Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot delete a Trojan (see screenshot)


  • This topic is locked This topic is locked
13 replies to this topic

#1 neroman00

neroman00

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 16 April 2014 - 07:20 PM

Hi,
 
I've tried a lot of times and I cannot delete a specific Trojan founded with Hitman Pro.
 
After rebooting my pc and start a new search with Hitman Pro then the TROJAN gtqadjqbe.exe is still there!
 
Please advice!
 
Thanks

 

 

1397693851301.jpg


Edited by neroman00, 16 April 2014 - 07:23 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:36 PM

Posted 16 April 2014 - 07:44 PM

Hello neroman.. Hitman is prone to False Positives.

Lets try to double check that gtqadjqbe.exe file, as it may belong to Windows Defender.

 

To to get a second opinion, submit it to one of the following online services that analyzes suspicious files:


In the "File to Scan" (Upload or Submit) box, browse to the location of the suspicious file(s) and submit (upload) it for scanning/analysis. If you get a message saying "File has already been analyzed", click Reanalyze or Scan again.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 17 April 2014 - 05:15 AM

Thanks boopme

 

I couldn't find the path or the inflected file at "C:\ProgramData\googleupdate\gtqadjqbe.exe" in order to try option 1 or option 2.

 

Anyway, I think surely might be trojan because by highlighting the threat (see screenshot below) reveals: TROJAN.Win32.Pincav.cryr

 

Can you suggest me some Virus-fighting utilities to get rid of TROJAN.Win32.Pincav.cryr?

 

Also, could you suggest me an alternative OR THE BEST program compared to Hitman Pro? ( NON-prone to False Positives).

 

 

Thanks a lot!

 

1397728367227.jpg

Malware _____________________________________________________________________

   C:\ProgramData\googleupdate\gtqadjqbe.exe -> PendingDelete
      Size . . . . . . . : 220,392 bytes
      Age  . . . . . . . : 11.0 days (2014-04-06 13:41:16)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 45AB3A9C98ECEAA560F5E6A918B920C4C3908951491C00DA2CEAC163F37A9D22
      Product  . . . . . : Cisco PEAP Module
      Publisher  . . . . : Cisco PEAP Module
      Description  . . . : Cisco PEAP Module
      Version  . . . . . : 14.1.6.0
      Copyright  . . . . : Copyright © 2006-2009
    > Kaspersky  . . . . : Trojan.Win32.Pincav.cryr
      Fuzzy  . . . . . . : 106.0
      Forensic Cluster
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
 

 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:36 PM

Posted 17 April 2014 - 02:26 PM

Ok, lets do these then.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 17 April 2014 - 07:00 PM

results - step 1:

 

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by msi (administrator) on 18-04-2014 at 02:56:43
Running from "C:\Users\msi\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


========================= IP Configuration: ================================

802.11n USB Wireless LAN Card = Wireless Network Connection 4 (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Media disconnected)
Spotflux Virtual Network Device Driver = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 6 (Media disconnected)
VPN Client Adapter - VPN-test = VPN-test - VPN Client (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=128 icmpredirects=enabled
set interface interface="VPN-test - VPN Client" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : msi-msi
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Spotflux Virtual Network Device Driver
   Physical Address. . . . . . . . . : 00-FF-74-AB-6E-7E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VPN-test - VPN Client:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : VPN Client Adapter - VPN-test
   Physical Address. . . . . . . . . : 00-AC-35-A9-33-9A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 40-61-86-17-F3-11
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #4
   Physical Address. . . . . . . . . : 00-E0-5C-30-7A-28
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 4:

