF7199C5E5D1D4670EBC8C8569369565FDDEDC685908852A41F287 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:24:06.0857 0x12e0  NcdAutoSetup - ok
16:24:06.0949 0x12e0  [ 510E588C03CC104BEF9C284120D07E7D, CCBE54906EFCA0ED7DD209FBD8A245C140741D0D4E1B662FAC545283FBA45819 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:24:06.0981 0x12e0  NDIS - ok
16:24:07.0014 0x12e0  [ 0F380CA6889FDF38A08C7C937F3FE460, 54AF5FE5B7F3A1FDC5A92E6301E3705B8B1B8DD7F63571BCC1E348A42929CBB4 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:24:07.0016 0x12e0  NdisCap - ok
16:24:07.0042 0x12e0  [ 032D38A137562D7DDFB0EDEB24A3CBA3, 5AE647AFAA4E75C262D87A5EB128AA6BAC65194FFA31C7BB1CB71770F78D8A48 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:24:07.0050 0x12e0  NdisImPlatform - ok
16:24:07.0069 0x12e0  [ 76EA8AB4A841F3A6CE0EE9A30E152746, 311575CCF6C1083CAE493E8470474C1F333BE281A3BFDAC58FA2B123CA4D6F05 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:24:07.0072 0x12e0  NdisTapi - ok
16:24:07.0085 0x12e0  [ 1EB78346F1A53377C46D9133CEE19AD6, EFA1DEEAA4CAB05E72449C760F7F9CA7F9444F94584007BF7674C240BC016C9D ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:24:07.0089 0x12e0  Ndisuio - ok
16:24:07.0107 0x12e0  [ BA820CFAC15E8EF380837B2B85C77940, 44D96BAD7BD5555B3F22A8901FE2AFACA948728989353A360D86DD087F6A15F6 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:24:07.0109 0x12e0  NdisVirtualBus - ok
16:24:07.0148 0x12e0  [ F6154644BE059158E352A690CDCD3CF4, 183B92B775F4C3FBF65F2DE9B790299832B9F46BD35F8664B677DAF9250D3511 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:24:07.0162 0x12e0  NdisWan - ok
16:24:07.0191 0x12e0  [ F6154644BE059158E352A690CDCD3CF4, 183B92B775F4C3FBF65F2DE9B790299832B9F46BD35F8664B677DAF9250D3511 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:24:07.0204 0x12e0  NdisWanLegacy - ok
16:24:07.0228 0x12e0  [ FFD5CFC00A007F33B4A0F38F65A8C6B1, D507BA88106F362A04B884A5B93690B6C70CC1628FC218990D1AD17FFDEEBC06 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:24:07.0232 0x12e0  NDProxy - ok
16:24:07.0253 0x12e0  [ 25AEDB0949FA548E2FB3486790F3A459, 5C4FE0B047FB09AB01A2F3CCDCC6B59850910AD8C5B7814AC3AA27B52D0B7AFD ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
16:24:07.0257 0x12e0  Ndu - ok
16:24:07.0274 0x12e0  [ 3EB0E86264A1803D87DF4004C383403F, 07F693700A83D514792428378F6172FCD6B00DA45113026061A0B6CE2E65A323 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:24:07.0277 0x12e0  NetBIOS - ok
16:24:07.0305 0x12e0  [ 2684164D49E715A253987F3C8A7BB8FA, 1F2A14323E4B7940EA2FA70A90463DA0F0AEC091729A961D8C38C27FCF0DC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:24:07.0317 0x12e0  NetBT - ok
16:24:07.0333 0x12e0  [ 355E261B1B3B74818E81DB84D66F623E, 5B1D25A96701FD4D3342B9A9EC4F7A0BF45DFE218E466CFAC4F5D31AE2A28992 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:24:07.0337 0x12e0  Netlogon - ok
16:24:07.0375 0x12e0  [ 541546A7CB65C73D84EBCB0B46E460B1, 1BC62F18F8F60DB6FD4D265306D87B7ADF14BBACAF2E4ECF5ADFEC78800A7588 ] Netman          C:\WINDOWS\System32\netman.dll
16:24:07.0397 0x12e0  Netman - ok
16:24:07.0451 0x12e0  [ 5FFC4266917E0DB4664A84E9B26B0385, 5AC99F46D5B5EF59582EAF43E1D834E26A4F38F0ECB9694D7B20E89FB7FB5A5D ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:24:07.0491 0x12e0  netprofm - ok
16:24:07.0549 0x12e0  [ 9A042217E317DBBB90319B40AA024472, 55E6BDBD3AA02B0574FE775978C8340E8B4021BAA76E57DC9D52143E340D1F55 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:24:07.0555 0x12e0  NetTcpPortSharing - ok
16:24:07.0584 0x12e0  [ 7B97E5FBDE4BF88902AD108878620BD4, A05F2B381FED8C883DE0585253A39B14B0C2D3E3D0FA2CF22295B4FEC701D159 ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
16:24:07.0588 0x12e0  netvsc - ok
16:24:07.0630 0x12e0  [ 4823198D936C3DF69DF6CD23B87EE1EA, 26BC917589431025D5B53AD32AE0263C5EF606DCF8A17A3BECE1EB2CC3410251 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:24:07.0664 0x12e0  NlaSvc - ok
16:24:07.0686 0x12e0  [ 739E42D5C9F889D42728DC7EB6369190, E18075DAE1C1CEEC854FAC66F8A70457F5EB9ABC4D4D6E1BDFDBC3FE8D72D134 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:24:07.0689 0x12e0  Npfs - ok
16:24:07.0703 0x12e0  [ 4DB9171E9793DEA282F9FEBF4CB6F0C7, E24A7367C99F1B599D3C4E67A69CF9D86D620E73C7739A5DB1569E42BF1D928E ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
16:24:07.0704 0x12e0  npsvctrig - ok
16:24:07.0713 0x12e0  [ C19D60C8104EE5A86129078ED5AFCA95, 857BC4E2F352451838F2351F69AC5F68496C0EB8A651EB25467DFEDD2808B336 ] nsi             C:\WINDOWS\system32\nsisvc.dll
16:24:07.0718 0x12e0  nsi - ok
16:24:07.0732 0x12e0  [ 8253448BE26096CD413E0F05CDE08DDF, FEDD07A2CB9E7571BF6A45598F5C9BD4C47031B6AE11FF388D74A8835FFA04AD ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:24:07.0734 0x12e0  nsiproxy - ok
16:24:07.0854 0x12e0  [ B7F528FB975695EFB2E9516F3A87E2BB, B32561FF3862097E36A737F4969624052B22AB89528C1CFA984263E2E271B37E ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:24:07.0898 0x12e0  Ntfs - ok
16:24:07.0974 0x12e0  [ FF472A7055E765498AE52564B1503C3F, 89A6E603238F854AA20F9E8EA4A4D4E281B95ED941A087B7E48FE961D1052CBA ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
16:24:07.0991 0x12e0  NTI IScheduleSvc - ok
16:24:08.0032 0x12e0  [ 710263B44C1D1AEE07525A53401FBE48, 9E30D956099F42A7F8125664E671AEE49A6EDE0C2B717EC9B4488556A386FA21 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
16:24:08.0034 0x12e0  NTIDrvr - ok
16:24:08.0052 0x12e0  [ 5EA693A92E4BBD87EE5672334D2145A4, B58ED64B559F90FE8D857AA1C353D88513C7A72FAE5652352E721EC97405FDC5 ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:24:08.0054 0x12e0  Null - ok
16:24:08.0090 0x12e0  [ 91385FCF5EAAC2EB3F24590A45701D14, B24FFAF809D06963E141E4CEF9AD29D21B57D1B3FD8C4E7CB7644ED09C9AF894 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:24:08.0099 0x12e0  nvraid - ok
16:24:08.0129 0x12e0  [ 83457C95157FFE9755470DF60E7E6637, EA0967C556479454179B3A38B7914911333ABC5F6ADA8AA2F6AB98015DE1EE0D ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:24:08.0140 0x12e0  nvstor - ok
16:24:08.0163 0x12e0  [ 10C8B94FEF347D2ABC650B59245465F9, A0A9173958A0463B6F1876D9DF179B4C82096247CF29F7A53F00F2954796CD88 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
16:24:08.0172 0x12e0  nv_agp - ok
16:24:08.0233 0x12e0  [ 2B8E4C792BED0E5882702720BC528AE5, 6D7CB027BC6014CB268C49B46049CDFF3BA94D07102A65BD053335A28E83D125 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:24:08.0243 0x12e0  ose - ok
16:24:08.0301 0x12e0  [ 5BF2EDCBDB6B27AFB36D0DD66C98793F, BE6F65FDBCFA6E460CB99317DF2D9C3AF134B126B7E10FB8A5CE4A4D1358C416 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:24:08.0345 0x12e0  p2pimsvc - ok
