Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Seems like I still have a virus...


  • This topic is locked This topic is locked
18 replies to this topic

#1 bilge6

bilge6

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 25 March 2014 - 08:28 PM

I have run a multitude of virus scans in safe mode and from another partition (Malwarebytes AM and Anti rootkit, avg rescue, superantispyware, clamwin, Hitman pro, and a couple others).

 

I fixed everything that popped up and my infected Windows 8.1 machine can get passed the lockscreen fine, but it seems like the explorer.exe hangs (I don't know for a fact but it seems to be that kind of behavior). Any new function, such as right clicking takes about 4 min to pop up, and eventually, I can run programs. However, if I start doing multiple processes at once, it freezes.

 

The last time I ran it, everything seemed smooth and working properly, but then it told me Windows stopped responding. Overall, it seems like Windows is more fragile now, maybe ram/cpu spikes?

 

It does not have the same behavior in safe mode. In safe mode, I could not find anything odd sounding in the processes list, and no, I don't have too many startup items.

 

Before some fixes, it would just freeze and tell me explorer.exe was having issues.

 

Anything I can do besides wipe? I don't have access to the key I used to register. A log is attached.

Thanks

Attached Files

  • Attached File  log2.txt   122.9KB   1 downloads


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 26 March 2014 - 09:20 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Edited by TB-Psychotic, 26 March 2014 - 09:24 AM.

Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 26 March 2014 - 02:29 PM

It seems that I can run the computer fine for a little while, but it eventually slows and freezes.

Here is the TDSSKiller log:

 