   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : 802.11n USB Wireless LAN Card #2
   Physical Address. . . . . . . . . : 00-E0-5C-30-7A-29
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6138:1825:36f4:45be%17(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.10.21(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, April 18, 2014 2:31:14 AM
   Lease Expires . . . . . . . . . . : Saturday, April 19, 2014 2:31:14 AM
   Default Gateway . . . . . . . . . : 192.168.10.254
   DHCP Server . . . . . . . . . . . : 192.168.10.254
   DHCPv6 IAID . . . . . . . . . . . : 385933404
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-D1-A8-98-40-61-86-17-F3-11
   DNS Servers . . . . . . . . . . . : 192.168.10.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : 1C-4B-D6-5B-EA-84
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.lan:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:3815:34bd:3f57:f5ea(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3815:34bd:3f57:f5ea%26(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{EA79BA14-82E4-4828-9BAD-A117877FD166}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BAC7D3EE-E108-4177-97AD-B9B80092C3AB}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{582CC2BD-522D-44DE-8B06-F50B2B4F1A32}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B66D10E5-CD59-422A-9A77-662FEFBE71C9}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{74AB6E7E-EE5C-475F-8BB1-E3C9567E2D8C}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  speedtouch.lan
Address:  192.168.10.254

Name:    google.com
Addresses:  2a00:1450:4017:800::1001
      195.14.151.40
      195.14.151.34
      195.14.151.49
      195.14.151.29
      195.14.151.35
      195.14.151.45
      195.14.151.25
      195.14.151.44
      195.14.151.24
      195.14.151.54
      195.14.151.59
      195.14.151.30
      195.14.151.20
      195.14.151.50
      195.14.151.39
      195.14.151.55


Pinging google.com [195.14.151.34] with 32 bytes of data:
Reply from 195.14.151.34: bytes=32 time=26ms TTL=61
Reply from 195.14.151.34: bytes=32 time=27ms TTL=61

Ping statistics for 195.14.151.34:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 26ms, Maximum = 27ms, Average = 26ms
Server:  speedtouch.lan
Address:  192.168.10.254

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=213ms TTL=53
Reply from 98.138.253.109: bytes=32 time=209ms TTL=53

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 209ms, Maximum = 213ms, Average = 211ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 23...00 ff 74 ab 6e 7e ......Spotflux Virtual Network Device Driver
 22...00 ac 35 a9 33 9a ......VPN Client Adapter - VPN-test
 19...40 61 86 17 f3 11 ......Realtek PCIe GBE Family Controller
 18...00 e0 5c 30 7a 28 ......Microsoft Virtual WiFi Miniport Adapter #4
 17...00 e0 5c 30 7a 29 ......802.11n USB Wireless LAN Card #2
 10...1c 4b d6 5b ea 84 ......Atheros AR9285 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 26...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 41...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   192.168.10.254    192.168.10.21     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     192.168.10.0    255.255.255.0         On-link     192.168.10.21    281
    192.168.10.21  255.255.255.255         On-link     192.168.10.21    281
   192.168.10.255  255.255.255.255         On-link     192.168.10.21    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.10.21    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.10.21    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 26     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 26     58 2001::/32                On-link
 26    306 2001:0:5ef5:79fb:3815:34bd:3f57:f5ea/128
                                    On-link
 17    281 fe80::/64                On-link
 26    306 fe80::/64                On-link
 26    306 fe80::3815:34bd:3f57:f5ea/128
                                    On-link
 17    281 fe80::6138:1825:36f4:45be/128
                                    On-link
  1    306 ff00::/8                 On-link
 26    306 ff00::/8                 On-link
 17    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/18/2014 02:54:21 AM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0d019
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xc0000005
Fault offset: 0x000000000000c65f
Faulting process id: 0x1758
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (04/18/2014 02:54:02 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 29.0.0.5217 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1388

Start Time: 01cf5a35b2cee707

Termination Time: 25

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 86c2385d-c68b-11e3-94f8-00ac35a9339a

Error: (04/18/2014 02:45:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0d019
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xc0000005
Fault offset: 0x000000000000c65f
Faulting process id: 0x1430
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (04/18/2014 02:23:01 AM) (Source: MsiInstaller) (User: msi-msi)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (04/18/2014 02:22:09 AM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0d019
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xc0000005
Fault offset: 0x000000000000c65f
Faulting process id: 0xcfc
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (04/18/2014 02:22:09 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (04/17/2014 06:00:08 PM) (Source: MsiInstaller) (User: msi-msi)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (04/17/2014 05:45:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0d019
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xc0000005
Fault offset: 0x000000000000c65f
Faulting process id: 0xc24
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (04/17/2014 05:15:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0d019
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xc0000005
Fault offset: 0x000000000000c65f
Faulting process id: 0x1180
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (04/17/2014 05:01:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0d019
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xc0000005
Fault offset: 0x000000000000c65f
Faulting process id: 0xe8c
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3


System errors:
=============
Error: (04/18/2014 02:54:21 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 135 time(s).