16:24:08.0389 0x12e0  [ 18367C80278AC027F232A64C6A7026AB, 5BF42728FADBD154C6DE86A1E1844F82B0D2D5D89044DBD94707FDF994465FD5 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:24:08.0423 0x12e0  p2psvc - ok
16:24:08.0449 0x12e0  [ 348172DE26295E919E48325356367784, C489BB76CC0FE3389FFB0329C184A9558C8CAA81256B2B58FAF42700A8774CB6 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
16:24:08.0454 0x12e0  Parport - ok
16:24:08.0478 0x12e0  [ 4A7C08BD6F017BEB48CE453AFB6EC621, 294215A0378DEADC7BE8A5D66FC9F7198FC7DE6B0C264E252E196975311926AB ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
16:24:08.0482 0x12e0  partmgr - ok
16:24:08.0527 0x12e0  [ 0D5A919B9B634821C2EDB8879016ED2A, EBE7057AABD63CF786CB86FAEC922B1C2E18906F6FEA146D5214EF2EA2C09E00 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:24:08.0573 0x12e0  PcaSvc - ok
16:24:08.0634 0x12e0  [ F14BDF81663ED1CA1E39C19149C69264, F7C0564E857B4ADA758D9B5E97F7F94836CB70E7D7E5D181F1E3D7EA22CEFA4F ] pci             C:\WINDOWS\system32\drivers\pci.sys
16:24:08.0651 0x12e0  pci - ok
16:24:08.0665 0x12e0  [ 83B4AF46DED611EA601C47A746124706, 8B0D386025169779D3F635F2DDFA2AEB703D8D00286305572E3DD4252CC3AB45 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:24:08.0666 0x12e0  pciide - ok
16:24:08.0691 0x12e0  [ B3463103232FFB2FCA653D90401D927C, B21A0736C6D18F360F6EFC2EA67B04A1E63A3717FCC078BC80918BBC54B9A5DA ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:24:08.0695 0x12e0  pcmcia - ok
16:24:08.0704 0x12e0  [ 9096D25F0A80FD6B73A144A28814B067, 5105676A746020BC1C9AF8CBBD420A37ACAEA9FE3F4FD639C0283123234E9575 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
16:24:08.0706 0x12e0  pcw - ok
16:24:08.0717 0x12e0  [ 958CD411BD2C90DE1E7F05CE07597CCD, D768E85C7601D6E9EBF61C333631708C8EB913D50797927C2996898556F13482 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
16:24:08.0720 0x12e0  pdc - ok
16:24:08.0786 0x12e0  [ 501CEC352CEB8A7B46B7F6A325CA4AC3, 282607F56479AC1786323B10829F1A50236176059132C24AF8E3D2DA2370596E ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:24:08.0806 0x12e0  PEAUTH - ok
16:24:08.0887 0x12e0  [ 411FA5E9BEB064C1DB5989EFF6139725, F5848C5112248522FEC310F4ADEB4142889DD4FBBFF15E2CD49D5A0A331A11BA ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:24:08.0892 0x12e0  PerfHost - ok
16:24:09.0020 0x12e0  [ EB209E6CA121C7B37E94C0922990419A, 9AECC2DC4BFDDB4547A83E496490B4FFCE5247660DBCDEA9F3C65848280F50C4 ] pla             C:\WINDOWS\system32\pla.dll
16:24:09.0087 0x12e0  pla - ok
16:24:09.0128 0x12e0  [ F32027C62CE671B09A7078183F961545, FFF87739DCEEA27F16005401E7E9A203A8044626B6E7170EE90B77E746A6D9CB ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:24:09.0135 0x12e0  PlugPlay - ok
16:24:09.0152 0x12e0  [ 340AA366D64934145EAFF230B767817A, 38B1F54CDF7A41EA5CDED820908BB20C85FB63CFF90B9AEC7DE7710CA0D51A87 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
16:24:09.0156 0x12e0  PNRPAutoReg - ok
16:24:09.0192 0x12e0  [ 5BF2EDCBDB6B27AFB36D0DD66C98793F, BE6F65FDBCFA6E460CB99317DF2D9C3AF134B126B7E10FB8A5CE4A4D1358C416 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
16:24:09.0207 0x12e0  PNRPsvc - ok
16:24:09.0236 0x12e0  [ 11EBE37574A6F685FFBE3A4B3838CFAD, 581B36FB4C8EE923D35E4DA7BE570CE89D0CB0A5BFDD1502B740795F77E3ABAC ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
16:24:09.0266 0x12e0  PolicyAgent - ok
16:24:09.0278 0x12e0  [ 85A6F1D351CD5B634506E80CD4B98EA9, 5AFC81ECCCDA519468935D0C2F9124D7287667EC3B155B90BB997998F4F210D9 ] Power           C:\WINDOWS\system32\umpo.dll
16:24:09.0284 0x12e0  Power - ok
16:24:09.0463 0x12e0  [ 061C763FC9475BEAA659F5F53838424D, 43A0D6C575AD5BF5D79C172B3AD455C8DFF35F4D4BE0D3087658BE0D8999A672 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
16:24:09.0526 0x12e0  PrintNotify - ok
16:24:09.0558 0x12e0  [ D8CD91AF8D08C84306FE8B352FD526CA, B29CD7D4BDB31121A6E4A89522930BCC6FE5E43F0BDCE96D68855FB0F2327787 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
16:24:09.0560 0x12e0  Processor - ok
16:24:09.0599 0x12e0  [ 5649C40E34CEB8E732A91B357DEDA758, 51549EBFD4003C50D3D26E163D5F569528CB33F4EF8AF439BB2D5CABD94F5552 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
16:24:09.0621 0x12e0  ProfSvc - ok
16:24:09.0650 0x12e0  [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid       C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
16:24:09.0653 0x12e0  Ps2Kb2Hid - ok
16:24:09.0682 0x12e0  [ 861D6A056E7E898398902D6CF310886A, 03AA8C3AC3A9770EA4E2F88A12A0CB0A3C6DA3DDA0ED7BBB1C3F45DC0880B347 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
16:24:09.0690 0x12e0  Psched - ok
16:24:09.0741 0x12e0  [ 73AB36A47800676ABD21DD38D5887DCE, 097E07F36DCD804960A6CEF312D327C912D0C2A9AB3F72CFD9B8CE0FD040F0D2 ] QWAVE           C:\WINDOWS\system32\qwave.dll
16:24:09.0775 0x12e0  QWAVE - ok
16:24:09.0819 0x12e0  [ 49481354312047A7CD978F7B9927D7EE, 359F0F927166E0E74D5D1171D7EAA9A1A4DB4D0FB8924C07E5B982851A26C518 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:24:09.0822 0x12e0  QWAVEdrv - ok
16:24:09.0862 0x12e0  [ D02F54EB5C14622F1623848E168EDFE0, F710D3A1B30C09B15FCC26138BC0C895EF87BBC6FC88F6BBD8FC8EBFC28C61B9 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:24:09.0864 0x12e0  RasAcd - ok
16:24:09.0893 0x12e0  [ F9686DD70535397E932771B86DF8CC7B, 7EAEB6A8E0C21E3BC23657A598B4F5AB10C93B627483123E343ABFA05F1D67BF ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:24:09.0905 0x12e0  RasAuto - ok
16:24:09.0961 0x12e0  [ EDABEB9A15F00FEBD2C0AFD35AA761BD, 07704149D8809D748BF3D59EBFC37DAA9D384708D406D6B85899BBC8BE1D51FC ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:24:10.0008 0x12e0  RasMan - ok
16:24:10.0043 0x12e0  [ DFBC2651841E20E517FD5EF0DF43C520, B40D969D15EF92B2310969B093FF4A89CBA64AB7148330FF324B0324128F2EAF ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:24:10.0049 0x12e0  RasPppoe - ok
16:24:10.0103 0x12e0  [ 4C24EE03D9152EBB9CF3629D142AA5FC, FA597CF0C92E62E8695FD1D348E723A88AB39CE58992E6A87F8FFC7108CD5C10 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:24:10.0125 0x12e0  rdbss - ok
16:24:10.0144 0x12e0  [ CE3ED542D0970012FFA26F89E06BE4FF, 55E0CDED77C85A6F16E3B984E8B399459164FBF96A4CC3A692F9199CEA10C62C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:24:10.0145 0x12e0  rdpbus - ok
16:24:10.0168 0x12e0  [ DE261B66E0F01AB2713B722D80212B3C, 4D9E9B757154D94503440AC32B06AFB1B558E37B9C2F71B960FF8E485E92CD2A ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
16:24:10.0174 0x12e0  RDPDR - ok
16:24:10.0221 0x12e0  [ A3182C4FF102B2EC59D7DD027C4CCC17, EB44F3D2AFBE41FB3729B4741570BC4910CA317FDD4A1017282A6D86BB7B0F8A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:24:10.0223 0x12e0  RdpVideoMiniport - ok
16:24:10.0245 0x12e0  [ F6831DD624E11991C0537CFDBD4A47A4, 27CF8F2B27E766D5C4B435E4F005E4A6B4BD3D9E3A1B23362739A41BABFF40F7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:24:10.0254 0x12e0  rdyboost - ok