14:26:34.0047 0x0b24  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
14:26:37.0744 0x0b24  ============================================================
14:26:37.0744 0x0b24  Current date / time: 2014/03/26 14:26:37.0744
14:26:37.0744 0x0b24  SystemInfo:
14:26:37.0744 0x0b24  
14:26:37.0744 0x0b24  OS Version: 6.3.9600 ServicePack: 0.0
14:26:37.0744 0x0b24  Product type: Workstation
14:26:37.0744 0x0b24  ComputerName: DAVID
14:26:37.0744 0x0b24  UserName: David
14:26:37.0744 0x0b24  Windows directory: C:\WINDOWS
14:26:37.0744 0x0b24  System windows directory: C:\WINDOWS
14:26:37.0744 0x0b24  Running under WOW64
14:26:37.0744 0x0b24  Processor architecture: Intel x64
14:26:37.0744 0x0b24  Number of processors: 4
14:26:37.0744 0x0b24  Page size: 0x1000
14:26:37.0744 0x0b24  Boot type: Normal boot
14:26:37.0744 0x0b24  ============================================================
14:26:38.0378 0x0b24  KLMD registered as C:\WINDOWS\system32\drivers\32891751.sys
14:26:38.0908 0x0b24  System UUID: {50A9FBEB-C2C7-63B8-FB35-F9E480905E98}
14:26:40.0042 0x0b24  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:26:40.0069 0x0b24  ============================================================
14:26:40.0069 0x0b24  \Device\Harddisk0\DR0:
14:26:40.0069 0x0b24  MBR partitions:
14:26:40.0069 0x0b24  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
14:26:40.0069 0x0b24  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x214CD172
14:26:40.0088 0x0b24  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x215319B8, BlocksNum 0x170D1E48
14:26:40.0088 0x0b24  ============================================================
14:26:40.0090 0x0b24  C: <-> \Device\Harddisk0\DR0\Partition3
14:26:40.0275 0x0b24  E: <-> \Device\Harddisk0\DR0\Partition2
14:26:40.0275 0x0b24  ============================================================
14:26:40.0275 0x0b24  Initialize success
14:26:40.0275 0x0b24  ============================================================
14:26:53.0566 0x1660  ============================================================
14:26:53.0566 0x1660  Scan started
14:26:53.0566 0x1660  Mode: Manual; 
14:26:53.0566 0x1660  ============================================================
14:26:53.0566 0x1660  KSN ping started
14:26:56.0492 0x1660  KSN ping finished: true
14:26:57.0043 0x1660  ================ Scan system memory ========================
14:26:57.0043 0x1660  System memory - ok
14:26:57.0043 0x1660  ================ Scan services =============================
14:26:57.0217 0x1660  [ 51F207D5A9E7B2E76BEE59C05CCC23C4, BE78957DD197777D899FAFBBE71E2FDB5DB9AC6AC4F1595A562FD362429BED6B ] !SASCORE        C:\Program Files (x86)\SUPERAntiSpyware\SASCORE.EXE
14:26:57.0222 0x1660  !SASCORE - ok
14:26:57.0427 0x1660  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:26:57.0436 0x1660  1394ohci - ok
14:26:57.0455 0x1660  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
14:26:57.0460 0x1660  3ware - ok
14:26:57.0520 0x1660  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:26:57.0542 0x1660  ACPI - ok
14:26:57.0558 0x1660  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:26:57.0561 0x1660  acpiex - ok
14:26:57.0574 0x1660  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:26:57.0576 0x1660  acpipagr - ok
14:26:57.0612 0x1660  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
14:26:57.0614 0x1660  AcpiPmi - ok
14:26:57.0628 0x1660  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:26:57.0629 0x1660  acpitime - ok
14:26:57.0668 0x1660  [ 8EC5B2B4CAF133C43EC068E1F8A8F562, 578E59D6C90DB209846D3670FBC2B3AFE385FC28B43D5025AC3FAC0C40D82DD8 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
14:26:57.0670 0x1660  ACPIVPC - ok
14:26:57.0811 0x1660  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:26:57.0816 0x1660  AdobeFlashPlayerUpdateSvc - ok
14:26:57.0853 0x1660  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:26:57.0887 0x1660  ADP80XX - ok
14:26:57.0934 0x1660  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
14:26:57.0941 0x1660  AeLookupSvc - ok
14:26:57.0975 0x1660  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
14:26:58.0000 0x1660  AFD - ok
14:26:58.0020 0x1660  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
14:26:58.0023 0x1660  agp440 - ok
14:26:58.0054 0x1660  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:26:58.0057 0x1660  ahcache - ok
14:26:58.0101 0x1660  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
14:26:58.0104 0x1660  ALG - ok
14:26:58.0126 0x1660  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
14:26:58.0130 0x1660  AmdK8 - ok
14:26:58.0140 0x1660  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:26:58.0145 0x1660  AmdPPM - ok
14:26:58.0165 0x1660  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
14:26:58.0168 0x1660  amdsata - ok
14:26:58.0183 0x1660  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:26:58.0191 0x1660  amdsbs - ok
14:26:58.0205 0x1660  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
14:26:58.0207 0x1660  amdxata - ok
14:26:58.0223 0x1660  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
14:26:58.0226 0x1660  AppID - ok
14:26:58.0261 0x1660  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:26:58.0264 0x1660  AppIDSvc - ok
14:26:58.0278 0x1660  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\WINDOWS\System32\appinfo.dll
14:26:58.0282 0x1660  Appinfo - ok
14:26:58.0303 0x1660  [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
14:26:58.0309 0x1660  AppMgmt - ok
14:26:58.0357 0x1660  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:26:58.0382 0x1660  AppReadiness - ok
14:26:58.0460 0x1660  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
14:26:58.0510 0x1660  AppXSvc - ok
14:26:58.0527 0x1660  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:26:58.0531 0x1660  arcsas - ok
14:26:58.0546 0x1660  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
14:26:58.0548 0x1660  atapi - ok
14:26:58.0592 0x1660  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:26:58.0599 0x1660  AudioEndpointBuilder - ok
14:26:58.0666 0x1660  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:26:58.0703 0x1660  Audiosrv - ok
14:26:58.0756 0x1660  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:26:58.0760 0x1660  AxInstSV - ok
14:26:58.0788 0x1660  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
14:26:58.0817 0x1660  b06bdrv - ok
14:26:58.0838 0x1660  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:26:58.0841 0x1660  BasicDisplay - ok
14:26:58.0855 0x1660  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
14:26:58.0858 0x1660  BasicRender - ok
14:26:58.0908 0x1660  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
14:26:58.0916 0x1660  bcbtums - ok
14:26:59.0008 0x1660  [ 71770C2CDAF52A8C86088BF6697B66A4, 2A7DBB0D9665C6D52D4D2D7C1C90840B34887D7E35C0A6F9BA99BB96CD0F51DA ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
14:26:59.0052 0x1660  BcmBtRSupport - ok
14:26:59.0074 0x1660  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:26:59.0075 0x1660  bcmfn2 - ok
14:26:59.0096 0x1660  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:26:59.0107 0x1660  BDESVC - ok
14:26:59.0142 0x1660  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:26:59.0143 0x1660  Beep - ok
14:26:59.0205 0x1660  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\WINDOWS\System32\bfe.dll
14:26:59.0238 0x1660  BFE - ok
14:26:59.0319 0x1660  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
14:26:59.0363 0x1660  BITS - ok
14:26:59.0382 0x1660  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:26:59.0386 0x1660  bowser - ok
14:26:59.0432 0x1660  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:26:59.0441 0x1660  BrokerInfrastructure - ok
14:26:59.0462 0x1660  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
14:26:59.0468 0x1660  Browser - ok
14:26:59.0485 0x1660  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:26:59.0488 0x1660  BthAvrcpTg - ok
14:26:59.0497 0x1660  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
14:26:59.0516 0x1660  BthEnum - ok
14:26:59.0535 0x1660  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
14:26:59.0538 0x1660  BthHFEnum - ok
14:26:59.0550 0x1660  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:26:59.0552 0x1660  bthhfhid - ok
14:26:59.0562 0x1660  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:26:59.0565 0x1660  BTHMODEM - ok
14:26:59.0577 0x1660  [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
14:26:59.0582 0x1660  BthPan - ok
14:26:59.0630 0x1660  [ 8458ECAB701EE385851C2559B71D1209, 0680031AFB5501C6D16F404CAA43C00C44C3213A790BB5570C9309BB9197C257 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
14:26:59.0677 0x1660  BTHPORT - ok
14:26:59.0697 0x1660  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
14:26:59.0701 0x1660  bthserv - ok
14:26:59.0723 0x1660  [ 2C0B77176CD68F1F60510CDF36ADC401, 77990114F9D7B60F5D62122F4634DF89BE69EC56507DAD8C84417B9EC6B21E8D ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
14:26:59.0727 0x1660  BTHUSB - ok
14:26:59.0747 0x1660  [ BC279FCEE9FC8CBF991D5DE539771AA9, 5DE007672BFBFA78C44CC08251F495420402AFF4AD01541AA84AD37BD4A58190 ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
14:26:59.0753 0x1660  btwampfl - ok
14:26:59.0771 0x1660  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:26:59.0774 0x1660  cdfs - ok
14:26:59.0800 0x1660  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
14:26:59.0806 0x1660  cdrom - ok
14:26:59.0826 0x1660  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
14:26:59.0832 0x1660  CertPropSvc - ok
14:26:59.0846 0x1660  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:26:59.0849 0x1660  circlass - ok
14:26:59.0876 0x1660  [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:26:59.0887 0x1660  CLFS - ok
14:26:59.0908 0x1660  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:26:59.0910 0x1660  CmBatt - ok
14:26:59.0944 0x1660  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
14:26:59.0969 0x1660  CNG - ok
14:26:59.0989 0x1660  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
14:26:59.0992 0x1660  CompositeBus - ok
14:26:59.0996 0x1660  COMSysApp - ok
14:27:00.0010 0x1660  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:27:00.0012 0x1660  condrv - ok
14:27:00.0055 0x1660  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:27:00.0065 0x1660  cphs - ok
14:27:00.0114 0x1660  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:27:00.0120 0x1660  CryptSvc - ok
14:27:00.0152 0x1660  [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
14:27:00.0178 0x1660  CSC - ok
14:27:00.0219 0x1660  [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService      C:\WINDOWS\System32\cscsvc.dll
14:27:00.0257 0x1660  CscService - ok
14:27:00.0272 0x1660  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
14:27:00.0274 0x1660  dam - ok
14:27:00.0342 0x1660  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:27:00.0376 0x1660  DcomLaunch - ok
14:27:00.0410 0x1660  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
14:27:00.0435 0x1660  defragsvc - ok
14:27:00.0464 0x1660  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:27:00.0487 0x1660  DeviceAssociationService - ok
14:27:00.0548 0x1660  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
14:27:00.0555 0x1660  DeviceInstall - ok
14:27:00.0571 0x1660  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:27:00.0576 0x1660  Dfsc - ok
14:27:00.0628 0x1660  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:27:00.0649 0x1660  Dhcp - ok
14:27:00.0673 0x1660  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:27:00.0678 0x1660  disk - ok
14:27:00.0720 0x1660  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
14:27:00.0721 0x1660  dmvsc - ok
14:27:00.0777 0x1660  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:27:00.0788 0x1660  Dnscache - ok
14:27:00.0808 0x1660  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:27:00.0817 0x1660  dot3svc - ok
14:27:00.0869 0x1660  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
14:27:00.0876 0x1660  DPS - ok
14:27:00.0917 0x1660  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:27:00.0919 0x1660  drmkaud - ok
14:27:00.0942 0x1660  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:27:00.0949 0x1660  DsmSvc - ok
14:27:01.0029 0x1660  [ 13B160C1913F012BD1615EB1398D3779, 2B5786AAEC845156D28ABDAA77347844D39F33DF53F2C96ACEF38A668ADFF422 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:27:01.0110 0x1660  DXGKrnl - ok
14:27:01.0149 0x1660  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
14:27:01.0153 0x1660  Eaphost - ok
14:27:01.0277 0x1660  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
14:27:01.0393 0x1660  ebdrv - ok
14:27:01.0436 0x1660  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
14:27:01.0438 0x1660  EFS - ok
14:27:01.0459 0x1660  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
14:27:01.0462 0x1660  EhStorClass - ok
14:27:01.0478 0x1660  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:27:01.0484 0x1660  EhStorTcgDrv - ok
14:27:01.0525 0x1660  [ 6106653B08F4F72EEAA7F099E7C408A4, 96B77284744F8761C4F2558388E0AEE2140618B484FF53FA8B222B340D2A9C84 ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
14:27:01.0528 0x1660  epmntdrv - ok
14:27:01.0543 0x1660  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:27:01.0545 0x1660  ErrDev - ok
14:27:01.0581 0x1660  [ 991C04A31777ED77CB92A4F96F14C2E2, 6CC2A311D8E67032D0847D70B20DCA87B52B2B7FB3C380B3A5AB6C233E955DD2 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
14:27:01.0583 0x1660  EuGdiDrv - ok
14:27:01.0617 0x1660  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
14:27:01.0640 0x1660  EventSystem - ok
14:27:01.0664 0x1660  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
14:27:01.0671 0x1660  exfat - ok
14:27:01.0688 0x1660  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
14:27:01.0696 0x1660  fastfat - ok
14:27:01.0761 0x1660  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:27:01.0794 0x1660  Fax - ok
14:27:01.0815 0x1660  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
14:27:01.0817 0x1660  fdc - ok
14:27:01.0835 0x1660  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
14:27:01.0838 0x1660  fdPHost - ok
14:27:01.0858 0x1660  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:27:01.0860 0x1660  FDResPub - ok
14:27:01.0872 0x1660  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
14:27:01.0878 0x1660  fhsvc - ok
14:27:01.0891 0x1660  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:27:01.0895 0x1660  FileInfo - ok
14:27:01.0909 0x1660  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
14:27:01.0911 0x1660  Filetrace - ok
14:27:01.0926 0x1660  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:27:01.0928 0x1660  flpydisk - ok
14:27:01.0952 0x1660  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:27:01.0971 0x1660  FltMgr - ok
14:27:02.0024 0x1660  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
14:27:02.0075 0x1660  FontCache - ok
14:27:02.0228 0x1660  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:27:02.0234 0x1660  FontCache3.0.0.0 - ok
14:27:02.0257 0x1660  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
14:27:02.0263 0x1660  FsDepends - ok
14:27:02.0277 0x1660  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:27:02.0279 0x1660  Fs_Rec - ok
14:27:02.0338 0x1660  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:27:02.0388 0x1660  fvevol - ok
14:27:02.0459 0x1660  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
14:27:02.0465 0x1660  FxPPM - ok
14:27:02.0513 0x1660  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
14:27:02.0519 0x1660  gagp30kx - ok
14:27:02.0569 0x1660  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:27:02.0573 0x1660  gencounter - ok
14:27:02.0633 0x1660  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:27:02.0644 0x1660  GPIOClx0101 - ok
14:27:02.0805 0x1660  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:27:02.0859 0x1660  gpsvc - ok