Error: (04/18/2014 02:45:03 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 134 time(s).

Error: (04/18/2014 02:22:10 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 133 time(s).

Error: (04/17/2014 05:45:03 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 132 time(s).

Error: (04/17/2014 05:15:09 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 131 time(s).

Error: (04/17/2014 05:01:48 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 130 time(s).

Error: (04/17/2014 04:49:02 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 129 time(s).

Error: (04/17/2014 04:48:40 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 128 time(s).

Error: (04/17/2014 04:48:33 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 127 time(s).

Error: (04/17/2014 04:45:34 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 126 time(s).


Microsoft Office Sessions:
=========================
Error: (10/09/2013 05:10:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7169 seconds with 4980 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-04-04 15:30:11.711
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-04 15:30:11.321
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-04 15:12:44.265
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-04 15:12:43.780
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-19 17:47:09.728
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-19 17:47:09.650
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-19 12:20:03.085
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-19 12:20:03.007
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-19 11:48:05.478
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-02-19 11:48:05.400
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Acronis True Image Home 2011 (Version: 14.0.6942)
Adobe AIR (Version: 3.3.0.3670)
Adobe Flash Player 13 Plugin (Version: 13.0.0.182)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 12.1 (Version: 12.1.0.150)
Advanced IP Scanner 2.3 (Version: 2.3.2161)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Excel 2007 Help (KB963678)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Powerpoint 2007 Help (KB963669)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Word 2007 Help (KB963665)
Applian Director (Version: 3.01)
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.10.102)
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Brochures & Flyers
ArcSoft Print Creations - Funhouse II
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Photo Prints
ArcSoft Print Creations - Poster Creator
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 3.0.255.487)
ArcSoft WebCam Companion 3 (Version: 3.0.32.262)
Art Effects for PDR10 (Version: 2.0)
ATI Catalyst Install Manager (Version: 3.0.754.0)
ATI Catalyst Install Manager (Version: 3.0.774.0)
Audacity 2.0.5 (Version: 2.0.5)
Auslogics Disk Defrag (Version: 3.6)
Auto Shutdown (Version: 1.0.0)
AutoHotkey 1.1.14.03 (Version: 1.1.14.03)
Avidemux 2.5 (Version: 2.5.6.7716)
AVS Video Converter 8 (Version: 8.4.1.540)
AVS Video Editor 6 (Version: 6.3.2.234)
Bing Bar (Version: 7.1.352.0)
BurnRecovery (Version: 3.0.912.401)
Camtasia Studio 8 (Version: 8.2.0.1416)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.1209.2335.42329)
Catalyst Control Center Core Implementation (Version: 2010.0608.2230.38564)
Catalyst Control Center Graphics Full Existing (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full Existing (Version: 2010.0608.2230.38564)
Catalyst Control Center Graphics Full New (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full New (Version: 2010.0608.2230.38564)
Catalyst Control Center Graphics Light (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Light (Version: 2010.0608.2230.38564)