16:24:10.0332 0x12e0  [ 48C23CF11607EC08735FB177574269BF, 25078C92B1F3280A993A4D7E1AE159B5430C5EFFCAEBB7EF1A3708F4DF10316C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
16:24:10.0354 0x12e0  ReFS - ok
16:24:10.0637 0x12e0  [ 368D43FD339B725594A44778351D16B2, EE7C221C9DF492435EF83B8AEC8E2AC105F1787903AAEFCAA5C38102EBD4658C ] ReimageRealTimeProtection C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
16:24:10.0747 0x12e0  ReimageRealTimeProtection - ok
16:24:10.0783 0x12e0  [ 367942DD89D5FCBE1AE33EEADAD360C3, 152DA50424356ADD83E7B123996ECDBB7FBC54A7A5C42143B1942F601D59BF35 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:24:10.0791 0x12e0  RemoteAccess - ok
16:24:10.0827 0x12e0  [ EB4038AE941F1A955A68C6F64528E80D, 90DCE16A54E8F7A28F9C38787A379D727F1EC69B4F5330B12F966DCA251734B8 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:24:10.0842 0x12e0  RemoteRegistry - ok
16:24:10.0874 0x12e0  [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
16:24:10.0880 0x12e0  RfButtonDriverService - ok
16:24:10.0923 0x12e0  [ 07381477DBE3C8797A07322FCD5BF0D2, CE2CFE44E729C952BD9E23A0008A6897E0414EF6AB544792E8F4117EBD88057E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:24:10.0934 0x12e0  RpcEptMapper - ok
16:24:10.0969 0x12e0  [ 8531403467F14D2FCB4F823CFEF348FE, 26A7AE61C469720A8BE3BB089104758A33A8DCC8826677C6C6273E762A0FB182 ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:24:10.0974 0x12e0  RpcLocator - ok
16:24:11.0038 0x12e0  [ 0A5D7B49DDE56316CA11EA0FEDD364AD, B8676EAB4D6171A53995B52A4A3885579A721CCBDCBF80837960CE432BA6A607 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:24:11.0070 0x12e0  RpcSs - ok
16:24:11.0101 0x12e0  [ 4F9C8A2FAA7FA8708A5E3BB79D3CD777, 5FC7BEB25C42B5D306F210A0320084AE2B0C07CEED3E41CE7B6BFAA6A89CE9F4 ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:24:11.0105 0x12e0  rspndr - ok
16:24:11.0120 0x12e0  [ 886B4D95A6F08571EEE1480141016943, 579111039EA06F6C219C554CEE340D77E3DBB911259D1B28F61A25C6BBA19C8B ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
16:24:11.0121 0x12e0  s3cap - ok
16:24:11.0140 0x12e0  [ 355E261B1B3B74818E81DB84D66F623E, 5B1D25A96701FD4D3342B9A9EC4F7A0BF45DFE218E466CFAC4F5D31AE2A28992 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:24:11.0144 0x12e0  SamSs - ok
16:24:11.0147 0x12e0  SASDIFSV - ok
16:24:11.0156 0x12e0  SASKUTIL - ok
16:24:11.0196 0x12e0  [ 15570F84063937CA8BE2C932B38B0C9E, C986F095DF4A5EDE1947CFD9D6D3A41187BDA2A6E7406F818C17F16735B81E85 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:24:11.0200 0x12e0  sbp2port - ok
16:24:11.0244 0x12e0  [ 50515FB0CAB2B57EC897E02D15A93E1B, 1D11CA6A61180D63601701605D568303D4A9E2835C79CBA34F42244D2A51B66C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:24:11.0266 0x12e0  SCardSvr - ok
16:24:11.0300 0x12e0  [ A548DAC21C677C2BD150FF5F5A141D7D, A3B3A9961603728ACCA4967A4E873B856C14D14F12269C7F6342C00EBCA0C6D5 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
16:24:11.0323 0x12e0  ScDeviceEnum - ok
16:24:11.0358 0x12e0  [ 7779582D4A43F2DEF21272EE8B24A0CC, A4995D88524FC983B427D9CA0810935CFAF8C0D8CACDEC3DD97EBC26EA202F4B ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:24:11.0362 0x12e0  scfilter - ok
16:24:11.0456 0x12e0  [ 334D13CD54D8417374BE3FB344EB568E, B95B468A898E971473B46B11B52C54F9BB1D9EAA743CD09B7BA7CF4EB3FDE1D3 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:24:11.0528 0x12e0  Schedule - ok
16:24:11.0559 0x12e0  [ 8DDF8E236CD88EE9CA3C8A40900DA63A, 075DE602220597EA309E44DC3B52B4F46D123161F8522E6AB43976682715644B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
16:24:11.0562 0x12e0  SCPolicySvc - ok
16:24:11.0581 0x12e0  [ 632BE5B05F072065227FDB8170C4AFCC, FD0B1E23341ABC7CAA383D91601DA528B73C6A5474AE09465227323F5B635822 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
16:24:11.0587 0x12e0  sdbus - ok
16:24:11.0611 0x12e0  [ 4E7D90C811D59C7A400D26E3A087E44E, 4DAF086316E5BC693EB54CA576C53282574FD01453CB7E888021F222E0E6A4CE ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:24:11.0613 0x12e0  sdstor - ok
16:24:11.0638 0x12e0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
16:24:11.0640 0x12e0  secdrv - ok
16:24:11.0670 0x12e0  [ 557119A4E5E8E6094529A7EA8342311A, 1FCB13FC4438667C2679C6D288C521ECDD314B2208F7D3592F7E5FF939BB0916 ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:24:11.0676 0x12e0  seclogon - ok
16:24:11.0702 0x12e0  [ 5361BB38551FF8D7795489E78B9C802C, 596E6F41F5280A3A8C28562919778CDDDC98C69C8280B72FEFEAA3050D46A8C2 ] SENS            C:\WINDOWS\System32\sens.dll
16:24:11.0711 0x12e0  SENS - ok
16:24:11.0746 0x12e0  [ 94980EFEBF7350DCBABE0049BE9F92A8, F618F9F4ED89283C04DBD13C83674AF90E3E98D8C828E1A8608352D2B2029462 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:24:11.0777 0x12e0  SensrSvc - ok
16:24:11.0805 0x12e0  [ AD6B89B4D3A0C6DCF3EDF47E7B59758D, CCBBC98C9805B90359026BABED9B378F28B8809C9016A2767AF3FAB2AC477BB4 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
16:24:11.0809 0x12e0  SerCx - ok
16:24:11.0833 0x12e0  [ A88BD01E1B2463EE39C6C13EB724BC09, 30FBE8E25E57D7AF93DCE3AF75177FE9F84405F23DCB9623709EC3292F6A34D5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
16:24:11.0843 0x12e0  SerCx2 - ok
16:24:11.0868 0x12e0  [ 5F8FBD09F68D6B67095873C7578C7082, DE6037D8137C3C7D623CCE7ECF87239AC4D9BE2E00BB6BC8A584FE719DED6DB5 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
16:24:11.0871 0x12e0  Serenum - ok
16:24:11.0927 0x12e0  [ EE157F359727A814845336498D612A91, ACCB9CDADD23D696CE7DD44C22494FCF5E280DB92D25EEA9FA3F4AA686428780 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:24:11.0933 0x12e0  Serial - ok
16:24:11.0956 0x12e0  [ 5D44BD3EB3987A88FE3B35E447E51871, F8EF196C88284261861A28C35FE6CE9D79927E13D75C446815E2C8530447138C ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:24:11.0959 0x12e0  sermouse - ok
16:24:12.0028 0x12e0  [ 9D864E1A3F6C8640E2BC12AACA25D6D7, B9F6EE0673E4A0C76752A24F9680AF2603ABD74FB84645749D4D87CEF7D32442 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:24:12.0069 0x12e0  SessionEnv - ok
16:24:12.0096 0x12e0  [ 0433259F1C7D50CE9C99ACF6D5574127, 8491F00674559BC3D46BE3BB124632D9AF8559A65B2CFB7DC758F65B9E93A253 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
16:24:12.0098 0x12e0  sfloppy - ok
16:24:12.0149 0x12e0  [ C004269B7268BC60FF31783F3E323D9F, 8392F5DBF89BDB4D1F8AD919D1A16E332E68021CE0E61AB44630DF33F2CC136E ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:24:12.0194 0x12e0  SharedAccess - ok
16:24:12.0273 0x12e0  [ 3EA21924EB4D99A63A37078118E3F883, 672834ABA018A1082B0A0F670CBEFA27A78242CED339310DDEDDC5C8A9C3C539 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:24:12.0334 0x12e0  ShellHWDetection - ok