14:27:02.0959 0x1660  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:27:02.0961 0x1660  gupdate - ok
14:27:02.0967 0x1660  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:27:02.0970 0x1660  gupdatem - ok
14:27:03.0007 0x1660  [ 4373CB2FFCF35EAAA853DB2FE45A40DC, 3FCF6A53AF63722FAAD6ABC94DA093EBD766B0728CD0E64EAB1BEC369CC998C9 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
14:27:03.0011 0x1660  Hamachi - ok
14:27:03.0116 0x1660  [ 2A94B104F6B64AE207D687F2AFFE8056, A42F8198A070C417554C34C2166137868506B5F7780DB7C13C0658013940F5D6 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:27:03.0246 0x1660  Hamachi2Svc - ok
14:27:03.0370 0x1660  [ 6E02DDFFA0E8C069A92A0888B0CB8415, 44816EA24121AD0C9EB8048BED9250D7992CD0C0ABA69C3269A633D48297B7A7 ] hcmon           C:\WINDOWS\system32\drivers\hcmon.sys
14:27:03.0376 0x1660  hcmon - ok
14:27:03.0498 0x1660  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
14:27:03.0561 0x1660  HdAudAddService - ok
14:27:03.0627 0x1660  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:27:03.0633 0x1660  HDAudBus - ok
14:27:03.0726 0x1660  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
14:27:03.0731 0x1660  HidBatt - ok
14:27:03.0834 0x1660  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
14:27:03.0844 0x1660  HidBth - ok
14:27:03.0883 0x1660  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
14:27:03.0886 0x1660  hidi2c - ok
14:27:03.0903 0x1660  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
14:27:03.0907 0x1660  HidIr - ok
14:27:03.0953 0x1660  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
14:27:03.0957 0x1660  hidserv - ok
14:27:03.0985 0x1660  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
14:27:03.0988 0x1660  HidUsb - ok
14:27:04.0039 0x1660  [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37     C:\WINDOWS\system32\drivers\hitmanpro37.sys
14:27:04.0043 0x1660  hitmanpro37 - ok
14:27:04.0083 0x1660  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
14:27:04.0090 0x1660  hkmsvc - ok
14:27:04.0139 0x1660  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:27:04.0219 0x1660  HomeGroupListener - ok
14:27:04.0348 0x1660  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:27:04.0361 0x1660  HomeGroupProvider - ok
14:27:04.0382 0x1660  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
14:27:04.0386 0x1660  HpSAMD - ok
14:27:04.0504 0x1660  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
14:27:04.0546 0x1660  HTTP - ok
14:27:04.0587 0x1660  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
14:27:04.0590 0x1660  hwpolicy - ok
14:27:04.0598 0x1660  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
14:27:04.0600 0x1660  hyperkbd - ok
14:27:04.0617 0x1660  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
14:27:04.0619 0x1660  HyperVideo - ok
14:27:04.0635 0x1660  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
14:27:04.0641 0x1660  i8042prt - ok
14:27:04.0660 0x1660  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:27:04.0662 0x1660  iaLPSSi_GPIO - ok
14:27:04.0677 0x1660  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:27:04.0681 0x1660  iaLPSSi_I2C - ok
14:27:04.0742 0x1660  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
14:27:04.0754 0x1660  iaStorA - ok
14:27:04.0821 0x1660  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
14:27:04.0840 0x1660  iaStorAV - ok
14:27:04.0991 0x1660  [ 584068E03829BC5C63F54B05E6244E97, C075E8A4853C0DE09A9BF846338F9C8997FE7ACD604B4EC02AA89F0DAA1D985B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:27:05.0001 0x1660  IAStorDataMgrSvc - ok
14:27:05.0057 0x1660  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
14:27:05.0084 0x1660  iaStorV - ok
14:27:05.0090 0x1660  IEEtwCollectorService - ok
14:27:05.0347 0x1660  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:27:05.0525 0x1660  igfx - ok
14:27:05.0610 0x1660  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
14:27:05.0652 0x1660  IKEEXT - ok
14:27:05.0687 0x1660  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
14:27:05.0688 0x1660  intelide - ok
14:27:05.0743 0x1660  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
14:27:05.0746 0x1660  intelpep - ok
14:27:05.0774 0x1660  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
14:27:05.0778 0x1660  intelppm - ok
14:27:05.0797 0x1660  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:27:05.0800 0x1660  IpFilterDriver - ok
14:27:05.0862 0x1660  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
14:27:05.0895 0x1660  iphlpsvc - ok
14:27:05.0914 0x1660  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:27:05.0919 0x1660  IPMIDRV - ok
14:27:05.0994 0x1660  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
14:27:05.0999 0x1660  IPNAT - ok
14:27:06.0061 0x1660  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
14:27:06.0063 0x1660  IRENUM - ok
14:27:06.0090 0x1660  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
14:27:06.0092 0x1660  isapnp - ok
14:27:06.0118 0x1660  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
14:27:06.0138 0x1660  iScsiPrt - ok
14:27:06.0179 0x1660  [ 3FE43C2F5B5C08657A1B547AFBE2118E, 33A589EFA8CC13E5C46392B321797D15030B38C56276B2C3755E332E6CC15786 ] JMCR            C:\WINDOWS\System32\drivers\jmcr.sys
14:27:06.0185 0x1660  JMCR - ok
14:27:06.0232 0x1660  [ 45369E037410609D769852A1CE46A184, 752BE7BB167E602CD89D52E3A4382AF7C75033306E31884EC55872EF7A0A3EE2 ] k57nd60a        C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
14:27:06.0245 0x1660  k57nd60a - ok
14:27:06.0266 0x1660  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
14:27:06.0268 0x1660  kbdclass - ok
14:27:06.0281 0x1660  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
14:27:06.0283 0x1660  kbdhid - ok
14:27:06.0302 0x1660  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
14:27:06.0304 0x1660  kbldfltr - ok
14:27:06.0319 0x1660  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
14:27:06.0320 0x1660  kdnic - ok
14:27:06.0337 0x1660  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
14:27:06.0339 0x1660  KeyIso - ok
14:27:06.0356 0x1660  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
14:27:06.0360 0x1660  KSecDD - ok
14:27:06.0377 0x1660  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:27:06.0384 0x1660  KSecPkg - ok
14:27:06.0396 0x1660  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
14:27:06.0398 0x1660  ksthunk - ok
14:27:06.0446 0x1660  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
14:27:06.0457 0x1660  KtmRm - ok
14:27:06.0538 0x1660  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
14:27:06.0549 0x1660  LanmanServer - ok
14:27:06.0581 0x1660  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:27:06.0590 0x1660  LanmanWorkstation - ok
14:27:06.0681 0x1660  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
14:27:06.0709 0x1660  lfsvc - ok
14:27:06.0747 0x1660  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\WINDOWS\system32\DRIVERS\LhdX64.sys
14:27:06.0749 0x1660  LHDmgr - ok
14:27:06.0761 0x1660  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
14:27:06.0764 0x1660  lltdio - ok
14:27:06.0811 0x1660  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
14:27:06.0832 0x1660  lltdsvc - ok
14:27:06.0858 0x1660  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
14:27:06.0861 0x1660  lmhosts - ok
14:27:06.0912 0x1660  [ E299C7D4AE6AF391F38EAE78D788E678, 830D9466FED497B793BD7AFC31053A903E41E4EE02765365E4D72BADA5C45338 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
14:27:06.0922 0x1660  LMIGuardianSvc - ok
14:27:06.0925 0x1660  LMIInfo - ok
14:27:06.0986 0x1660  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\WINDOWS\system32\DRIVERS\lmimirr.sys
14:27:06.0997 0x1660  lmimirr - ok
14:27:07.0006 0x1660  LMIRfsClientNP - ok
14:27:07.0036 0x1660  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
14:27:07.0041 0x1660  LMIRfsDriver - ok
14:27:07.0097 0x1660  [ BD16CFC982ED578C9BC6C6764DE3CD77, 53B242C955F3A38AEC0B741A1D54D7836373BD34DA927610F10EB9285D11215F ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:27:07.0114 0x1660  LMS - ok
14:27:07.0163 0x1660  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
14:27:07.0172 0x1660  LSI_SAS - ok
14:27:07.0217 0x1660  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
14:27:07.0221 0x1660  LSI_SAS2 - ok
14:27:07.0233 0x1660  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
14:27:07.0237 0x1660  LSI_SAS3 - ok
14:27:07.0248 0x1660  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
14:27:07.0251 0x1660  LSI_SSS - ok
14:27:07.0288 0x1660  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\WINDOWS\System32\lsm.dll
14:27:07.0321 0x1660  LSM - ok
14:27:07.0337 0x1660  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
14:27:07.0342 0x1660  luafv - ok
14:27:07.0394 0x1660  [ CD51E1D0D638F1E07A6EDC98CD7F5DDA, 360AC29DFE46C96BB41045DE325729397F17912DBAF83D5119EBD2A3A8C9A5FB ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
14:27:07.0398 0x1660  mbamchameleon - ok
14:27:07.0450 0x1660  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
14:27:07.0451 0x1660  MBAMProtector - ok
14:27:07.0513 0x1660  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:27:07.0537 0x1660  MBAMScheduler - ok
14:27:07.0569 0x1660  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:27:07.0599 0x1660  MBAMService - ok
14:27:07.0615 0x1660  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
14:27:07.0618 0x1660  megasas - ok
14:27:07.0650 0x1660  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
14:27:07.0675 0x1660  megasr - ok
14:27:07.0715 0x1660  [ 86614752D2FAE34CCD9E7B2AABA5FBEC, AD5ADDACE7679B6BCCBFA3F3AFA7312B9A4CB2A0E79E199D609D2A8BB20C1723 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
14:27:07.0717 0x1660  MEIx64 - ok
14:27:07.0763 0x1660  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
14:27:07.0766 0x1660  MMCSS - ok
14:27:07.0805 0x1660  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
14:27:07.0807 0x1660  Modem - ok
14:27:07.0823 0x1660  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
14:27:07.0824 0x1660  monitor - ok
14:27:07.0839 0x1660  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
14:27:07.0842 0x1660  mouclass - ok
14:27:07.0857 0x1660  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
14:27:07.0859 0x1660  mouhid - ok
14:27:07.0879 0x1660  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
14:27:07.0883 0x1660  mountmgr - ok
14:27:07.0933 0x1660  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:27:07.0937 0x1660  MozillaMaintenance - ok
14:27:07.0954 0x1660  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
14:27:07.0957 0x1660  mpsdrv - ok
14:27:08.0025 0x1660  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
14:27:08.0066 0x1660  MpsSvc - ok
14:27:08.0088 0x1660  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
14:27:08.0094 0x1660  MRxDAV - ok
14:27:08.0146 0x1660  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:27:08.0158 0x1660  mrxsmb - ok
14:27:08.0193 0x1660  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:27:08.0202 0x1660  mrxsmb10 - ok
14:27:08.0222 0x1660  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:27:08.0229 0x1660  mrxsmb20 - ok
14:27:08.0245 0x1660  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
14:27:08.0249 0x1660  MsBridge - ok
14:27:08.0286 0x1660  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
14:27:08.0292 0x1660  MSDTC - ok
14:27:08.0313 0x1660  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:27:08.0315 0x1660  Msfs - ok
14:27:08.0331 0x1660  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:27:08.0333 0x1660  msgpiowin32 - ok
14:27:08.0346 0x1660  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:27:08.0347 0x1660  mshidkmdf - ok
14:27:08.0354 0x1660  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
14:27:08.0356 0x1660  mshidumdf - ok
14:27:08.0372 0x1660  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
14:27:08.0374 0x1660  msisadrv - ok
14:27:08.0415 0x1660  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
14:27:08.0422 0x1660  MSiSCSI - ok
14:27:08.0426 0x1660  msiserver - ok
14:27:08.0438 0x1660  [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
14:27:08.0442 0x1660  MsKeyboardFilter - ok
14:27:08.0453 0x1660  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:27:08.0455 0x1660  MSKSSRV - ok
14:27:08.0465 0x1660  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
14:27:08.0468 0x1660  MsLldp - ok
14:27:08.0481 0x1660  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:27:08.0482 0x1660  MSPCLOCK - ok
14:27:08.0495 0x1660  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:27:08.0497 0x1660  MSPQM - ok
14:27:08.0545 0x1660  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
14:27:08.0557 0x1660  MsRPC - ok
14:27:08.0591 0x1660  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
14:27:08.0593 0x1660  mssmbios - ok
14:27:08.0614 0x1660  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
14:27:08.0615 0x1660  MSTEE - ok
14:27:08.0629 0x1660  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
14:27:08.0630 0x1660  MTConfig - ok
14:27:08.0646 0x1660  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
14:27:08.0650 0x1660  Mup - ok
14:27:08.0665 0x1660  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
14:27:08.0669 0x1660  mvumis - ok
14:27:08.0719 0x1660  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
14:27:08.0744 0x1660  napagent - ok
14:27:08.0773 0x1660  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:27:08.0798 0x1660  NativeWifiP - ok
14:27:08.0936 0x1660  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
14:27:08.0942 0x1660  NcaSvc - ok
14:27:09.0005 0x1660  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
14:27:09.0011 0x1660  NcbService - ok
14:27:09.0030 0x1660  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
14:27:09.0034 0x1660  NcdAutoSetup - ok
14:27:09.0117 0x1660  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
14:27:09.0170 0x1660  NDIS - ok
14:27:09.0190 0x1660  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
14:27:09.0192 0x1660  NdisCap - ok
14:27:09.0206 0x1660  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
14:27:09.0210 0x1660  NdisImPlatform - ok
14:27:09.0224 0x1660  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:27:09.0226 0x1660  NdisTapi - ok
14:27:09.0238 0x1660  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:27:09.0242 0x1660  Ndisuio - ok
14:27:09.0254 0x1660  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:27:09.0256 0x1660  NdisVirtualBus - ok
14:27:09.0275 0x1660  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:27:09.0282 0x1660  NdisWan - ok
14:27:09.0293 0x1660  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:27:09.0299 0x1660  NdisWanLegacy - ok
14:27:09.0311 0x1660  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
14:27:09.0313 0x1660  NDProxy - ok
14:27:09.0327 0x1660  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
14:27:09.0331 0x1660  Ndu - ok
14:27:09.0341 0x1660  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
14:27:09.0344 0x1660  NetBIOS - ok
14:27:09.0378 0x1660  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:27:09.0388 0x1660  NetBT - ok
14:27:09.0406 0x1660  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:27:09.0408 0x1660  Netlogon - ok
14:27:09.0457 0x1660  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
14:27:09.0469 0x1660  Netman - ok
14:27:09.0501 0x1660  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
14:27:09.0526 0x1660  netprofm - ok
14:27:09.0586 0x1660  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:27:09.0625 0x1660  NetTcpPortSharing - ok
14:27:09.0645 0x1660  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
14:27:09.0648 0x1660  netvsc - ok
14:27:10.0047 0x1660  [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64        C:\WINDOWS\system32\DRIVERS\Netwsw00.sys
14:27:10.0407 0x1660  NETwNs64 - ok
14:27:10.0447 0x1660  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
14:27:10.0460 0x1660  NlaSvc - ok