16:24:12.0372 0x12e0  [ 4C8A42EB76E9CDC4976D8B504E157B8C, 5E42AF2F3157F815596C5DDE1FD6E0FA3772517F424BDF1236CE991C482640CE ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:24:12.0376 0x12e0  SiSRaid2 - ok
16:24:12.0395 0x12e0  [ 8D35F08B262824E6975D1AF3CD6CD762, 2444B88CBB3349EBB8E68909640B5B39732DB721F042AD72DB7B0D2AB015D027 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:24:12.0401 0x12e0  SiSRaid4 - ok
16:24:12.0431 0x12e0  [ B4F6AE5A1252C2CFAABAE013FCF598E5, 9E0CEFBB2A87011D9EBBE25A01409AA5546698B566EA39F3A6F20AAC09278B19 ] smphost         C:\WINDOWS\System32\smphost.dll
16:24:12.0438 0x12e0  smphost - ok
16:24:12.0479 0x12e0  [ 7EA1900D00054149CAB9E2E3A879C431, B1BCCBBA6895D2DEE5967D47B6913238311A52E9A868EA2B4D8F5422DDF74128 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:24:12.0486 0x12e0  SNMPTRAP - ok
16:24:12.0543 0x12e0  [ 9588560DD22BEBAAD72BEA0B6D25C9D1, BD2E5E29E30504F2FC4CE93CE6DE4B6B60664974798AF7077DD20606238852D6 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
16:24:12.0560 0x12e0  spaceport - ok
16:24:12.0579 0x12e0  [ 17440197B7EC047356AB2F2BD2FFD6EF, B662EC2A5A2EDDEB80F4AE044FF4EB7005C1C7417AA6F1288592E5D73171A653 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
16:24:12.0582 0x12e0  SpbCx - ok
16:24:12.0631 0x12e0  [ 2A221150C9424A57DAD6A4EC8845EB87, A5E4F48758CFD0D4D401FAE30D484058D3170EE94A53F19D43D3A49061DA1320 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
16:24:12.0653 0x12e0  Spooler - ok
16:24:12.0905 0x12e0  [ D77DB02970D05B63677435B64FB05B7D, A1411A80DCE2FF94E27495753D102909D3055AE7581B37C0B5A1A4E44AC6C1E9 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:24:13.0033 0x12e0  sppsvc - ok
16:24:13.0067 0x12e0  [ D8D84C85FD19260EF63187AECA57D9C1, 8E60331B370ADA5BF7E2B57B3249D4AC44784C3A3BFE7F232960ABDCE3D13CB1 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:24:13.0078 0x12e0  srv - ok
16:24:13.0136 0x12e0  [ 860161CBD6E0C09EF3FA42AD678C20B9, 0F9F5F9A6A9A483978C1C90D90CBE406CA710B828FB03F066E81A5D95B3E0973 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:24:13.0165 0x12e0  srv2 - ok
16:24:13.0181 0x12e0  [ B030836F4400674703EBED85414073AA, 97D5A68EC72B3FB29593AA70C9C458A4AF05057EF01743E77280565566C231E5 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:24:13.0190 0x12e0  srvnet - ok
16:24:13.0221 0x12e0  [ 61660EE26FA0D9257212D4BC8E1B9CBC, 708EB7C4A8F19CB9DD512558DD606535472D3F7A115B35AF9767997AB7F7450D ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:24:13.0244 0x12e0  SSDPSRV - ok
16:24:13.0273 0x12e0  [ E472A057C5033A6611B11287C05469E6, FB1632EBB07741BEE7A8B23B4234936B0408DA175CA68C5ADA0C166DFAFB5E3D ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
16:24:13.0282 0x12e0  SstpSvc - ok
16:24:13.0295 0x12e0  [ 59B6854BAD57BC4604DE62FB930D3DF8, D86A3BED0CB66833C2CDAA0C0E686BED5776D16A2DE8B7A3EAAC493030888126 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:24:13.0297 0x12e0  stexstor - ok
16:24:13.0361 0x12e0  [ 71A2AF2ED638D43F3A1251A4B3DDFAA7, 2345EAE78CCD82BB2E34C659115EBAC764123D109B40B1AA4845A76A6534B3D0 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:24:13.0425 0x12e0  stisvc - ok
16:24:13.0463 0x12e0  [ A0E9E65643E34046DB005925FDAD968B, 6736E1F7351C5048C966660295EBECBA82084406125BAAD207522CE66D7DDD33 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:24:13.0467 0x12e0  storahci - ok
16:24:13.0485 0x12e0  [ 7A7906681D4B2CBAB06FD0E2DD2CA232, CC330B8A17364FE94B687124A6755AA5DE874C264B793D3808A259A464156397 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
16:24:13.0488 0x12e0  storflt - ok
16:24:13.0509 0x12e0  [ FE523B7798BB559D433EC73DC3C08037, 08B8A5347C343253C6B7470C706494B2A66A4177024EC07A4BD325BF4D5D9DA4 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
16:24:13.0512 0x12e0  stornvme - ok
16:24:13.0537 0x12e0  [ 62D363F95E454B5579FCB1B28E6EB3E4, FCB4E1BDBE595193EDCBD45DBCB7C2E2A352964B1BF2AC72912108B668FC8454 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
16:24:13.0542 0x12e0  StorSvc - ok
16:24:13.0561 0x12e0  [ 3833C9B32268C3BB9565046F84D49ABD, DEEE1B19E2252FE19BECA4D97D20862A17644F61D41B9180CF7B86E21EC5B275 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
16:24:13.0563 0x12e0  storvsc - ok
16:24:13.0590 0x12e0  [ DF17A551D350B8E63E916B8546EF535E, 4A8D231E69213AEF554C7EDA03B392444517833463BBB829D73F59061706C498 ] svsvc           C:\WINDOWS\system32\svsvc.dll
16:24:13.0594 0x12e0  svsvc - ok
16:24:13.0608 0x12e0  [ 893D6636473461B83BFC65CF6D70C906, 694AB50BCE6E3D377014EB9BA333E5E6DF96DC9A7E765927C9F98D5C2A4CA045 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
16:24:13.0609 0x12e0  swenum - ok
16:24:13.0664 0x12e0  [ 86B3DB80ACB4FCF20BC629C897343DEA, 3CB9493FCED99A2203A1BF450100DA860214F9F4A7396C721426B5C4D1AB4349 ] swprv           C:\WINDOWS\System32\swprv.dll
16:24:13.0709 0x12e0  swprv - ok
16:24:13.0822 0x12e0  [ 97050397B5AA2F1A654E64F005253585, 19B051131A60CBE96D043AA26DDCED6116B0314A547285E0F48ED28B273E91D8 ] SysMain         C:\WINDOWS\system32\sysmain.dll
16:24:13.0890 0x12e0  SysMain - ok
16:24:13.0954 0x12e0  [ C8AC3E2795061519D9B02D5D2334BAD7, A9913F31654AA55069448BC45D7D136AD04BC1A14DA21DE10C9D4B2DFA8D93CF ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:24:13.0988 0x12e0  SystemEventsBroker - ok
16:24:14.0020 0x12e0  [ E7570EECC364647E2F8C5114D4B63CD4, ED73409DA5A327BB914AC4F4D2DAED3FAA124D382B731DA1CD74143BB285DBE4 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:24:14.0043 0x12e0  TabletInputService - ok
16:24:14.0091 0x12e0  [ 3E2E74B25D63A60996DF8F453128FA88, 5DDE2219FAD282D745BD16032874A9382D17AF69765835215B425853346C172B ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:24:14.0125 0x12e0  TapiSrv - ok
16:24:14.0295 0x12e0  [ 3583E8BDABEA1CD81727E1CCCAE55FBA, E29B5511DEFC2BC1AA03FD7844D7D18E068F95D5BE88A27DE5C8D4C7F628A60B ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
16:24:14.0347 0x12e0  Tcpip - ok
16:24:14.0438 0x12e0  [ 3583E8BDABEA1CD81727E1CCCAE55FBA, E29B5511DEFC2BC1AA03FD7844D7D18E068F95D5BE88A27DE5C8D4C7F628A60B ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:24:14.0490 0x12e0  TCPIP6 - ok
16:24:14.0520 0x12e0  [ D53E0362CB029677CC17E7063ED23B28, 74FFD70AD511B4B4D138C556E3A1DB5F1EB3ED4C8875A08F266DD02F83AE5ADA ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:24:14.0521 0x12e0  tcpipreg - ok
16:24:14.0531 0x12e0  [ 6F1FBE838430034D60080439091C7C8B, DE4977A7A8D35981835D01ACA87AA2EC3EAAEFEEF8D4F1D73DB7B5272B23DBBA ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
16:24:14.0534 0x12e0  tdx - ok
16:24:14.0547 0x12e0  [ 7DA14CDF599216A155E17A6621B2F197, D081A9BAF6B2B4F9C139A7E7A04FCEEE879CBD2860D72509C1AE4C7EFFE03A02 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:24:14.0548 0x12e0  terminpt - ok
16:24:14.0607 0x12e0  [ FB594ABDC35400FD022B6C40A98414AC, 3BC2D5E189B6AAA8955E32CF715E9ACF7998402E9A4402405C1115EEDBF6E52C ] TermService     C:\WINDOWS\System32\termsrv.dll
16:24:14.0684 0x12e0  TermService - ok
16:24:14.0705 0x12e0  [ BDF96AAB5D310F2183E20B2E8F7669B7, A2EE643F60442537F2DCBBE1DDF869522EAE4EE55C69A07EA2FBA83F02A99776 ] Themes          C:\WINDOWS\system32\themeservice.dll
16:24:14.0712 0x12e0  Themes - ok
16:24:14.0739 0x12e0  [ FC9FE5DB6866E28ED4CB4FEA31EDDF16, A0D1456824D9AA4FC3DCC8ABE313AE415473EED068ECBF43D2D7D719AD8BF71A ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
16:24:14.0746 0x12e0  THREADORDER - ok
16:24:14.0796 0x12e0  [ 0C144045F8A5C8612D9002040A75A542, EF1C5EC7EFF3CB50B1B9EB518BA57FCB07BBAA22E3AC3AA593A1E112B341CC9E ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
16:24:14.0830 0x12e0  TimeBroker - ok
16:24:14.0866 0x12e0  [ 218256C18D67B2A6D1DD3F3ED10323CB, CB767CC437296BAEAD777D8F8BAAEA79973391E5F983A93A5FF033F646897F0C ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
16:24:14.0877 0x12e0  TPM - ok
16:24:14.0916 0x12e0  [ CA370D91C9F34D1E16AFF0EF62FFC051, 4406AC7419927332221035B2B03325B4BAFE6A4D6023B3DEC68EFB2412CDAD05 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:24:14.0938 0x12e0  TrkWks - ok
16:24:14.0988 0x12e0  [ B920DBC09457F1EDA8AF84ABCC249911, A276972777D0C9693CCC2B3C6338428DDC9CFC2021064FCB8D2EAC0FE83B20B7 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:24:14.0995 0x12e0  TrustedInstaller - ok
16:24:15.0045 0x12e0  [ 0B3799DFAE05073CED0554DFBDDEEAA7, 2DD1B048F43FB4D4921CCA5CED04E3F2C50466EEAA87FEC49F682958A2B666A3 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
16:24:15.0049 0x12e0  TsUsbFlt - ok
16:24:15.0071 0x12e0  [ 12A659D0FE26D3BDE58C047F14DA8DF5, 2F97734CAEAD3E25411F7D14F6CCF241AB842F4B77D29FBB1E21DC55CE2DCDA0 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:24:15.0074 0x12e0  TsUsbGD - ok
16:24:15.0100 0x12e0  [ 1BF08CF3A8911070AA39DC13B5E9A1E9, 1A6C5FFCB5D66E76F19CC86EC09F62F32C0E9ED6E9D0B3CD4E7E5EA99BAE2C39 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:24:15.0111 0x12e0  tunnel - ok
16:24:15.0140 0x12e0  [ 06230AC9192E4CAF8D64836B037165E4, AA095729B5955FCBB8F9A5EB2BD4C55FA9BC22E72CEA4865BC1F591C5F01A058 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
16:24:15.0145 0x12e0  uagp35 - ok
16:24:15.0169 0x12e0  [ 5ECCA592CEB38FADFB64D2B2D38EC9AB, 0B7F37D7CE39F651AAD6727CD017EBC75E2918EECD1BE44D6FB8F723C4CD75FC ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:24:15.0175 0x12e0  UASPStor - ok
16:24:15.0218 0x12e0  [ 69CC6087483FCE6AEBF1DF5AE791044F, 64A2699447049F77A4A5469537F81124114978BF356C079B123B79782EDC760A ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
16:24:15.0220 0x12e0  UBHelper - ok
16:24:15.0264 0x12e0  [ 12FA276D9C1BFB794E7F9AEE5C694A72, DC79655722CD3447DDAD980BA04CA0297178BCA7C4B498FE18A3D4A3387722B4 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
16:24:15.0277 0x12e0  UCX01000 - ok
16:24:15.0308 0x12e0  [ 1CBE60946F36D07329968959532DBF17, 8E6B46A4277AA44331795F50955AA24337553FD8F65ECD956AD073FCD08F4F62 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:24:15.0321 0x12e0  udfs - ok
16:24:15.0353 0x12e0  [ 0B30FC2AB184A8242B9E6C618F582F30, 7C9544340A1C2E8DFA766BD59A6F4B357C17EDE6BDFD23E40C2324C921FA67CF ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
16:24:15.0355 0x12e0  UEFI - ok
16:24:15.0386 0x12e0  [ 03C211AE3E573F509F3FDEF84BF9C978, AC8A7861346E390A2BFFD42FE007ACB9F2507CBC05550D7D7B685A7D2EE1825B ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
16:24:15.0393 0x12e0  UI0Detect - ok
16:24:15.0417 0x12e0  [ 7AECA2AF36D7A24183C35A2EF689EF99, 7D0BEEBBA8237338118DF0998685680FD7F714FC4F498FB07FE0462F213A393B ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
16:24:15.0420 0x12e0  uliagpkx - ok
16:24:15.0452 0x12e0  [ 858AE2CC9F631A7A81301ABE2C600D96, 524EDB1A6E8CC3DF2A225340091F65CE28ADD4CCF96F37E55C9978114C813637 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
16:24:15.0454 0x12e0  umbus - ok
16:24:15.0471 0x12e0  [ 3FD362AA0510A9CF054D8A80C076F54C, F72B106302B2B2A5883BAC1602C1BF674EA448605ACDE8EEFE91DFB2E810FEE3 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:24:15.0472 0x12e0  UmPass - ok
16:24:15.0516 0x12e0  [ D451DF60B2EACDE365E944975AAB6E51, 1FD2A5D3C41F32A17CFABC8E300CD7A573919C61F3A727CC72154AD03226CC7E ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:24:15.0539 0x12e0  UmRdpService - ok
16:24:15.0665 0x12e0  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:24:15.0688 0x12e0  UNS - ok
16:24:15.0760 0x12e0  [ 23B1AF95F6717867F71C84CB1D659CD9, C94547A674292CDE93F69A654B7566F34A7194853CFE274ED9B9243FD7779644 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:24:15.0805 0x12e0  upnphost - ok
16:24:15.0869 0x12e0  [ BC6FEE865E84A98ADADB933D8BEAAA95, ED7F9B89D6C130FD24FCA005F2A04FEF8C7F4FC1E4F92CB2AFD2F5EC7BE06DF2 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
16:24:15.0879 0x12e0  usbccgp - ok
16:24:15.0918 0x12e0  [ 2DC630261AF254E36A84F59FC410EEE7, BEC8BF213AF9AA3C58B8934CD3BA248D67F57CE541F4C0FCD30019B497A0E14D ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:24:15.0927 0x12e0  usbcir - ok
16:24:15.0966 0x12e0  [ 7CEBEF9AA881C2BEA46317D07ACA86FB, 959C34539C38C66A9EE5E01958A5FB26C9C0F115C83CBE83EB1B27D8DB16F4DB ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
16:24:15.0972 0x12e0  usbehci - ok
16:24:16.0032 0x12e0  [ EDF8C870AEA15DCF4B64C6232E8494D3, 8DB0531FFD3019C58F07BC9A2E5B27FF67D253753789F79AC82B2FCA1A083AC8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:24:16.0051 0x12e0  usbhub - ok
16:24:16.0084 0x12e0  [ 961B533ADBF9A53313BC3BC35E98B927, 3AEE65347F1160E1028584738CAA4EE6F8600D36936953954E1B5C1E1DE2BFE8 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
16:24:16.0095 0x12e0  USBHUB3 - ok
16:24:16.0109 0x12e0  [ 396F53AAAB9885A6740BAB60D964ACE7, 6C5D4591EDE8C3728AB5EE496FE0EB65B007E234049EFD13E061D73FFA5AE83B ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
16:24:16.0112 0x12e0  usbohci - ok
16:24:16.0124 0x12e0  [ 1A46778F79EA56F092748AAD60AD1267, 3E15CFBB5E5A940C4D252743CA1DB28A54820887F41D25FD358739392CC1444E ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:24:16.0125 0x12e0  usbprint - ok
16:24:16.0156 0x12e0  [ 291ADDEABF1AF00C506DBDE9EBD56B78, 0F467C7435C2F63C75964FE7C5B881D7A7E9E76232C90E48FA17AAF0BBE566A7 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:24:16.0164 0x12e0  USBSTOR - ok
16:24:16.0184 0x12e0  [ 2392381BA426FC95C41C303D7C6D61F4, 91464616B44D4B9842769E5A801650A06C229DE504BA8A252548909E15FC2A5A ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
16:24:16.0186 0x12e0  usbuhci - ok
16:24:16.0239 0x12e0  [ B822F10D29E5C98F39809E7DBBAF449C, 001CF404CB6CD6C5ED305D63D98DFAA1DC19B6A27F8709FA5AFD83A9BCF3905B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