14:27:10.0474 0x1660  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:27:10.0477 0x1660  Npfs - ok
14:27:10.0514 0x1660  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
14:27:10.0515 0x1660  npsvctrig - ok
14:27:10.0536 0x1660  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
14:27:10.0539 0x1660  nsi - ok
14:27:10.0553 0x1660  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
14:27:10.0556 0x1660  nsiproxy - ok
14:27:10.0634 0x1660  [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:27:10.0709 0x1660  Ntfs - ok
14:27:10.0735 0x1660  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:27:10.0736 0x1660  Null - ok
14:27:11.0181 0x1660  [ 0218E1CE8F7B5D404980192B9112D03A, 30BFBDC8F4BFF9DCAE71940AFD3F3E8CCC71C950F3B4A9717A70FF667F6DDC9E ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
14:27:11.0599 0x1660  nvlddmkm - ok
14:27:11.0730 0x1660  [ 1C7C6D7481CABD4EF38A81F5B68F02E8, C4FBE81B8A3F280EEAC282D76626E849197EDEEC8C755B7B12E3594776390DE7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:27:11.0756 0x1660  NvNetworkService - ok
14:27:11.0775 0x1660  [ 2E334C10BFAB37BDF2A66F6E0D36C061, AD7577E3A348D6A3BE170B507458EF04ABDA898CC5F7CA36D45262437BE20941 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
14:27:11.0777 0x1660  nvpciflt - ok
14:27:11.0794 0x1660  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
14:27:11.0800 0x1660  nvraid - ok
14:27:11.0814 0x1660  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
14:27:11.0822 0x1660  nvstor - ok
14:27:12.0446 0x1660  [ 7A03646D5330A790A9D47D9F9C38758D, D22F100BBB94C45468ADD301CC96C15365FEAEC9FE820AA4E7AB1A7AF486E3B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
14:27:12.0755 0x1660  NvStreamSvc - ok
14:27:12.0951 0x1660  [ B7973C405247C5A44BA46B12A4B7AEEA, DF25E4CB7093EFF528C47A51C68CD1B0A93AE273D078804B7E09E74163753AA8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
14:27:12.0971 0x1660  nvsvc - ok
14:27:13.0010 0x1660  [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
14:27:13.0014 0x1660  nvvad_WaveExtensible - ok
14:27:13.0040 0x1660  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
14:27:13.0047 0x1660  nv_agp - ok
14:27:13.0089 0x1660  [ 2C1686795B9307265F649249AD11D629, 51E4CFA39995B155724CFC9AF45B83F674F300907B2A405F003AE09E7C6F6E1A ] ogtap100        C:\WINDOWS\system32\DRIVERS\ogtap100.sys
14:27:13.0092 0x1660  ogtap100 - ok
14:27:13.0159 0x1660  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:27:13.0168 0x1660  ose64 - ok
14:27:13.0564 0x1660  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:27:13.0667 0x1660  osppsvc - ok
14:27:13.0722 0x1660  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
14:27:13.0746 0x1660  p2pimsvc - ok
14:27:13.0799 0x1660  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
14:27:13.0824 0x1660  p2psvc - ok
14:27:13.0842 0x1660  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
14:27:13.0848 0x1660  Parport - ok
14:27:13.0885 0x1660  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
14:27:13.0888 0x1660  partmgr - ok
14:27:13.0914 0x1660  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
14:27:13.0939 0x1660  PcaSvc - ok
14:27:13.0966 0x1660  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\WINDOWS\system32\drivers\pci.sys
14:27:13.0976 0x1660  pci - ok
14:27:13.0985 0x1660  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
14:27:13.0987 0x1660  pciide - ok
14:27:14.0002 0x1660  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
14:27:14.0006 0x1660  pcmcia - ok
14:27:14.0019 0x1660  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
14:27:14.0022 0x1660  pcw - ok
14:27:14.0061 0x1660  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
14:27:14.0064 0x1660  pdc - ok
14:27:14.0117 0x1660  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
14:27:14.0143 0x1660  PEAUTH - ok
14:27:14.0230 0x1660  [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
14:27:14.0302 0x1660  PeerDistSvc - ok
14:27:14.0400 0x1660  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
14:27:14.0403 0x1660  PerfHost - ok
14:27:14.0525 0x1660  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
14:27:14.0582 0x1660  pla - ok
14:27:14.0624 0x1660  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
14:27:14.0627 0x1660  PlugPlay - ok
14:27:14.0663 0x1660  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
14:27:14.0666 0x1660  PNRPAutoReg - ok
14:27:14.0694 0x1660  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
14:27:14.0701 0x1660  PNRPsvc - ok
14:27:14.0743 0x1660  [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64         C:\WINDOWS\System32\drivers\point64.sys
14:27:14.0745 0x1660  Point64 - ok
14:27:14.0794 0x1660  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
14:27:14.0818 0x1660  PolicyAgent - ok
14:27:14.0836 0x1660  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
14:27:14.0840 0x1660  Power - ok
14:27:14.0960 0x1660  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
14:27:15.0070 0x1660  PrintNotify - ok
14:27:15.0135 0x1660  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
14:27:15.0140 0x1660  Processor - ok
14:27:15.0183 0x1660  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
14:27:15.0191 0x1660  ProfSvc - ok
14:27:15.0237 0x1660  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
14:27:15.0242 0x1660  Psched - ok
14:27:15.0337 0x1660  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
14:27:15.0355 0x1660  QWAVE - ok
14:27:15.0368 0x1660  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
14:27:15.0371 0x1660  QWAVEdrv - ok
14:27:15.0385 0x1660  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:27:15.0387 0x1660  RasAcd - ok
14:27:15.0420 0x1660  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:27:15.0424 0x1660  RasAuto - ok
14:27:15.0455 0x1660  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:27:15.0481 0x1660  RasMan - ok
14:27:15.0501 0x1660  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:27:15.0506 0x1660  RasPppoe - ok
14:27:15.0556 0x1660  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:27:15.0568 0x1660  rdbss - ok
14:27:15.0584 0x1660  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
14:27:15.0586 0x1660  rdpbus - ok
14:27:15.0610 0x1660  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
14:27:15.0616 0x1660  RDPDR - ok
14:27:15.0632 0x1660  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:27:15.0633 0x1660  RdpVideoMiniport - ok
14:27:15.0650 0x1660  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
14:27:15.0659 0x1660  rdyboost - ok
14:27:15.0696 0x1660  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
14:27:15.0747 0x1660  ReFS - ok
14:27:15.0814 0x1660  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:27:15.0837 0x1660  RemoteAccess - ok
14:27:15.0890 0x1660  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:27:15.0897 0x1660  RemoteRegistry - ok
14:27:15.0934 0x1660  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
14:27:15.0937 0x1660  Revoflt - ok
14:27:15.0963 0x1660  [ 02307C86CB24769306B0DFA0C751952E, 637D90161C477995925936E4807B57EA80BE11761B26F5FC1B4B0F3EB52FBA87 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
14:27:15.0972 0x1660  RFCOMM - ok
14:27:16.0008 0x1660  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
14:27:16.0014 0x1660  RpcEptMapper - ok
14:27:16.0055 0x1660  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:27:16.0058 0x1660  RpcLocator - ok
14:27:16.0105 0x1660  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:27:16.0128 0x1660  RpcSs - ok
14:27:16.0206 0x1660  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
14:27:16.0265 0x1660  rspndr - ok
14:27:16.0282 0x1660  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
14:27:16.0285 0x1660  s3cap - ok
14:27:16.0329 0x1660  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:27:16.0332 0x1660  SamSs - ok
14:27:16.0526 0x1660  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
14:27:16.0530 0x1660  SASDIFSV - ok
14:27:16.0619 0x1660  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS
14:27:16.0622 0x1660  SASKUTIL - ok
14:27:16.0672 0x1660  [ E20128053F3F4641A2627ECFA7149ECA, CE5620BC170E76E53FEDCCEE12BBFBEE7C67B96E53E5D9C63FA7773C36699DC6 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
14:27:16.0678 0x1660  SbieDrv - ok
14:27:16.0691 0x1660  [ 0FA1025D7AC725EEA5EA3076965EEA6B, 80AFCFD77BCE07F34C1276F5F416A156ABB9FEDC2AAF7AE68CEA500A4468D125 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
14:27:16.0698 0x1660  SbieSvc - ok
14:27:16.0740 0x1660  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
14:27:16.0744 0x1660  sbp2port - ok
14:27:16.0788 0x1660  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
14:27:16.0795 0x1660  SCardSvr - ok
14:27:16.0812 0x1660  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
14:27:16.0817 0x1660  ScDeviceEnum - ok
14:27:16.0852 0x1660  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:27:16.0855 0x1660  scfilter - ok
14:27:16.0968 0x1660  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:27:17.0035 0x1660  Schedule - ok
14:27:17.0094 0x1660  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
14:27:17.0098 0x1660  SCPolicySvc - ok
14:27:17.0123 0x1660  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
14:27:17.0132 0x1660  sdbus - ok
14:27:17.0149 0x1660  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
14:27:17.0153 0x1660  sdstor - ok
14:27:17.0171 0x1660  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
14:27:17.0173 0x1660  secdrv - ok
14:27:17.0187 0x1660  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
14:27:17.0189 0x1660  seclogon - ok
14:27:17.0208 0x1660  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
14:27:17.0213 0x1660  SENS - ok
14:27:17.0231 0x1660  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
14:27:17.0239 0x1660  SensrSvc - ok
14:27:17.0276 0x1660  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
14:27:17.0279 0x1660  SerCx - ok
14:27:17.0326 0x1660  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
14:27:17.0332 0x1660  SerCx2 - ok
14:27:17.0349 0x1660  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
14:27:17.0351 0x1660  Serenum - ok
14:27:17.0368 0x1660  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
14:27:17.0372 0x1660  Serial - ok
14:27:17.0380 0x1660  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
14:27:17.0381 0x1660  sermouse - ok
14:27:17.0416 0x1660  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
14:27:17.0427 0x1660  SessionEnv - ok
14:27:17.0444 0x1660  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
14:27:17.0446 0x1660  sfloppy - ok
14:27:17.0511 0x1660  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:27:17.0534 0x1660  SharedAccess - ok
14:27:17.0601 0x1660  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:27:17.0630 0x1660  ShellHWDetection - ok
14:27:17.0644 0x1660  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:27:17.0647 0x1660  SiSRaid2 - ok
14:27:17.0665 0x1660  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
14:27:17.0669 0x1660  SiSRaid4 - ok
14:27:17.0708 0x1660  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:27:17.0713 0x1660  SkypeUpdate - ok
14:27:17.0752 0x1660  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
14:27:17.0755 0x1660  smphost - ok
14:27:17.0800 0x1660  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
14:27:17.0803 0x1660  SNMPTRAP - ok
14:27:17.0830 0x1660  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
14:27:17.0843 0x1660  spaceport - ok
14:27:17.0864 0x1660  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
14:27:17.0867 0x1660  SpbCx - ok
14:27:17.0908 0x1660  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
14:27:17.0923 0x1660  Spooler - ok
14:27:18.0266 0x1660  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
14:27:18.0547 0x1660  sppsvc - ok
14:27:18.0624 0x1660  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:27:18.0650 0x1660  srv - ok
14:27:18.0704 0x1660  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
14:27:18.0736 0x1660  srv2 - ok
14:27:18.0762 0x1660  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:27:18.0770 0x1660  srvnet - ok
14:27:18.0812 0x1660  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:27:18.0820 0x1660  SSDPSRV - ok
14:27:18.0863 0x1660  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
14:27:18.0871 0x1660  SstpSvc - ok
14:27:18.0883 0x1660  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
14:27:18.0885 0x1660  stexstor - ok
14:27:18.0947 0x1660  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
14:27:18.0976 0x1660  stisvc - ok
14:27:18.0995 0x1660  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
14:27:18.0999 0x1660  storahci - ok
14:27:19.0016 0x1660  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
14:27:19.0019 0x1660  storflt - ok
14:27:19.0040 0x1660  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
14:27:19.0043 0x1660  stornvme - ok
14:27:19.0060 0x1660  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
14:27:19.0063 0x1660  StorSvc - ok
14:27:19.0075 0x1660  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
14:27:19.0078 0x1660  storvsc - ok
14:27:19.0094 0x1660  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
14:27:19.0097 0x1660  storvsp - ok
14:27:19.0110 0x1660  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
14:27:19.0112 0x1660  svsvc - ok
14:27:19.0129 0x1660  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
14:27:19.0131 0x1660  swenum - ok
14:27:19.0188 0x1660  [ 99453C649DC4B0BE6D062B701CD2917F, 6E136BBF46E2E07635BEDC307A7F2E7C653DB45C055419DAB4878BF657B82058 ] swprv           C:\WINDOWS\System32\swprv.dll
14:27:19.0249 0x1660  swprv - ok
14:27:19.0341 0x1660  [ 157DFCD1E83E964A5074742AE2DFA0C1, D6F4567F42402938F54A1E482BAE3B02E1BD5AF3788835A63829A3652E5DDA67 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:27:19.0360 0x1660  SynTP - ok
14:27:19.0426 0x1660  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\WINDOWS\system32\sysmain.dll
14:27:19.0529 0x1660  SysMain - ok
14:27:19.0593 0x1660  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:27:19.0615 0x1660  SystemEventsBroker - ok
14:27:19.0679 0x1660  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:27:19.0685 0x1660  TabletInputService - ok
14:27:19.0718 0x1660  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
14:27:19.0721 0x1660  tap0901 - ok
14:27:19.0746 0x1660  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:27:19.0755 0x1660  TapiSrv - ok
14:27:19.0786 0x1660  [ 927D0CDB3F96EFC1E98FB1A2C9FB67AD, 58F14DAA0EA21EA2F2A1D3D62C88BD8E5A0E0EF498B7B8D367BEEADE6A46843C ] tapoas          C:\WINDOWS\system32\DRIVERS\tapoas.sys
14:27:19.0788 0x1660  tapoas - ok
14:27:20.0215 0x1660  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
14:27:20.0328 0x1660  Tcpip - ok
14:27:20.0594 0x1660  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:27:20.0639 0x1660  TCPIP6 - ok
14:27:20.0674 0x1660  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
14:27:20.0677 0x1660  tcpipreg - ok
14:27:20.0716 0x1660  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
14:27:20.0720 0x1660  tdx - ok
14:27:20.0942 0x1660  [ 2B29FD3AF7B4FEB272CD1F6EEC8FE4BA, 2E3E775218F1A9DCD977C7D42D0AADDA83A76DCBF65FB25E0F0215ABE3D55C5B ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
14:27:21.0059 0x1660  TeamViewer9 - ok
14:27:21.0099 0x1660  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
14:27:21.0102 0x1660  terminpt - ok
14:27:21.0156 0x1660  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
14:27:21.0230 0x1660  TermService - ok
14:27:21.0274 0x1660  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
14:27:21.0279 0x1660  Themes - ok
14:27:21.0319 0x1660  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
14:27:21.0323 0x1660  THREADORDER - ok
14:27:21.0343 0x1660  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
14:27:21.0354 0x1660  TimeBroker - ok
14:27:21.0387 0x1660  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
14:27:21.0394 0x1660  TPM - ok