16:24:16.0253 0x12e0  usbvideo - ok
16:24:16.0299 0x12e0  [ 6C32EFD76AFB3D08089221F725008299, 431F45CEF0074FD74F21CFEA7F387AAEE4AE942A6AB886C2FFDBD51FF51BBC0D ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:24:16.0319 0x12e0  USBXHCI - ok
16:24:16.0348 0x12e0  [ 355E261B1B3B74818E81DB84D66F623E, 5B1D25A96701FD4D3342B9A9EC4F7A0BF45DFE218E466CFAC4F5D31AE2A28992 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:24:16.0355 0x12e0  VaultSvc - ok
16:24:16.0386 0x12e0  [ 6E23937B059B9D4584D97DC27CD9C315, BAF39957EA1A0F410C55883AE9FCE2971866263CCC66044B3E96846AF11094EA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:24:16.0389 0x12e0  vdrvroot - ok
16:24:16.0500 0x12e0  [ 277C12538F29E50BE363BF987072A4E1, DD8E403288A50286E08D706C04BFAB9AC880FA3267ADDBD8C9DA46DF6B254036 ] vds             C:\WINDOWS\System32\vds.exe
16:24:16.0572 0x12e0  vds - ok
16:24:16.0595 0x12e0  [ AAA29EBF0B44EA790E8998F9E6FC72AD, D9BA80BD331F24B57A38E333D6C2A8D5A4AD83738A2877812C7A3B5E1945A0AC ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
16:24:16.0600 0x12e0  VerifierExt - ok
16:24:16.0629 0x12e0  [ 2927C29C1A0100E2C19A46005CC89766, 08F2A1467399183DA410A07D730C0C23C22E4CFD67044DDF8AACC515C48D5ECC ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
16:24:16.0641 0x12e0  vhdmp - ok
16:24:16.0661 0x12e0  [ F19AB35E723349E3043AB4D82359A624, FC7092714BBB92796F6D43C83849524CD83739401A09189F2C4EDA1F9131ABCE ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
16:24:16.0662 0x12e0  viaide - ok
16:24:16.0685 0x12e0  [ 87FC5FD85C3AF98A3119F56D5769396A, 6556376BB8844E4B433E5539C21B90A32A23FC58CEA20093CC5778D5FB395A9E ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
16:24:16.0687 0x12e0  vmbus - ok
16:24:16.0764 0x12e0  [ 85F68A42015F7FC81F790654D4346DB9, 8FA46CF825F949C39C219D0E9E6B64B41DB1A5E2C756782D04D5D98FF2E31C2E ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:24:16.0767 0x12e0  VMBusHID - ok
16:24:16.0835 0x12e0  [ 6D54708A17327FE25EE308E8576DC002, AA8845C9B3F10624A770FC107FCF3CD2948C1637294C37162D12FB9786B9FDF5 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
16:24:16.0869 0x12e0  vmicguestinterface - ok
16:24:16.0901 0x12e0  [ 6D54708A17327FE25EE308E8576DC002, AA8845C9B3F10624A770FC107FCF3CD2948C1637294C37162D12FB9786B9FDF5 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
16:24:16.0921 0x12e0  vmicheartbeat - ok
16:24:16.0956 0x12e0  [ 6D54708A17327FE25EE308E8576DC002, AA8845C9B3F10624A770FC107FCF3CD2948C1637294C37162D12FB9786B9FDF5 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:24:16.0976 0x12e0  vmickvpexchange - ok
16:24:17.0011 0x12e0  [ 6D54708A17327FE25EE308E8576DC002, AA8845C9B3F10624A770FC107FCF3CD2948C1637294C37162D12FB9786B9FDF5 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
16:24:17.0031 0x12e0  vmicrdv - ok
16:24:17.0066 0x12e0  [ 6D54708A17327FE25EE308E8576DC002, AA8845C9B3F10624A770FC107FCF3CD2948C1637294C37162D12FB9786B9FDF5 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
16:24:17.0084 0x12e0  vmicshutdown - ok
16:24:17.0114 0x12e0  [ 6D54708A17327FE25EE308E8576DC002, AA8845C9B3F10624A770FC107FCF3CD2948C1637294C37162D12FB9786B9FDF5 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
16:24:17.0126 0x12e0  vmictimesync - ok
16:24:17.0158 0x12e0  [ 6D54708A17327FE25EE308E8576DC002, AA8845C9B3F10624A770FC107FCF3CD2948C1637294C37162D12FB9786B9FDF5 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
16:24:17.0170 0x12e0  vmicvss - ok
16:24:17.0190 0x12e0  [ 66A6DF146CF0C258D15EF6D5583CD2AD, 746F11B47AAD558A0321799E8999955A835EC26A2B87DC37963B35C03D6A5DF7 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:24:17.0192 0x12e0  volmgr - ok
16:24:17.0228 0x12e0  [ A21C8789396050C749BDC5EEC44DE392, 3050D08BDB4884E8732D0E01E92E863C6EF565D9EE5856826A038898ED70F681 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
16:24:17.0237 0x12e0  volmgrx - ok
16:24:17.0261 0x12e0  [ 9365B092503F8B0B6C724D1A8E4433D4, 5562624F0CB35D6E6B46EB1CBBCA2ABD3E5DEBF0C194ECA67413D61600D81C76 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
16:24:17.0268 0x12e0  volsnap - ok
16:24:17.0301 0x12e0  [ C2948579E72CCC3780D2B98DBB122F24, C93F45E4D2851B7F07F345D7CFD2E62732786C3AD57A63A96C3A215AF5493E8D ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:24:17.0303 0x12e0  vpci - ok
16:24:17.0318 0x12e0  [ 08A41EE2072555DB68921B553D36B823, B0DCBF793186B6997FBD3C5C246C9504F5C5EE752D3D896AA020BEEF5AEDDCA9 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
16:24:17.0322 0x12e0  vsmraid - ok
16:24:17.0404 0x12e0  [ 546AEC7299474C69C936554F888E5410, 26CEC055D6639472BAEAD9EC510B8C3288933EF14C539445824F31D364FACEB2 ] VSS             C:\WINDOWS\system32\vssvc.exe
16:24:17.0460 0x12e0  VSS - ok
16:24:17.0497 0x12e0  [ 47F30B37730C7B08C328665BA52D693E, 7BDC96839F73CEED2AB8246012287D60B476AF530CDCCC6BAA0F64EAFD755FC0 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:24:17.0505 0x12e0  VSTXRAID - ok
16:24:17.0658 0x12e0  [ 18B00BCF217A1D3306E17202AFD1E051, 237AC66CBA887A33A320B6A1DCD3587DD579886DAC043BE00AB736080BCAD330 ] vToolbarUpdater17.1.2 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
16:24:17.0704 0x12e0  vToolbarUpdater17.1.2 - ok
16:24:17.0745 0x12e0  [ 6021BAA4B1D5033F1B6C8A198E1D9945, A485A062BAABCFD309BDEAC816CEAB986BC57A30120EFDA651BC8BE815BC6037 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:24:17.0748 0x12e0  vwifibus - ok
16:24:17.0773 0x12e0  [ A9FA62B41E00B9C247DBFD9BBA442F2B, 90DA78808B6916F3F7F293EECF5B960ACBE5A417EB8C2A188E89F166E9898311 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
16:24:17.0779 0x12e0  vwififlt - ok
16:24:17.0794 0x12e0  [ F21079593448A03D3504E3A81B60BD5A, 4584F0E6C83355F98DF6F98745FB82A5E87E50B48C59E4768B16EF4EB2C9138E ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
16:24:17.0798 0x12e0  vwifimp - ok
16:24:17.0863 0x12e0  [ DAD9250D56AC54B52A3720797B28E215, 913840AE6026237220C55F79086740B0D1CED76D41473D49B710D8DE6CCFD8F4 ] W32Time         C:\WINDOWS\system32\w32time.dll
16:24:17.0908 0x12e0  W32Time - ok
16:24:17.0930 0x12e0  [ 898FBD6F4BFA68C73ACA12AED937E0E6, 8A69A156BE71D104387290BB9F0185CFCED853CB13608547927E50301BCCBD0C ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:24:17.0933 0x12e0  WacomPen - ok
16:24:18.0048 0x12e0  [ F85F865A23CEFC60212A012D0A7F5E36, 62F8D0F4620B5A8F694522C9A6EB2C0E1B7C95BE059C22EEC3AA01B2DED6BBE1 ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:24:18.0117 0x12e0  wbengine - ok
16:24:18.0159 0x12e0  [ 999FADD0D8AB3241EF2ADC39DB4DC79E, 55CAEBC5672886D220AF4EBE6E5FCBAA783FC48EAC2EEC6AE19A3D0BC5620228 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:24:18.0181 0x12e0  WbioSrvc - ok
16:24:18.0222 0x12e0  [ 0BE2F368D77CB04989BE35B68A64FD20, 6A33AA2C09807E92C6F7574A936873462CF0ADF0B7095796627C3BA1C65D3ACE ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:24:18.0263 0x12e0  Wcmsvc - ok
16:24:18.0320 0x12e0  [ 6262DB1ABDEE10C06ABF274729F766A2, CC5A93ACC6C3F4BC55E77A8841F726058179A8820220C0A4E96309E40F42F45E ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
16:24:18.0354 0x12e0  wcncsvc - ok
16:24:18.0368 0x12e0  [ 414ED5AAC2919872BB770584639D3DA6, 0EAB915EBB8A782845205CC1D7436A3648FD0559273D7E1330CDE64AE2C6B9A9 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:24:18.0373 0x12e0  WcsPlugInService - ok
16:24:18.0407 0x12e0  [ 45BDEB64C527B2E3F3898A33A5053FE0, 9599A58F08F3184EC53ACE7C0E868F1755C75A4689934D91BA12394C14CEF0BC ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:24:18.0410 0x12e0  WdBoot - ok
16:24:18.0495 0x12e0  [ CC247F0A83F620E0686EB551C32E7129, 2EDE196DABF6577FA8C86E34E98FF72A43A3FB84837EA892EB210B036E12C0E2 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:24:18.0523 0x12e0  Wdf01000 - ok
16:24:18.0548 0x12e0  [ B167D079D82A69D41562AA2F17709F04, A04BA8BBBF3D25982E7A712DEE738540137AC22549AF9876B86E9E506BD95671 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:24:18.0554 0x12e0  WdFilter - ok
16:24:18.0578 0x12e0  [ 36E036E0C78AFFB16174036C67F5CDA2, 75E34D19A414D4AC5BFB941550D02A2783FE524E2BAD9DD43740D2C89F36FBAD ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:24:18.0584 0x12e0  WdiServiceHost - ok
16:24:18.0589 0x12e0  [ 36E036E0C78AFFB16174036C67F5CDA2, 75E34D19A414D4AC5BFB941550D02A2783FE524E2BAD9DD43740D2C89F36FBAD ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
16:24:18.0593 0x12e0  WdiSystemHost - ok
16:24:18.0616 0x12e0  [ 33821801F13D05D4FCF7F09631E99E17, 6BB3A281717D1ECB156FDC2045497BBA30325E71718FAEE4BC2FEE00F8D77181 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:24:18.0619 0x12e0  WdNisDrv - ok
16:24:18.0639 0x12e0  WdNisSvc - ok
16:24:18.0656 0x12e0  [ 6922FAD18CADF6C977BB2601313544E4, 891029F8243AFDA297746C9E99D98EB622C87BF9EC80C20E19CAED8F7F4F0C21 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:24:18.0666 0x12e0  WebClient - ok
16:24:18.0690 0x12e0  [ E957DD05F06C901FE089E4DB3AFA1FB9, 131FB3981087BF9A45AFDBB2166F1DF04F43A8EBEC8F89BB9955FA06537F6ECB ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:24:18.0699 0x12e0  Wecsvc - ok
16:24:18.0715 0x12e0  [ 06C0C88EC77100BD5516C0E4FD0C93C7, 43CE41544AFCD304A5FDD54D96776C3D6033EBCBF6D8D72DAE8E9AE44C9AF0B2 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
16:24:18.0719 0x12e0  WEPHOSTSVC - ok
16:24:18.0735 0x12e0  [ 822117822BB10E94B9599B7D98AACCEA, B237DA22930018011954BF53D34BE50A422281E13921B41E3DE8FEAC1CD5A4A8 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
16:24:18.0739 0x12e0  wercplsupport - ok
16:24:18.0755 0x12e0  [ 9CF85EECF32AB86BFE1967301FDA03EE, 6A3DB17E56604929C28264ACDE5BB4CB8A6F9343888787DED8CA2DC6880EECE3 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:24:18.0761 0x12e0  WerSvc - ok
16:24:18.0801 0x12e0  [ 799E321E3FDB8931E882260D6B369B7C, C9CF704A9AB0FBACF895BC58EDFE2722CAFAA53F734D874B77572F7001C52803 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:24:18.0809 0x12e0  WFPLWFS - ok
16:24:18.0831 0x12e0  [ B56483A57F5E642AC82217761362073D, 26E8B79F9224FB5662AD215B4CB5A837CEE80A3FAFE2A755C74E186F34899A09 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:24:18.0843 0x12e0  WiaRpc - ok
16:24:18.0877 0x12e0  [ 14771C34E70C6E1A1A4DC3EF6F8F03BC, 3D6D8B09FD2925F86AD0C9F0B5864C88BCC5B7653F69AFAE2E2B26184C092157 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:24:18.0880 0x12e0  WIMMount - ok
16:24:18.0886 0x12e0  WinDefend - ok
16:24:18.0979 0x12e0  [ 55542BF44D8C54694FD7717C092361CC, 4557D3DD97192957DA79208034275D1FFABD02A1107AC04448A55DCC0CCC5666 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:24:19.0008 0x12e0  WinHttpAutoProxySvc - ok
16:24:19.0057 0x12e0  [ 64B392C1275BD36ADDA34BDAE023215F, 0DEA2A3FBA6AF252DF0BFB7ACC62BB0E8F79EB57B3196300CED0DE7BAFCDC583 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:24:19.0062 0x12e0  Winmgmt - ok
16:24:19.0182 0x12e0  [ 7BEF583DF4CB5EEF0AB4811F09E597F8, DBE074A363B06A98AD8DAF9F16392E6DE63F8C02ACE912B5521FBC99840B1523 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:24:19.0324 0x12e0  WinRM - ok
16:24:19.0451 0x12e0  [ 16B3DBFE95E0287362972CDBC89A36B2, E075145E591B58AF036B5387E2BC9AE59651698D585D033FBA55E671A5AB5DAD ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
16:24:19.0560 0x12e0  WlanSvc - ok
16:24:19.0660 0x12e0  [ 9F458C8BC4C5DC63BFF2C97444AFC7F9, 2828133B6CAD7F6A51D92429F3C50A56811877A69149FEFECDA39243BD4BBA95 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
16:24:19.0775 0x12e0  wlidsvc - ok
16:24:19.0825 0x12e0  [ 19C2C35ED1BD8C6191B64F59EDD1E7EB, 5E2CE68AB6C15B5AF28760E0552AECBACDD1ED45DEB346FE323EB8A33C1CAE3C ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
16:24:19.0826 0x12e0  WmiAcpi - ok
16:24:19.0862 0x12e0  [ 9061768888649A8FD65B2A7AFC5CE355, EF206DB06FE2AF4FEEAC7B7026FEAEFC4FD5DE212B6947B4EDB410B1B3D36EEB ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:24:19.0872 0x12e0  wmiApSrv - ok
16:24:19.0891 0x12e0  WMPNetworkSvc - ok
16:24:19.0965 0x12e0  [ 8187F88DA198F8DBB27097AE4C98E07D, 0F8D65D1BC81551DA6DAF8CC89B37CFAA55D1AAE2593D1FA8B552FEDC1965418 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
16:24:20.0041 0x12e0  workfolderssvc - ok
16:24:20.0069 0x12e0  [ 48B47542262CFAE511F32630CB72FE2E, 4398F847805514035CF18D566E82D7DCC9EC4B5D637FEC5E38AFD509159EDEAD ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:24:20.0071 0x12e0  wpcfltr - ok
16:24:20.0084 0x12e0  [ 0474B4A09847F1CB82E76C4780590CB5, 3D98DE194CCB8123F51BBF28F9AB0ECF5643999D3B7DC5E4B4BFFC0A57DE1603 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
16:24:20.0088 0x12e0  WPCSvc - ok
16:24:20.0102 0x12e0  [ 7EE544B383317FDFDD75E7AFA81C2C81, F0D0FC12565E0C60F8FE502F29628D5348A430CF42F196628A9EF38DA84F0531 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:24:20.0108 0x12e0  WPDBusEnum - ok
16:24:20.0122 0x12e0  [ 3ED868A35F605B5626349D889B8D1C0C, 8D42D46A0EA33F7D0F47E42AA7FA7A24DB266132357CBB9855DEBF125B68F2ED ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:24:20.0123 0x12e0  WpdUpFltr - ok
16:24:20.0142 0x12e0  [ C0BC975DA8D775CEF8334E0DD3580DEF, 022AD324FC12EC088070461F49F7D6B4ECEFCCCE59EBB802D84A4C7AF0CF06CA ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:24:20.0143 0x12e0  ws2ifsl - ok
16:24:20.0160 0x12e0  [ 4F99BB8B8785C0AAA88227931DA0646E, 31876B0F3DB958791458EC2BC7D9E0960B0396AB3B6F429829B6E4D7B6182D8D ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:24:20.0166 0x12e0  wscsvc - ok
16:24:20.0170 0x12e0  WSearch - ok
16:24:20.0274 0x12e0  [ 7C279E9A16DB79D6CAF9E2B91DED950F, 8382FD95A22F12E8F88676739D7DF7E9F7A0F3BD35E0BF4A3B909B7648394487 ] WSService       C:\WINDOWS\System32\WSService.dll