14:27:21.0416 0x1660  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
14:27:21.0423 0x1660  TrkWks - ok
14:27:21.0471 0x1660  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\WINDOWS\system32\drivers\truecrypt.sys
14:27:21.0479 0x1660  truecrypt - ok
14:27:21.0563 0x1660  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:27:21.0565 0x1660  TrustedInstaller - ok
14:27:21.0590 0x1660  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
14:27:21.0597 0x1660  TsUsbFlt - ok
14:27:21.0616 0x1660  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:27:21.0618 0x1660  TsUsbGD - ok
14:27:21.0636 0x1660  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
14:27:21.0642 0x1660  tunnel - ok
14:27:21.0679 0x1660  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
14:27:21.0682 0x1660  uagp35 - ok
14:27:21.0702 0x1660  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
14:27:21.0706 0x1660  UASPStor - ok
14:27:21.0775 0x1660  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
14:27:21.0781 0x1660  UCX01000 - ok
14:27:21.0808 0x1660  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
14:27:21.0819 0x1660  udfs - ok
14:27:21.0833 0x1660  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
14:27:21.0835 0x1660  UEFI - ok
14:27:21.0878 0x1660  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
14:27:21.0882 0x1660  UI0Detect - ok
14:27:21.0894 0x1660  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
14:27:21.0897 0x1660  uliagpkx - ok
14:27:21.0917 0x1660  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
14:27:21.0920 0x1660  umbus - ok
14:27:21.0934 0x1660  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
14:27:21.0936 0x1660  UmPass - ok
14:27:21.0981 0x1660  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
14:27:21.0992 0x1660  UmRdpService - ok
14:27:22.0034 0x1660  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
14:27:22.0035 0x1660  UnlockerDriver5 - ok
14:27:22.0197 0x1660  [ 30B67FBC4D170B1FB2AED6784FAE4AB4, 6271ACE0DA674FC4AE595BA1D67B5E1304DFB1EEEE616A5072DE49071B946265 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:27:22.0314 0x1660  UNS - ok
14:27:22.0366 0x1660  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:27:22.0388 0x1660  upnphost - ok
14:27:22.0425 0x1660  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
14:27:22.0429 0x1660  usbaudio - ok
14:27:22.0471 0x1660  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
14:27:22.0477 0x1660  usbccgp - ok
14:27:22.0518 0x1660  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
14:27:22.0522 0x1660  usbcir - ok
14:27:22.0540 0x1660  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
14:27:22.0545 0x1660  usbehci - ok
14:27:22.0574 0x1660  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
14:27:22.0598 0x1660  usbhub - ok
14:27:22.0632 0x1660  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
14:27:22.0658 0x1660  USBHUB3 - ok
14:27:22.0671 0x1660  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
14:27:22.0674 0x1660  usbohci - ok
14:27:22.0687 0x1660  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
14:27:22.0690 0x1660  usbprint - ok
14:27:22.0734 0x1660  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:27:22.0741 0x1660  USBSTOR - ok
14:27:22.0754 0x1660  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
14:27:22.0757 0x1660  usbuhci - ok
14:27:22.0778 0x1660  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
14:27:22.0786 0x1660  usbvideo - ok
14:27:22.0810 0x1660  [ D22EB844EB57D016CC34178AC86456DF, C83440A44EA9CC3D1041AB966FFC423DD17FB25B42BA41BB36C109D16723BD5E ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:27:22.0821 0x1660  USBXHCI - ok
14:27:22.0855 0x1660  [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
14:27:22.0857 0x1660  usb_rndisx - ok
14:27:22.0879 0x1660  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
14:27:22.0881 0x1660  VaultSvc - ok
14:27:22.0903 0x1660  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
14:27:22.0905 0x1660  vdrvroot - ok
14:27:22.0976 0x1660  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\WINDOWS\System32\vds.exe
14:27:23.0036 0x1660  vds - ok
14:27:23.0065 0x1660  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
14:27:23.0072 0x1660  VerifierExt - ok
14:27:23.0103 0x1660  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
14:27:23.0128 0x1660  vhdmp - ok
14:27:23.0141 0x1660  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
14:27:23.0143 0x1660  viaide - ok
14:27:23.0172 0x1660  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
14:27:23.0179 0x1660  Vid - ok
14:27:23.0262 0x1660  [ 549CD7035F5CF5CEE4DE11539C9715F4, 6FED4D5161420890A92C3B811B4CBD18A1A106D5F5E674166E538E65A1C68E04 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
14:27:23.0268 0x1660  VMAuthdService - ok
14:27:23.0294 0x1660  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
14:27:23.0301 0x1660  vmbus - ok
14:27:23.0320 0x1660  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
14:27:23.0323 0x1660  VMBusHID - ok
14:27:23.0348 0x1660  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
14:27:23.0355 0x1660  vmbusr - ok
14:27:23.0372 0x1660  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\WINDOWS\system32\drivers\vmci.sys
14:27:23.0377 0x1660  vmci - ok
14:27:23.0439 0x1660  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
14:27:23.0538 0x1660  vmicguestinterface - ok
14:27:23.0563 0x1660  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
14:27:23.0573 0x1660  vmicheartbeat - ok
14:27:23.0624 0x1660  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
14:27:23.0634 0x1660  vmickvpexchange - ok
14:27:23.0675 0x1660  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
14:27:23.0684 0x1660  vmicrdv - ok
14:27:23.0713 0x1660  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
14:27:23.0723 0x1660  vmicshutdown - ok
14:27:23.0741 0x1660  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
14:27:23.0751 0x1660  vmictimesync - ok
14:27:23.0768 0x1660  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
14:27:23.0777 0x1660  vmicvss - ok
14:27:23.0827 0x1660  [ CCB2A61113D093B9B5CCCF1D60D65E7A, 4459DD26ACF1B7675016B16BA02814E2A35FE862DEDA31AC7110CE2C2E3947AA ] vmkbd           C:\WINDOWS\system32\drivers\VMkbd.sys
14:27:23.0829 0x1660  vmkbd - ok
14:27:23.0863 0x1660  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
14:27:23.0866 0x1660  VMnetAdapter - ok
14:27:23.0877 0x1660  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
14:27:23.0880 0x1660  VMnetBridge - ok
14:27:23.0883 0x1660  VMnetDHCP - ok
14:27:23.0922 0x1660  [ 668C12E04D5AB4981864B12494AF907F, 20D94E5E060EB04558B39B33A81C989D7F9DB52C7378FECF9D430F1DC385E4E0 ] VMnetuserif     C:\WINDOWS\system32\drivers\vmnetuserif.sys
14:27:23.0924 0x1660  VMnetuserif - ok
14:27:24.0085 0x1660  [ 093B967896BA9EF2ADFCD75E185B9DA9, 3D6F5FF56311D4B506D02F77620B80EDB54E6E560BDF53AC9F3CDBB037D0ACA0 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
14:27:24.0104 0x1660  VMUSBArbService - ok
14:27:24.0111 0x1660  VMware NAT Service - ok
14:27:24.0126 0x1660  [ EBAC38A198308359FD89C10704265E5E, 7C234FE34D6A65D754F8B2EA0458365997CF97B88779B01551E5227910943224 ] vmx86           C:\WINDOWS\system32\drivers\vmx86.sys
14:27:24.0129 0x1660  vmx86 - ok
14:27:24.0168 0x1660  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
14:27:24.0172 0x1660  volmgr - ok
14:27:24.0202 0x1660  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
14:27:24.0223 0x1660  volmgrx - ok
14:27:24.0269 0x1660  [ C85C075DE5B6D0FE116043054DE8EE02, 8BB01DA3D63562F51BCCB5CC996F99A5CB0A8F89900045BBCF4115FD521A9706 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
14:27:24.0278 0x1660  volsnap - ok
14:27:24.0315 0x1660  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
14:27:24.0319 0x1660  vpci - ok
14:27:24.0333 0x1660  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
14:27:24.0336 0x1660  vpcivsp - ok
14:27:24.0358 0x1660  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
14:27:24.0364 0x1660  vsmraid - ok
14:27:24.0390 0x1660  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\WINDOWS\system32\drivers\vsock.sys
14:27:24.0394 0x1660  vsock - ok
14:27:24.0499 0x1660  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\WINDOWS\system32\vssvc.exe
14:27:24.0526 0x1660  VSS - ok
14:27:24.0559 0x1660  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
14:27:24.0568 0x1660  VSTXRAID - ok
14:27:24.0589 0x1660  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
14:27:24.0591 0x1660  vwifibus - ok
14:27:24.0613 0x1660  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
14:27:24.0616 0x1660  vwififlt - ok
14:27:24.0671 0x1660  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
14:27:24.0697 0x1660  W32Time - ok
14:27:24.0710 0x1660  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
14:27:24.0712 0x1660  WacomPen - ok
14:27:24.0775 0x1660  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\WINDOWS\system32\wbengine.exe
14:27:24.0833 0x1660  wbengine - ok
14:27:24.0930 0x1660  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
14:27:24.0960 0x1660  WbioSrvc - ok
14:27:24.0997 0x1660  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
14:27:25.0064 0x1660  Wcmsvc - ok
14:27:25.0092 0x1660  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
14:27:25.0117 0x1660  wcncsvc - ok
14:27:25.0128 0x1660  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
14:27:25.0132 0x1660  WcsPlugInService - ok
14:27:25.0163 0x1660  [ 241895E8A9C158DF86E12FDD21033A32, 46D4BF6319271AC33EC1C7283053B91D38A3D5443F3F749E640253FDC2819679 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
14:27:25.0167 0x1660  WdBoot - ok
14:27:25.0402 0x1660  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
14:27:25.0433 0x1660  Wdf01000 - ok
14:27:25.0458 0x1660  [ C52148456E0F6EAD9E903020A79207FC, 7DEB2D7D09FB005A79E88FA8766B7EBE0396F0CA084D72269156874C727FBFF4 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
14:27:25.0467 0x1660  WdFilter - ok
14:27:25.0486 0x1660  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
14:27:25.0492 0x1660  WdiServiceHost - ok
14:27:25.0498 0x1660  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
14:27:25.0502 0x1660  WdiSystemHost - ok
14:27:25.0558 0x1660  [ 57F22324FAAF92ADF957B281E88F1743, 46CFBA6529E28756D73A00A211C3D72E9854E035EE6F2520066E074697A9745E ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:27:25.0563 0x1660  WdNisDrv - ok
14:27:25.0599 0x1660  WdNisSvc - ok
14:27:25.0617 0x1660  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:27:25.0625 0x1660  WebClient - ok
14:27:25.0640 0x1660  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
14:27:25.0648 0x1660  Wecsvc - ok
14:27:25.0663 0x1660  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
14:27:25.0666 0x1660  WEPHOSTSVC - ok
14:27:25.0684 0x1660  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
14:27:25.0689 0x1660  wercplsupport - ok
14:27:25.0705 0x1660  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
14:27:25.0711 0x1660  WerSvc - ok
14:27:25.0750 0x1660  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
14:27:25.0755 0x1660  WFPLWFS - ok
14:27:25.0772 0x1660  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
14:27:25.0776 0x1660  WiaRpc - ok
14:27:25.0818 0x1660  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
14:27:25.0820 0x1660  WIMMount - ok
14:27:25.0823 0x1660  WinDefend - ok
14:27:25.0900 0x1660  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:27:25.0932 0x1660  WinHttpAutoProxySvc - ok
14:27:25.0988 0x1660  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:27:25.0996 0x1660  Winmgmt - ok
14:27:26.0109 0x1660  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
14:27:26.0192 0x1660  WinRM - ok
14:27:26.0248 0x1660  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
14:27:26.0252 0x1660  WinUsb - ok
14:27:26.0328 0x1660  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
14:27:26.0379 0x1660  WlanSvc - ok
14:27:26.0475 0x1660  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
14:27:26.0536 0x1660  wlidsvc - ok
14:27:26.0557 0x1660  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
14:27:26.0558 0x1660  WmiAcpi - ok
14:27:26.0582 0x1660  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:27:26.0589 0x1660  wmiApSrv - ok
14:27:26.0622 0x1660  WMPNetworkSvc - ok
14:27:26.0719 0x1660  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
14:27:26.0778 0x1660  workfolderssvc - ok
14:27:26.0793 0x1660  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
14:27:26.0795 0x1660  wpcfltr - ok
14:27:26.0803 0x1660  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
14:27:26.0807 0x1660  WPCSvc - ok
14:27:26.0818 0x1660  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
14:27:26.0824 0x1660  WPDBusEnum - ok
14:27:26.0836 0x1660  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:27:26.0838 0x1660  WpdUpFltr - ok
14:27:26.0853 0x1660  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:27:26.0855 0x1660  ws2ifsl - ok
14:27:26.0878 0x1660  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
14:27:26.0884 0x1660  wscsvc - ok
14:27:26.0888 0x1660  WSearch - ok
14:27:27.0034 0x1660  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\WINDOWS\System32\WSService.dll
14:27:27.0173 0x1660  WSService - ok
14:27:27.0462 0x1660  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
14:27:27.0612 0x1660  wuauserv - ok
14:27:27.0630 0x1660  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
14:27:27.0637 0x1660  WudfPf - ok
14:27:27.0662 0x1660  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
14:27:27.0669 0x1660  WUDFRd - ok
14:27:27.0679 0x1660  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
14:27:27.0683 0x1660  WUDFSensorLP - ok
14:27:27.0726 0x1660  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
14:27:27.0731 0x1660  wudfsvc - ok
14:27:27.0742 0x1660  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:27:27.0747 0x1660  WUDFWpdFs - ok
14:27:27.0757 0x1660  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:27:27.0761 0x1660  WUDFWpdMtp - ok
14:27:27.0789 0x1660  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
14:27:27.0814 0x1660  WwanSvc - ok
14:27:27.0836 0x1660  ================ Scan global ===============================
14:27:27.0879 0x1660  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
14:27:27.0921 0x1660  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
14:27:27.0964 0x1660  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
14:27:27.0991 0x1660  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
14:27:28.0014 0x1660  [ Global ] - ok
14:27:28.0014 0x1660  ================ Scan MBR ==================================
14:27:28.0044 0x1660  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:27:28.0863 0x1660  \Device\Harddisk0\DR0 - ok
14:27:28.0863 0x1660  ================ Scan VBR ==================================
14:27:28.0893 0x1660  [ 02E29922B7551CDAC6A560C6A0A4ADC8 ] \Device\Harddisk0\DR0\Partition1
14:27:28.0908 0x1660  \Device\Harddisk0\DR0\Partition1 - ok
14:27:28.0911 0x1660  [ 4D8BA61C0D98891B237CAACF297DB363 ] \Device\Harddisk0\DR0\Partition2
14:27:28.0913 0x1660  \Device\Harddisk0\DR0\Partition2 - ok
14:27:28.0916 0x1660  [ 9A49549D95676BA1066660D7A230D3A8 ] \Device\Harddisk0\DR0\Partition3
14:27:28.0918 0x1660  \Device\Harddisk0\DR0\Partition3 - ok
14:27:28.0918 0x1660  Waiting for KSN requests completion. In queue: 99
14:27:29.0920 0x1660  Waiting for KSN requests completion. In queue: 99
14:27:30.0920 0x1660  Waiting for KSN requests completion. In queue: 99
14:27:31.0962 0x1660  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x61100 ( enabled : updated )
14:27:31.0976 0x1660  Win FW state via NFP2: enabled
14:27:34.0982 0x1660  ============================================================
14:27:34.0982 0x1660  Scan finished
14:27:34.0982 0x1660  ============================================================
14:27:34.0989 0x1658  Detected object count: 0
14:27:34.0989 0x1658  Actual detected object count: 0

Edited by bilge6, 26 March 2014 - 03:42 PM.


#4 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 26 March 2014 - 06:11 PM

Here is the FRST log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by David (administrator) on DAVID on 26-03-2014 14:18:00
Running from C:\Users\David\Desktop
Windows 8.1 Pro (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(SUPERAntiSpyware.com) C:\Program Files (x86)\SUPERAntiSpyware\SASCORE.EXE
(Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Flux Software LLC) C:\Users\David\AppData\Local\FluxSoftware\Flux\flux.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Google Inc.) C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Gomez\GomezPEER\bin\GomezPEER.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Gomez\GomezPEER\jre\bin\java.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Gomez\GomezPEER\agents\gozilla\runtime\gozilla.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9770432 2013-10-20] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5940128 2013-10-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1688133475-1051021439-1101079046-1001\...\Run: [f.lux] - C:\Users\David\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-15] (Flux Software LLC)
HKU\S-1-5-21-1688133475-1051021439-1101079046-1001\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1688133475-1051021439-1101079046-1001\...\Run: [Spotify Web Helper] - C:\Users\David\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-06] (Spotify Ltd)
HKU\S-1-5-21-1688133475-1051021439-1101079046-1001\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4277896 2013-12-23] (Plex, Inc.)
HKU\S-1-5-21-1688133475-1051021439-1101079046-1001\...\Run: [Google Update] - C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-14] (Google Inc.)
HKU\S-1-5-21-1688133475-1051021439-1101079046-1001\...\Run: [MusicManager] - C:\Users\David\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7382528 2014-03-03] (Google Inc.)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Open Garden.lnk
ShortcutTarget: Open Garden.lnk -> C:\Users\David\AppData\Roaming\Open Garden\OpenGarden.exe (Open Garden)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1B4C887151CCCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6A8AD702-6E13-41AB-AF20-47CBCE15F9FC}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\b52ci4bb.default
FF user.js: detected! => C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\b52ci4bb.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\David\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\David\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Lightbeam - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\b52ci4bb.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-10-27]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Data Compression Proxy) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfiodhbiellfpcjjedhmmmpeeaebmep [2014-02-26]
CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-18]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-18]
CHR Extension: (Cloud To Butt Plus) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apmlngnhgbnjpajelfkmabhkfapgnoai [2013-12-08]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-18]
CHR Extension: (Adblock Plus) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-18]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-18]
CHR Extension: (Tampermonkey) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-03-16]
CHR Extension: (Proxy SwitchySharp) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2014-01-10]
CHR Extension: (HTTPS Everywhere) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2013-12-25]
CHR Extension: (Screenwise Trends Panel) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmieefkpoaagiboijfjhidningfpomge [2014-02-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-10-18]
CHR Extension: (Social Fixer for Facebook) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2014-03-16]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2013-10-18]
CHR Extension: (MEGA) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpgogfgfingilcbkpahnggpfdabapnol [2014-01-02]
CHR Extension: (Synapster – Earn Money not Rewards or Deals) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmdjonplbjmaagikkcjilgofmfgoofl [2014-02-02]
CHR Extension: (User-Agent Switcher) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmofgnohbedopheiphabfhfjgkhfcgf [2013-10-18]
CHR Extension: (Qmee) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde [2013-10-18]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-10-18]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2013-10-18]
CHR Extension: (NeoBux AdAlert) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaepeijninfcgjdnighjnlgdkkgpnaen [2014-01-16]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-18]
CHR Extension: (GrammarBase - Web Grammar Checker) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\plklmneddckmpnnkjldofmaegchjmoea [2014-01-13]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files (x86)\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2253016 2013-10-02] (Broadcom Corporation.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-02] (Broadcom Corporation.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [32512 2014-03-17] ()
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-29] (Microsoft Corporation)
S4 LMIRfsClientNP; No ImagePath
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [91352 2014-03-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 ogtap100; C:\Windows\system32\DRIVERS\ogtap100.sys [36736 2013-11-19] (The OpenVPN Project)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S1 SASDIFSV; C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-26 14:18 - 2014-03-26 14:18 - 00019597 _____ () C:\Users\David\Desktop\FRST.txt
2014-03-26 13:19 - 2014-03-26 14:18 - 00000000 ____D () C:\FRST
2014-03-26 13:18 - 2014-03-26 13:18 - 02157056 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-03-25 21:56 - 2014-03-25 21:57 - 00000000 ____D () C:\Users\David\AppData\Roaming\DVDVideoSoft
2014-03-25 21:56 - 2014-03-25 21:56 - 19618896 _____ (DVDVideoSoft Ltd. ) C:\Users\David\Desktop\FreeVideoCallRecorderForSkype.exe
2014-03-25 21:56 - 2014-03-25 21:56 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-03-25 18:03 - 2014-03-25 18:03 - 00010624 _____ () C:\Users\David\Desktop\hijackthis.log
2014-03-25 16:49 - 2014-03-25 19:52 - 00000000 ____D () C:\Program Files\trend micro
2014-03-25 16:49 - 2014-03-25 16:49 - 00000000 ____D () C:\rsit
2014-03-25 16:36 - 2014-03-25 16:36 - 00000000 ___HD () C:\$SysReset
2014-03-24 19:07 - 2014-03-26 13:24 - 00000000 ___RD () C:\Users\David\SkyDrive
2014-03-22 23:41 - 2014-03-24 19:07 - 00000000 ___RD () C:\Users\David\SkyDrive (7).old
2014-03-22 23:33 - 2014-03-22 23:41 - 00000000 ___RD () C:\Users\David\SkyDrive (6).old
2014-03-22 22:55 - 2014-02-22 07:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-22 22:55 - 2014-02-22 06:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-20 19:38 - 2014-01-07 20:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-20 19:38 - 2014-01-07 20:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-20 19:38 - 2014-01-07 20:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-20 19:38 - 2014-01-04 10:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-20 19:38 - 2014-01-04 10:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-20 19:38 - 2014-01-04 09:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-20 19:38 - 2014-01-04 08:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-20 19:38 - 2014-01-02 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-20 19:38 - 2014-01-02 18:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-20 19:38 - 2013-12-31 20:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-20 19:38 - 2013-12-31 20:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-20 19:38 - 2013-12-31 19:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-20 19:38 - 2013-12-31 19:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-20 19:38 - 2013-12-31 18:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-20 19:38 - 2013-12-31 18:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-20 19:38 - 2013-12-31 18:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-20 19:38 - 2013-12-30 18:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-20 19:38 - 2013-12-30 18:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-20 19:38 - 2013-12-30 18:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-20 19:38 - 2013-12-30 18:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-20 19:38 - 2013-12-30 18:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-20 19:38 - 2013-12-27 10:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-20 19:38 - 2013-12-27 03:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-20 19:38 - 2013-12-27 03:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-20 19:38 - 2013-12-27 03:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-20 19:38 - 2013-12-27 02:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-20 19:38 - 2013-12-27 02:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-20 19:38 - 2013-12-27 01:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-20 19:38 - 2013-12-21 02:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-20 19:38 - 2013-12-17 02:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-20 19:38 - 2013-12-14 01:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-20 19:38 - 2013-12-14 01:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-20 19:38 - 2013-12-13 05:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-20 19:38 - 2013-12-13 02:24 - 00121088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2014-03-20 19:38 - 2013-12-13 01:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-20 19:38 - 2013-12-13 00:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-20 19:38 - 2013-12-09 03:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-20 19:38 - 2013-12-08 23:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-18 10:27 - 2014-03-18 10:27 - 00000000 ____D () C:\WINDOWS\pss
2014-03-18 08:36 - 2014-03-18 08:36 - 00281400 _____ () C:\WINDOWS\Minidump\031814-19031-01.dmp
2014-03-17 23:59 - 2014-03-17 23:59 - 00281336 _____ () C:\WINDOWS\Minidump\031714-20734-01.dmp
2014-03-17 23:43 - 2014-03-17 23:43 - 00000000 ____D () C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com
2014-03-17 23:43 - 2014-03-17 23:43 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-17 23:43 - 2014-03-17 23:43 - 00000000 ____D () C:\Program Files (x86)\SUPERAntiSpyware
2014-03-17 22:42 - 2014-03-17 22:42 - 00032512 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2014-03-17 20:31 - 2014-03-17 20:31 - 00001050 _____ () C:\WINDOWS\system32\.crusader
2014-03-17 20:06 - 2014-03-17 20:31 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-17 18:25 - 2014-03-18 09:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-17 18:25 - 2014-03-18 00:19 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-17 10:46 - 2014-03-17 10:46 - 01950720 _____ () C:\Users\David\Downloads\11A9.tmp
2014-03-17 10:40 - 2014-03-01 01:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-17 10:40 - 2014-02-28 23:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-17 10:40 - 2014-02-28 23:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-17 10:40 - 2014-02-28 23:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-17 10:40 - 2014-02-28 22:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-17 10:40 - 2014-02-28 22:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-17 10:40 - 2014-02-28 22:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-17 10:40 - 2014-02-28 22:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-17 10:40 - 2014-02-28 22:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-17 10:40 - 2014-02-28 22:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-17 10:40 - 2014-02-28 22:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-17 10:40 - 2014-02-28 21:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-17 10:40 - 2014-02-28 21:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-17 10:40 - 2014-02-28 21:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-17 10:40 - 2014-02-28 21:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-17 10:40 - 2014-02-28 21:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-17 10:40 - 2014-02-28 21:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-17 10:40 - 2013-12-20 05:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-17 10:40 - 2013-12-20 05:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-17 04:25 - 2014-01-31 11:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-17 04:25 - 2014-01-31 11:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-17 04:25 - 2014-01-31 11:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-17 04:25 - 2014-01-31 08:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-17 04:25 - 2014-01-31 04:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-17 04:25 - 2014-01-29 04:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-17 04:25 - 2014-01-29 03:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-17 04:25 - 2014-01-29 03:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-17 04:25 - 2014-01-29 03:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-17 04:25 - 2014-01-29 03:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-17 04:25 - 2014-01-29 02:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-17 04:25 - 2014-01-29 02:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-17 04:25 - 2014-01-29 02:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-17 04:25 - 2014-01-29 01:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-17 04:25 - 2014-01-28 19:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-17 04:25 - 2014-01-27 14:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-17 04:25 - 2014-01-27 14:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-17 04:25 - 2014-01-27 14:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-17 04:25 - 2014-01-27 13:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-17 04:25 - 2014-01-27 13:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-17 04:25 - 2014-01-27 13:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-17 04:25 - 2014-01-27 13:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-17 04:25 - 2014-01-27 13:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-17 04:25 - 2014-01-27 12:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-17 04:25 - 2014-01-27 12:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-17 04:25 - 2014-01-27 12:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-17 04:25 - 2014-01-27 10:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-17 04:25 - 2014-01-27 10:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-17 04:25 - 2014-01-27 06:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-17 04:25 - 2014-01-17 18:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-17 04:25 - 2014-01-17 16:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-17 04:25 - 2013-12-21 09:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-17 04:25 - 2013-12-21 03:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-17 04:24 - 2014-02-10 22:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-17 04:24 - 2014-02-10 21:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-17 04:24 - 2014-02-10 21:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-17 04:24 - 2013-10-30 19:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-17 04:24 - 2013-10-30 19:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-17 04:24 - 2013-10-30 19:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-16 22:09 - 2014-03-18 08:36 - 440343642 _____ () C:\WINDOWS\MEMORY.DMP
2014-03-16 22:09 - 2014-03-16 22:09 - 00291056 _____ () C:\WINDOWS\Minidump\031614-21921-01.dmp
2014-03-16 19:09 - 2014-03-22 22:43 - 00000000 __RDO () C:\Users\David\SkyDrive (5).old
2014-03-11 12:51 - 2014-03-16 19:09 - 00000000 ___RD () C:\Users\David\SkyDrive (4).old
2014-03-04 22:16 - 2014-03-26 13:42 - 00000000 ____D () C:\Users\David\Desktop\Saving Private Ryan (1998)
2014-03-04 22:05 - 2014-03-04 22:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-03-04 22:04 - 2014-03-04 22:04 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2014-03-04 19:09 - 2014-03-04 19:09 - 00024287 _____ () C:\JavaRa.log
2014-03-04 19:07 - 2014-03-04 19:07 - 00160350 _____ () C:\Users\David\Desktop\JavaRa.zip
2014-03-02 13:38 - 2014-03-11 12:51 - 00000000 __RDO () C:\Users\David\SkyDrive (3).old
2014-03-02 13:20 - 2014-03-02 13:20 - 00000196 _____ () C:\WINDOWS\DirectX.log
2014-03-02 13:20 - 2014-03-02 13:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-03-02 13:20 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-03-02 13:20 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-03-02 13:20 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-03-02 13:20 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-03-02 13:20 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-03-02 13:20 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-03-02 13:20 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2014-03-02 13:20 - 2006-11-29 14:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2014-03-02 13:19 - 2014-03-02 13:19 - 00000000 ____D () C:\Users\David\AppData\Local\Windows Live
2014-03-02 13:04 - 2014-03-02 13:04 - 00001240 _____ () C:\Users\David\Desktop\Free Video to GIF Converter.lnk
2014-03-02 13:04 - 2014-03-02 13:04 - 00000000 ____D () C:\Program Files (x86)\Free Video to GIF Converter
2014-03-02 12:41 - 2014-03-02 12:41 - 00000000 ____D () C:\Users\David\.instagiffer
2014-03-02 12:40 - 2014-03-02 12:40 - 00000000 ____D () C:\Program Files (x86)\Instagiffer
2014-02-28 19:16 - 2014-02-28 19:16 - 00000000 ____D () C:\Users\David\Documents\Virtual Machines
2014-02-28 19:12 - 2014-03-22 23:08 - 00000000 ____D () C:\ProgramData\Stardock
2014-02-28 17:41 - 2014-02-28 17:41 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-28 14:50 - 2014-02-28 17:52 - 00001047 ____H () C:\WINDOWS\EPMBatch.ept
2014-02-27 18:57 - 2014-02-27 18:57 - 00001424 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 9.3.0.lnk
2014-02-27 18:57 - 2014-02-27 18:57 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2014-02-27 18:57 - 2013-10-09 16:34 - 03381832 _____ () C:\WINDOWS\system32\BootMan.exe
2014-02-27 18:57 - 2013-10-09 16:24 - 02499656 _____ () C:\WINDOWS\SysWOW64\BootMan.exe
2014-02-27 18:57 - 2013-03-07 10:49 - 00100936 _____ () C:\WINDOWS\system32\setupempdrvx64.exe
2014-02-27 18:57 - 2013-03-07 10:49 - 00087112 _____ () C:\WINDOWS\SysWOW64\setupempdrv03.exe
2014-02-27 18:57 - 2013-03-07 10:49 - 00019840 _____ () C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2014-02-27 18:57 - 2013-03-07 10:49 - 00017480 _____ () C:\WINDOWS\system32\epmntdrv.sys
2014-02-27 18:57 - 2013-03-07 10:49 - 00016256 _____ () C:\WINDOWS\system32\EuEpmGdi.dll
2014-02-27 18:57 - 2013-03-07 10:49 - 00013896 _____ () C:\WINDOWS\SysWOW64\epmntdrv.sys
2014-02-27 18:57 - 2013-03-07 10:49 - 00009800 _____ () C:\WINDOWS\system32\EuGdiDrv.sys
2014-02-27 18:57 - 2013-03-07 10:49 - 00009160 _____ () C:\WINDOWS\SysWOW64\EuGdiDrv.sys
2014-02-27 18:09 - 2014-03-01 12:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\VMware
2014-02-27 18:09 - 2014-03-01 12:30 - 00000000 ____D () C:\Users\David\AppData\Local\VMware
2014-02-27 18:08 - 2013-10-18 13:46 - 00064080 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2014-02-27 18:08 - 2013-10-18 13:44 - 00032848 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\VMkbd.sys
2014-02-27 18:08 - 2013-10-08 19:21 - 00073296 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2014-02-27 18:08 - 2013-10-08 19:21 - 00067664 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2014-02-27 18:08 - 2013-10-08 19:21 - 00063568 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2014-02-27 18:07 - 2013-10-18 13:45 - 00930384 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2014-02-27 18:07 - 2013-10-18 13:45 - 00437328 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2014-02-27 18:07 - 2013-10-18 13:45 - 00358480 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2014-02-27 18:07 - 2013-10-18 13:45 - 00030800 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2014-02-27 18:07 - 2013-10-09 09:04 - 00053816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2014-02-27 18:06 - 2014-02-27 18:06 - 00002145 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-02-27 18:06 - 2014-02-27 18:06 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-02-27 18:05 - 2014-03-26 13:23 - 00000000 ____D () C:\ProgramData\VMware
2014-02-27 18:05 - 2014-02-27 18:05 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-02-27 17:48 - 2014-02-27 17:50 - 98508144 _____ (VMware, Inc.) C:\Users\David\Downloads\VMware-player-6.0.1-1379776.exe
2014-02-27 17:39 - 2014-02-27 17:39 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-02-27 17:39 - 2014-02-27 17:39 - 00000000 ____D () C:\Program Files\Unlocker
2014-02-27 17:27 - 2014-02-27 17:27 - 00440672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-02-27 16:59 - 2014-03-08 12:43 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-26 20:57 - 2014-02-26 20:57 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
 