16:24:20.0334 0x12e0  WSService - ok
16:24:20.0507 0x12e0  [ 8418BCE4853EC1EC59844998064474A6, CA5E29BC42492965F3FE1CC904CEFB51142AF1F1C8DD7C4A61413106EBD61147 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:24:20.0628 0x12e0  wuauserv - ok
16:24:20.0670 0x12e0  [ 1CE69DA065D3AFC640B447C5A3A22FE5, 71A6A2E50F96C70AEE9E38390470D2A9DE60CFC0CD0C2142342D1521FA00C018 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:24:20.0673 0x12e0  WudfPf - ok
16:24:20.0684 0x12e0  [ 6527BEE2C31DB4C7EC5C293F16CB2191, FAA826B531EEB34E628F796C474BE83DBBE8F50FDCB87F80294B884331B8DFD6 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
16:24:20.0689 0x12e0  WUDFRd - ok
16:24:20.0706 0x12e0  [ BAD2474C373102D5BFB1BDECF909CAFA, C05B7BB43707E789048E1152047AF3A4BB28015FA657E15D12F09292970E8547 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
16:24:20.0712 0x12e0  wudfsvc - ok
16:24:20.0730 0x12e0  [ 6527BEE2C31DB4C7EC5C293F16CB2191, FAA826B531EEB34E628F796C474BE83DBBE8F50FDCB87F80294B884331B8DFD6 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:24:20.0735 0x12e0  WUDFWpdFs - ok
16:24:20.0769 0x12e0  [ 5D0780CB274FA10BF09065EB7B1F2B4F, 34F42549CCEFF6B70B93B784BA104F8FBF13E51878D23AF2F8E0F9177F91FB0C ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
16:24:20.0803 0x12e0  WwanSvc - ok
16:24:20.0816 0x12e0  ================ Scan global ===============================
16:24:20.0864 0x12e0  [ ACAD3B7EB48E73FE88442082412C3337, 9AF6DE49F809386409AEB40E9EA8837117F85AAF1FF826122920ADA35B0FDDC6 ] C:\WINDOWS\system32\basesrv.dll
16:24:20.0927 0x12e0  [ 7D3219AF8F96E70A7C16F1E02050DDEF, D4E409D1DACDDAE2C41623ED19DA5DADC00C0B6E45E9AD374B129AE217798A2D ] C:\WINDOWS\system32\winsrv.dll
16:24:20.0980 0x12e0  [ E4DF1A6498EC383C6BECA3C5DC35308C, D8855D4D1CE5C3AEABFF320F16EDB458B6323DE88A975357A481C7C2B9080B62 ] C:\WINDOWS\system32\sxssrv.dll
16:24:21.0025 0x12e0  [ 258527780FC8FFCF0A29F7455073C529, 93BAA0D686EFAED9CAFC5A542349BE20DCAD8B2CCF90B5B9A6E7F333C703EC0B ] C:\WINDOWS\system32\services.exe
16:24:21.0046 0x12e0  [ Global ] - ok
16:24:21.0047 0x12e0  ================ Scan MBR ==================================
16:24:21.0061 0x12e0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:24:21.0068 0x12e0  \Device\Harddisk0\DR0 - ok
16:24:21.0070 0x12e0  ================ Scan VBR ==================================
16:24:21.0083 0x12e0  [ E4B6F1048705784F0DBF01C5D5FEB969 ] \Device\Harddisk0\DR0\Partition1
16:24:21.0087 0x12e0  \Device\Harddisk0\DR0\Partition1 - ok
16:24:21.0101 0x12e0  [ A0A99759C20A764B1A898AA7CA46A877 ] \Device\Harddisk0\DR0\Partition2
16:24:21.0104 0x12e0  \Device\Harddisk0\DR0\Partition2 - ok
16:24:21.0122 0x12e0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
16:24:21.0123 0x12e0  \Device\Harddisk0\DR0\Partition3 - ok
16:24:21.0137 0x12e0  [ C0369F87B5B32DD185E4F7D153023DDD ] \Device\Harddisk0\DR0\Partition4
16:24:21.0143 0x12e0  \Device\Harddisk0\DR0\Partition4 - ok
16:24:21.0180 0x12e0  [ CD15EA5A1D6DFDCEC6538EB507788E76 ] \Device\Harddisk0\DR0\Partition5
16:24:21.0186 0x12e0  \Device\Harddisk0\DR0\Partition5 - ok
16:24:21.0244 0x12e0  [ E9C6C0475C1CBCD510EEC0AE6806B930 ] \Device\Harddisk0\DR0\Partition6
16:24:21.0248 0x12e0  \Device\Harddisk0\DR0\Partition6 - ok
16:24:21.0250 0x12e0  Waiting for KSN requests completion. In queue: 89
16:24:22.0251 0x12e0  Waiting for KSN requests completion. In queue: 89
16:24:23.0252 0x12e0  Waiting for KSN requests completion. In queue: 89
16:24:24.0292 0x12e0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9431.0 ), 0x61100 ( enabled : updated )
16:24:24.0395 0x12e0  Win FW state via NFP2: enabled
16:24:26.0997 0x12e0  ============================================================
16:24:26.0997 0x12e0  Scan finished
16:24:26.0997 0x12e0  ============================================================
16:24:27.0023 0x0134  Detected object count: 0
16:24:27.0023 0x0134  Actual detected object count: 0
16:24:52.0224 0x0b0c  Deinitialize success
 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-20 16:42:39
-----------------------------
16:42:39.504    OS Version: Windows x64 6.2.9200
16:42:39.504    Number of processors: 4 586 0x2A07
16:42:39.505    ComputerName: DRJ  UserName:
16:42:39.613    Initialze error 1
16:44:14.389    AVAST engine defs: 13111900
16:44:41.537    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002b
16:44:41.540    Disk 0 Vendor: ST9500325AS 0001SDM1 Size: 476940MB BusType: 11
16:44:41.614    Disk 0 MBR read successfully
16:44:41.619    Disk 0 MBR scan
16:44:41.635    Disk 0 unknown MBR code
16:44:41.643    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
16:44:41.660    Disk 0 scanning C:\WINDOWS\system32\drivers
16:44:41.667    Service scanning
16:44:42.243    Modules scanning
16:44:42.252    Disk 0 trace - called modules:
16:44:42.328    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
16:44:42.338    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0000280f060]
16:44:42.347    3 CLASSPNP.SYS[fffff80000f51a87] -> nt!IofCallDriver -> \Device\0000002b[0xffffe00001041720]
16:44:42.362    AVAST engine scan C:\WINDOWS
16:44:42.375    AVAST engine scan C:\WINDOWS\system32
16:44:42.387    AVAST engine scan C:\WINDOWS\system32\drivers
16:44:42.400    AVAST engine scan C:\Users\johnson
16:44:42.412    AVAST engine scan C:\ProgramData
16:44:42.423    Scan finished successfully
16:46:01.628    Disk 0 MBR has been saved successfully to "C:\Users\johnson\Desktop\MBR.dat"
16:46:01.633    The log file has been saved successfully to "C:\Users\johnson\Desktop\aswMBR.txt"

 



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 21 November 2013 - 06:03 AM

Fix with FRST (normal mode)

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
  • Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

    HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-04-25] (Iminent)
    HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-04-25] (Iminent)
    FF Extension: webbooster - C:\Users\johnson\AppData\Roaming\Mozilla\Firefox\Profiles\y64zbka7.default\Extensions\webbooster@iminent.com.xpi
    FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files (x86)\Iminent\webbooster@iminent.com
    FF Extension: Iminent Minibar - C:\Program Files (x86)\Iminent\webbooster@iminent.com
    CHR Extension: (Iminent) - C:\Users\johnson\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1_0
    CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - C:\Program Files (x86)\Iminent\Iminent.crx
    
    C:\Program Files (x86)\Iminent
    C:\ProgramData\ntuser.pol
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 25 November 2013 - 04:24 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users