==================== One Month Modified Files and Folders =======
 
2014-03-26 14:18 - 2014-03-26 14:18 - 00019597 _____ () C:\Users\David\Desktop\FRST.txt
2014-03-26 14:18 - 2014-03-26 13:19 - 00000000 ____D () C:\FRST
2014-03-26 14:15 - 2013-10-27 14:15 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-26 14:14 - 2013-10-20 00:50 - 01755416 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-26 14:14 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-26 14:14 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-26 13:49 - 2013-10-18 17:32 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1688133475-1051021439-1101079046-1001
2014-03-26 13:46 - 2013-10-18 17:30 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 13:43 - 2013-10-18 17:30 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 13:42 - 2014-03-04 22:16 - 00000000 ____D () C:\Users\David\Desktop\Saving Private Ryan (1998)
2014-03-26 13:24 - 2014-03-24 19:07 - 00000000 ___RD () C:\Users\David\SkyDrive
2014-03-26 13:24 - 2013-10-20 14:05 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-03-26 13:24 - 2013-10-18 17:24 - 00000000 ___RD () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-26 13:24 - 2013-10-18 17:24 - 00000000 ___RD () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-26 13:23 - 2014-02-27 18:05 - 00000000 ____D () C:\ProgramData\VMware
2014-03-26 13:23 - 2014-01-31 15:56 - 00003244 _____ () C:\WINDOWS\System32\Tasks\IORRT
2014-03-26 13:23 - 2013-08-22 09:46 - 00328895 _____ () C:\WINDOWS\setupact.log
2014-03-26 13:22 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-26 13:20 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-26 13:18 - 2014-03-26 13:18 - 02157056 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2014-03-25 23:01 - 2013-10-25 12:13 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-03-25 21:57 - 2014-03-25 21:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\DVDVideoSoft
2014-03-25 21:56 - 2014-03-25 21:56 - 19618896 _____ (DVDVideoSoft Ltd. ) C:\Users\David\Desktop\FreeVideoCallRecorderForSkype.exe
2014-03-25 21:56 - 2014-03-25 21:56 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-03-25 20:23 - 2013-10-20 00:54 - 00000000 ____D () C:\Users\David
2014-03-25 19:52 - 2014-03-25 16:49 - 00000000 ____D () C:\Program Files\trend micro
2014-03-25 19:43 - 2013-10-18 19:19 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-25 19:43 - 2013-10-18 19:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-25 18:23 - 2011-08-12 15:35 - 00000000 ____D () C:\Users\David\Desktop\Me
2014-03-25 18:03 - 2014-03-25 18:03 - 00010624 _____ () C:\Users\David\Desktop\hijackthis.log
2014-03-25 17:23 - 2014-01-01 19:27 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D9EC6EF0-E125-4818-A33F-E6034552E291}
2014-03-25 16:49 - 2014-03-25 16:49 - 00000000 ____D () C:\rsit
2014-03-25 16:36 - 2014-03-25 16:36 - 00000000 ___HD () C:\$SysReset
2014-03-25 16:28 - 2013-07-30 12:41 - 00000000 ____D () C:\Users\David\Desktop\GoogleChromePortable
2014-03-24 19:07 - 2014-03-22 23:41 - 00000000 ___RD () C:\Users\David\SkyDrive (7).old
2014-03-24 18:50 - 2014-01-10 20:45 - 00000000 ____D () C:\Users\David\AppData\Local\LogMeIn Hamachi
2014-03-22 23:41 - 2014-03-22 23:33 - 00000000 ___RD () C:\Users\David\SkyDrive (6).old
2014-03-22 23:08 - 2014-02-28 19:12 - 00000000 ____D () C:\ProgramData\Stardock
2014-03-22 22:43 - 2014-03-16 19:09 - 00000000 __RDO () C:\Users\David\SkyDrive (5).old
2014-03-18 10:27 - 2014-03-18 10:27 - 00000000 ____D () C:\WINDOWS\pss
2014-03-18 09:01 - 2014-03-17 18:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 08:36 - 2014-03-18 08:36 - 00281400 _____ () C:\WINDOWS\Minidump\031814-19031-01.dmp
2014-03-18 08:36 - 2014-03-16 22:09 - 440343642 _____ () C:\WINDOWS\MEMORY.DMP
2014-03-18 08:36 - 2013-10-27 22:34 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-18 00:19 - 2014-03-17 18:25 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-17 23:59 - 2014-03-17 23:59 - 00281336 _____ () C:\WINDOWS\Minidump\031714-20734-01.dmp
2014-03-17 23:43 - 2014-03-17 23:43 - 00000000 ____D () C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com
2014-03-17 23:43 - 2014-03-17 23:43 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-17 23:43 - 2014-03-17 23:43 - 00000000 ____D () C:\Program Files (x86)\SUPERAntiSpyware
2014-03-17 22:42 - 2014-03-17 22:42 - 00032512 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2014-03-17 20:31 - 2014-03-17 20:31 - 00001050 _____ () C:\WINDOWS\system32\.crusader
2014-03-17 20:31 - 2014-03-17 20:06 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-17 19:36 - 2013-10-31 06:03 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2014-03-17 10:52 - 2013-10-20 14:04 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-17 10:46 - 2014-03-17 10:46 - 01950720 _____ () C:\Users\David\Downloads\11A9.tmp
2014-03-17 10:41 - 2013-08-02 18:49 - 00001343 _____ () C:\Users\David\Desktop\Chrome Portable.lnk
2014-03-17 04:53 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-17 04:40 - 2013-08-22 09:44 - 00369088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-17 04:39 - 2014-01-29 19:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 04:39 - 2014-01-29 19:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-17 04:38 - 2014-01-13 21:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-17 04:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-17 04:38 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-17 04:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-17 04:38 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-17 04:38 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-16 22:09 - 2014-03-16 22:09 - 00291056 _____ () C:\WINDOWS\Minidump\031614-21921-01.dmp
2014-03-16 19:09 - 2014-03-11 12:51 - 00000000 ___RD () C:\Users\David\SkyDrive (4).old
2014-03-13 17:02 - 2013-10-20 10:31 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2014-03-13 13:28 - 2013-09-29 23:04 - 00869556 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-13 13:25 - 2013-10-27 14:15 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-11 12:51 - 2014-03-02 13:38 - 00000000 __RDO () C:\Users\David\SkyDrive (3).old
2014-03-08 16:07 - 2013-06-04 11:10 - 00000054 _____ () C:\Users\David\Desktop\gc.txt
2014-03-08 12:44 - 2013-09-29 22:55 - 01138772 _____ () C:\WINDOWS\PFRO.log
2014-03-08 12:43 - 2014-02-27 16:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-06 19:38 - 2013-10-25 21:32 - 00648192 ___SH () C:\Users\David\Desktop\Thumbs.db
2014-03-06 17:42 - 2014-01-10 20:45 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-03-05 14:44 - 2013-10-24 19:11 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2014-03-04 22:05 - 2014-03-04 22:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-03-04 22:04 - 2014-03-04 22:04 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2014-03-04 19:09 - 2014-03-04 19:09 - 00024287 _____ () C:\JavaRa.log
2014-03-04 19:09 - 2013-10-18 17:23 - 00000000 ____D () C:\Users\David\AppData\Local\VirtualStore
2014-03-04 19:07 - 2014-03-04 19:07 - 00160350 _____ () C:\Users\David\Desktop\JavaRa.zip
2014-03-04 17:53 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 17:53 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-04 16:54 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-02 13:38 - 2014-01-05 14:30 - 00000000 __RDO () C:\Users\David\SkyDrive (2).old
2014-03-02 13:20 - 2014-03-02 13:20 - 00000196 _____ () C:\WINDOWS\DirectX.log
2014-03-02 13:20 - 2014-03-02 13:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-03-02 13:19 - 2014-03-02 13:19 - 00000000 ____D () C:\Users\David\AppData\Local\Windows Live
2014-03-02 13:04 - 2014-03-02 13:04 - 00001240 _____ () C:\Users\David\Desktop\Free Video to GIF Converter.lnk
2014-03-02 13:04 - 2014-03-02 13:04 - 00000000 ____D () C:\Program Files (x86)\Free Video to GIF Converter
2014-03-02 12:41 - 2014-03-02 12:41 - 00000000 ____D () C:\Users\David\.instagiffer
2014-03-02 12:40 - 2014-03-02 12:40 - 00000000 ____D () C:\Program Files (x86)\Instagiffer
2014-03-01 12:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-03-01 12:30 - 2014-02-27 18:09 - 00000000 ____D () C:\Users\David\AppData\Roaming\VMware
2014-03-01 12:30 - 2014-02-27 18:09 - 00000000 ____D () C:\Users\David\AppData\Local\VMware
2014-03-01 01:05 - 2014-03-17 10:40 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-28 23:58 - 2014-03-17 10:40 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-28 23:30 - 2014-03-17 10:40 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-28 23:17 - 2014-03-17 10:40 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-28 22:54 - 2014-03-17 10:40 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-28 22:47 - 2014-03-17 10:40 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-28 22:42 - 2014-03-17 10:40 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-28 22:18 - 2014-03-17 10:40 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-28 22:14 - 2014-03-17 10:40 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-28 22:10 - 2014-03-17 10:40 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-28 22:03 - 2014-03-17 10:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-28 21:57 - 2014-03-17 10:40 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-28 21:38 - 2014-03-17 10:40 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-28 21:32 - 2014-03-17 10:40 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-28 21:27 - 2014-03-17 10:40 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-28 21:25 - 2014-03-17 10:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-28 21:25 - 2014-03-17 10:40 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-28 19:16 - 2014-02-28 19:16 - 00000000 ____D () C:\Users\David\Documents\Virtual Machines
2014-02-28 19:12 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-02-28 17:52 - 2014-02-28 14:50 - 00001047 ____H () C:\WINDOWS\EPMBatch.ept
2014-02-28 17:41 - 2014-02-28 17:41 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-27 18:57 - 2014-02-27 18:57 - 00001424 _____ () C:\Users\Public\Desktop\EaseUS Partition Master 9.3.0.lnk
2014-02-27 18:57 - 2014-02-27 18:57 - 00000000 ____D () C:\Program Files (x86)\EaseUS
2014-02-27 18:09 - 2014-01-14 19:14 - 00000843 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-27 18:09 - 2014-01-14 19:14 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-27 18:06 - 2014-02-27 18:06 - 00002145 _____ () C:\Users\Public\Desktop\VMware Player.lnk
2014-02-27 18:06 - 2014-02-27 18:06 - 00000000 ____D () C:\Program Files\Common Files\VMware
2014-02-27 18:06 - 2013-10-21 16:46 - 00883630 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-02-27 18:05 - 2014-02-27 18:05 - 00000000 ____D () C:\Program Files (x86)\VMware
2014-02-27 17:50 - 2014-02-27 17:48 - 98508144 _____ (VMware, Inc.) C:\Users\David\Downloads\VMware-player-6.0.1-1379776.exe
2014-02-27 17:39 - 2014-02-27 17:39 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-02-27 17:39 - 2014-02-27 17:39 - 00000000 ____D () C:\Program Files\Unlocker
2014-02-27 17:27 - 2014-02-27 17:27 - 00440672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswndisflt.sys
2014-02-27 17:17 - 2013-10-24 19:10 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-27 17:17 - 2013-10-24 19:10 - 00000000 ____D () C:\Program Files\WinRAR
2014-02-26 20:57 - 2014-02-26 20:57 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-02-24 04:06 - 2014-01-26 22:20 - 00001115 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
 
Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\David\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\David\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\David\AppData\Local\Temp\ose00000.exe
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\David\AppData\Local\Temp\shutdown1388681410.exe
C:\Users\David\AppData\Local\Temp\vlc-2.1.3-win64.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-17 04:25] - [2014-01-31 11:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
 
 
 
safeboot: ==> The system is configured to boot to Safe Mode <===== ATTENTION!
 
 
LastRegBack: 2014-03-20 19:39
 
==================== End Of Log ============================

Here is the Addition log

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by David at 2014-03-26 14:18:44
Running from C:\Users\David\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
2.0 (HKLM-x32\...\Free Video to GIF Converter_is1) (Version: 2.0 - www.video-gif-converter.com)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{DC4BC0CC-A928-4C48-BA40-AC24784F46E5}) (Version:  - Microsoft)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.4 - Lenovo)
Energy Management (x32 Version: 6.0.2.4 - Lenovo) Hidden
f.lux (HKCU\...\Flux) (Version:  - )
FormatFactory 3.3.2.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.2.0 - Format Factory)
Free Video Call Recorder for Skype version 1.1.0.319 (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.1.0.319 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIF Viewer (HKLM-x32\...\GIF Viewer) (Version:  - )
GomezPEER (HKLM-x32\...\GomezPEER) (Version: 3.2 - Gomez Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Instagiffer version 1.41 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.41 - Justin Todd)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Mozilla Firefox 24.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Open Garden (HKCU\...\OpenGarden) (Version: 2.4.7 - Open Garden Inc.)
Opera Stable 19.0.1326.63 (HKLM-x32\...\Opera 19.0.1326.63) (Version: 19.0.1326.63 - Opera Software ASA)
Plex Media Server (HKLM-x32\...\{876ab221-6562-4f34-9335-68fc92bb3f1b}) (Version: 0.9.818 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.818 - Plex, Inc.) Hidden
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version:  - )
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SUPERAntiSpyware (HKLM-x32\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
tools-windows (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.WORD_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.WORD_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.WORD_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.WORD_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Windows Driver Package - Lenovo (ACPIVPC) System  (01/28/2011 6.1.0.1) (HKLM\...\EB9B45DC947C2D941CA61B992509A71D738AE888) (Version: 01/28/2011 6.1.0.1 - Lenovo)
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
2013-10-25 11:58 - 2013-10-25 11:58 - 00000877 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {04441E71-0966-46BF-B4F1-B328B34C48D7} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31F382C1-7549-4EA7-8881-AEB133E09121} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5961938E-E6B6-4FEE-A2C0-5212AA20AB9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18] (Google Inc.)
Task: {64AC6082-1DE9-437E-B77F-D6043D0F79FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {81AC9636-CBD5-4A5F-B8F9-D2C97CB994DD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-25] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A40F2462-8414-4C2E-8A80-7F304873780F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {A879A8AC-D108-4539-A47F-3508D37F64F5} - System32\Tasks\Hybrid => C:\IORRT\IORRT.bat [2014-01-13] ()
Task: {B33E2BBF-675E-4E9E-9CE5-E1220DB515C8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {B8D34C8A-F2C3-48A7-AD33-2471973BB0B7} - System32\Tasks\IORRT => C:\IORRT\IORRT.bat [2014-01-13] ()
Task: {C5AA8085-72AA-44DB-BE0D-F7F4ECDB6840} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D354B419-72F7-4472-8161-AD6FF4BBBF2E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E513029A-0083-4A2A-9D0C-CD0EECDDDB38} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1688133475-1051021439-1101079046-1001Core1cf284bdc2553b9.job => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-01-08 12:17 - 2013-12-19 15:33 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-20 00:50 - 2013-12-19 13:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-12-20 03:20 - 2013-10-20 10:26 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 03:20 - 2013-10-20 10:26 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-12-14 04:42 - 2012-12-14 04:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-26 04:24 - 2013-09-26 04:24 - 00073728 _____ () C:\Program Files (x86)\Gomez\GomezPEER\bin\GomezPEER.exe
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-01-08 12:17 - 2013-12-19 15:33 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00840840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00051848 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00089224 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 07605400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avcodec-54.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 01453720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avformat-54.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00202392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avutil-52.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00352920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\swscale-2.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00507528 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 08495240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00195720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00952968 _____ () C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 01291400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 01038984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
2013-10-21 15:37 - 2013-10-21 15:37 - 02593168 _____ () C:\Users\David\AppData\Local\Temp\SevenZipJBinding-N8q7X\lib7-Zip-JBinding.dll
2013-09-09 21:20 - 2013-09-09 21:20 - 00017408 _____ () C:\Program Files (x86)\Gomez\GomezPEER\jre\bin\SystemInfo.dll
2013-09-09 21:20 - 2013-09-09 21:20 - 00055808 _____ () C:\Program Files (x86)\Gomez\GomezPEER\jre\bin\ICE_JNIRegistry.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00045192 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00028808 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00019080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00032392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00836744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2013-12-23 22:17 - 2013-12-23 22:17 - 00192648 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00056456 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00018056 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00083080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00111752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2013-12-23 22:17 - 2013-12-23 22:17 - 00692360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\David\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\David\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\David\SkyDrive (3).old:ms-properties
AlternateDataStreams: C:\Users\David\SkyDrive (4).old:ms-properties
AlternateDataStreams: C:\Users\David\SkyDrive (5).old:ms-properties
AlternateDataStreams: C:\Users\David\SkyDrive (7).old:ms-properties
AlternateDataStreams: C:\Users\David\SkyDrive.old:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Audiosrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MMCSS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Sound, video, and game controllers"
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/25/2014 09:58:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 6.13.0.104, time stamp: 0x52d56480
Faulting module name: MFMediaEngine.dll, version: 6.3.9600.16408, time stamp: 0x523d2765
Exception code: 0xc0000005
Fault offset: 0x00076747
Faulting process id: 0xccc
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
Faulting package full name: Skype.exe4
Faulting package-relative application ID: Skype.exe5
 
Error: (03/25/2014 07:42:59 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe -Embedding; Description = Windows Modules Installer; Error = 0x80070422).
 
Error: (03/25/2014 07:42:46 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe -Embedding; Description = Windows Modules Installer; Error = 0x80070422).
 
Error: (03/25/2014 07:42:44 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80070422).
 
Error: (03/25/2014 07:41:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVID)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/25/2014 07:41:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVID)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/25/2014 07:22:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVID)
Description: App windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel did not launch within its allotted time.
 
Error: (03/25/2014 07:20:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DAVID)
Description: App windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel did not launch within its allotted time.
 
Error: (03/22/2014 11:08:19 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" ; Description = Revo Uninstaller Pro's restore point - Stardock Start8; Error = 0x8007043c).
 
Error: (03/20/2014 07:26:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.0.1207, time stamp: 0x4ffb4350
Faulting module name: IAStorUtil.ni.dll, version: 11.5.0.1207, time stamp: 0x4ffb434b
Exception code: 0xc0000005
Fault offset: 0x0002f3fd
Faulting process id: 0x810
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5
 
 
System errors:
=============
Error: (03/26/2014 02:14:31 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:14:28 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:14:25 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:14:23 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:14:20 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:13:19 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:12:17 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:11:17 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:11:15 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (03/26/2014 02:10:12 PM) (Source: disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (03/25/2014 09:58:13 PM) (Source: Application Error)(User: )
Description: Skype.exe6.13.0.10452d56480MFMediaEngine.dll6.3.9600.16408523d2765c000000500076747ccc01cf489f1bd6b6e4C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Windows\SYSTEM32\MFMediaEngine.dll784c687a-b492-11e3-bf1f-b870f4227e1f
 
Error: (03/25/2014 07:42:59 PM) (Source: System Restore)(User: )
Description: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe -EmbeddingWindows Modules Installer0x80070422
 
Error: (03/25/2014 07:42:46 PM) (Source: System Restore)(User: )
Description: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe -EmbeddingWindows Modules Installer0x80070422
 
Error: (03/25/2014 07:42:44 PM) (Source: System Restore)(User: )
Description: C:\WINDOWS\system32\svchost.exe -k netsvcsWindows Update0x80070422
 
Error: (03/25/2014 07:41:59 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVID)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927142
 
Error: (03/25/2014 07:41:59 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVID)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927141
 
Error: (03/25/2014 07:22:56 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVID)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel
 
Error: (03/25/2014 07:20:42 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: DAVID)
Description: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel
 
Error: (03/22/2014 11:08:19 PM) (Source: System Restore)(User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" Revo Uninstaller Pro's restore point - Stardock Start80x8007043c
 
Error: (03/20/2014 07:26:58 PM) (Source: Application Error)(User: )
Description: IAStorDataMgrSvc.exe11.5.0.12074ffb4350IAStorUtil.ni.dll11.5.0.12074ffb434bc00000050002f3fd81001cf449c3e6aa651C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\ce052cddc7abb8092b8a95df8b57c562\IAStorUtil.ni.dll82eae58a-b08f-11e3-bf05-b870f4227e1f
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-27 16:27:55.648
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-27 16:03:24.418
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-27 16:03:23.821
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-26 14:50:08.793
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-26 14:50:08.674
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-26 09:19:57.317
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-26 09:19:57.301
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-26 09:19:56.348
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-26 09:19:56.208
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-26 06:46:24.840
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 39%
Total physical RAM: 4039.86 MB
Available physical RAM: 2429.97 MB
Total Pagefile: 8135.86 MB
Available Pagefile: 6298.12 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
 
==================== Drives ================================
 
Drive c: (Windows 8) (Fixed) (Total:184.41 GB) (Free:45.75 GB) NTFS
Drive e: () (Fixed) (Total:266.4 GB) (Free:72.87 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6620575C)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=266 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=12)
Partition 4: (Not Active) - (Size=184 GB) - (Type=OF Extended)
 
==================== End Of Log ============================


#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 27 March 2014 - 04:24 AM

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, navigate to the Scan tab, select Custom Scan.
  • Click the Scan Now >> button.
  • Under 'Custom Scanning Options' uncheck all boxes.
  • Select only 'Scan for rootkits'.
  • Do not select any drive letter.
  • Click 'Start Scan'.
  • When the scan is complete, click on 'Cancel'.
  • Click Yes at the next message.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 28 March 2014 - 03:08 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/28/2014
Scan Time: 3:05:46 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.0.1000
Malware Database: v2014.03.28.07
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: David
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 198611
Time Elapsed: 2 min, 59 sec
 
Memory: Disabled
Startup: Disabled
Filesystem: Disabled
Archives: Disabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 31 March 2014 - 02:42 AM

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 31 March 2014 - 05:17 PM

C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnStub.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnToolbarInstaller.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application
C:\Sandbox\David\DefaultBox\user\all\InstallMate\{9C81181A-AB9E-4D4E-AFA5-E3BC47623AEC}\Custom.dll Win32/InstalleRex.M potentially unwanted application
C:\Users\David\AppData\Local\Temp\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Users\David\AppData\Local\Temp\dlm230C.tmp\FFSetup3.3.2.0.exe a variant of Win32/Hao123.A potentially unwanted application
E:\AdwCleaner\Quarantine\C\Users\David\AppData\Roaming\Search Protection\Uninstall.exe.vir probably a variant of Win32/Toolbar.Widgi potentially unwanted application
E:\Program Files (x86)\Bitcoin\bitcoin-qt.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application
E:\Program Files (x86)\Bitcoin\daemon\bitcoind.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application
E:\Windows\Installer\MSIE596.tmp-\Smartbar.Resources.SetBrowsersSettings.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application


#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 01 April 2014 - 02:51 AM

The files ESET found are not malicious, but contain security risks. I would uninstall or delete them immediately - your choice.

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 01 April 2014 - 01:15 PM

# AdwCleaner v3.023 - Report created 01/04/2014 at 13:12:02
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : David - DAVID
# Running from : C:\Users\David\Desktop\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\House Of Soft
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\b52ci4bb.default\user.js
File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_sb.scorecardresearch.com_0.localstorage
File Deleted : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_sb.scorecardresearch.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v24.0 (en-US)
 
[ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\b52ci4bb.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1416 octets] - [01/04/2014 13:10:40]
AdwCleaner[S0].txt - [1353 octets] - [01/04/2014 13:12:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1413 octets] ##########


#11 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 01 April 2014 - 01:23 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 Pro x64
Ran by David on Tue 04/01/2014 at 13:17:50.50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 04/01/2014 at 13:22:31.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#12 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 01 April 2014 - 01:30 PM

 Results of screen317's Security Check version 0.99.81  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 SUPERAntiSpyware     
 Java 7 Update 51  
 Adobe Flash Player 12.0.0.77  
 Mozilla Firefox 24.0 Firefox out of Date!  
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 01 April 2014 - 01:44 PM

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender

  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 01 April 2014 - 02:17 PM

It seems like the freezing problem has been fixed. I think the ESET Scan is what fixed it.
 
Farbar Service Scanner Version: 25-02-2014
Ran by David (administrator) on 01-04-2014 at 14:16:05
Running from "C:\Users\David\Desktop"
Microsoft Windows 8.1 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-03-17 04:25] - [2014-01-29 03:47] - 2543960 ____A (Microsoft Corporation) ECC68BD5347BDE9631EE68274858A41F
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2014-03-17 04:24] - [2013-10-25 01:48] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799
 
C:\Program Files\Windows Defender\MsMpEng.exe
[2014-03-17 04:24] - [2013-10-30 19:29] - 0023824 ____A (Microsoft Corporation) 7CE5405B192AC912B9405F72386C7D4B
 
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#15 bilge6

bilge6
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 01 April 2014 - 04:13 PM

OK I was wrong. My problem is not fixed. After running those 3 scans, everything was fine until i updated my cleaner. It installed fine, but then it froze. I rebooted it and i am having the same issues as before.


Edited by bilge6, 01 April 2014 - 05:56 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users