Catalyst Control Center Graphics Previews Vista (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0608.2230.38564)
Catalyst Control Center InstallProxy (Version: 2009.1209.2335.42329)
Catalyst Control Center InstallProxy (Version: 2010.0608.2230.38564)
Catalyst Control Center Localization All (Version: 2009.1209.2335.42329)
Catalyst Control Center Localization All (Version: 2010.0608.2230.38564)
CCC Help Chinese Standard (Version: 2009.1209.2334.42329)
CCC Help Chinese Standard (Version: 2010.0608.2229.38564)
CCC Help Chinese Traditional (Version: 2009.1209.2334.42329)
CCC Help Chinese Traditional (Version: 2010.0608.2229.38564)
CCC Help Czech (Version: 2009.1209.2334.42329)
CCC Help Czech (Version: 2010.0608.2229.38564)
CCC Help Danish (Version: 2009.1209.2334.42329)
CCC Help Danish (Version: 2010.0608.2229.38564)
CCC Help Dutch (Version: 2009.1209.2334.42329)
CCC Help Dutch (Version: 2010.0608.2229.38564)
CCC Help English (Version: 2009.1209.2334.42329)
CCC Help English (Version: 2010.0608.2229.38564)
CCC Help Finnish (Version: 2009.1209.2334.42329)
CCC Help Finnish (Version: 2010.0608.2229.38564)
CCC Help French (Version: 2009.1209.2334.42329)
CCC Help French (Version: 2010.0608.2229.38564)
CCC Help German (Version: 2009.1209.2334.42329)
CCC Help German (Version: 2010.0608.2229.38564)
CCC Help Greek (Version: 2009.1209.2334.42329)
CCC Help Greek (Version: 2010.0608.2229.38564)
CCC Help Hungarian (Version: 2009.1209.2334.42329)
CCC Help Hungarian (Version: 2010.0608.2229.38564)
CCC Help Italian (Version: 2009.1209.2334.42329)
CCC Help Italian (Version: 2010.0608.2229.38564)
CCC Help Japanese (Version: 2009.1209.2334.42329)
CCC Help Japanese (Version: 2010.0608.2229.38564)
CCC Help Korean (Version: 2009.1209.2334.42329)
CCC Help Korean (Version: 2010.0608.2229.38564)
CCC Help Norwegian (Version: 2009.1209.2334.42329)
CCC Help Norwegian (Version: 2010.0608.2229.38564)
CCC Help Polish (Version: 2009.1209.2334.42329)
CCC Help Polish (Version: 2010.0608.2229.38564)
CCC Help Portuguese (Version: 2009.1209.2334.42329)
CCC Help Portuguese (Version: 2010.0608.2229.38564)
CCC Help Russian (Version: 2009.1209.2334.42329)
CCC Help Russian (Version: 2010.0608.2229.38564)
CCC Help Spanish (Version: 2009.1209.2334.42329)
CCC Help Spanish (Version: 2010.0608.2229.38564)
CCC Help Swedish (Version: 2009.1209.2334.42329)
CCC Help Swedish (Version: 2010.0608.2229.38564)
CCC Help Thai (Version: 2009.1209.2334.42329)
CCC Help Thai (Version: 2010.0608.2229.38564)
CCC Help Turkish (Version: 2009.1209.2334.42329)
CCC Help Turkish (Version: 2010.0608.2229.38564)
ccc-core-static (Version: 2009.1209.2335.42329)
ccc-core-static (Version: 2010.0608.2230.38564)
ccc-utility64 (Version: 2009.1209.2335.42329)
ccc-utility64 (Version: 2010.0608.2230.38564)
CCleaner (Version: 4.12)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Comfort On-Screen Keyboard Pro 5.1.4.0 (Version: 5.1)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Core Temp 1.0 RC6 (Version: 1.0)
CoreAAC Audio Decoder (remove only)
CyberGhost VPN
CyberLink PowerDirector 10 (Version: 10.0.0.1129b)
CyberLink WaveEditor (Version: 1.0.1.3320)
CyberScrub® Privacy Suite™ 5.1
D3DX10 (Version: 15.4.2368.0902)
Debut Video Capture Software
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.16)
Dropbox (Version: 2.0.22)
EaseUS Data Recovery Wizard 5.6.5
EaseUS Partition Master 9.2.1 Home Edition
EasyViewer (Version: 1.3.0.9)
ENE USB Card Reader Driver (Version: 5.89.0.71)
Evernote v. 4.5.10 (Version: 4.5.10.7472)
Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
FileZilla Client 3.7.4.1 (Version: 3.7.4.1)
Finger Sensing Pad Driver (Version: 8.5.6.4)
FixCleaner (Version: 2.0.5013)
FormatFactory 2.96 (Version: 2.96)
Free Studio version 2013 (Version: 6.1.3.622)
FreeWebSiteSubmitter 1.0.3
FXCM Trading Station (Version: 011212)
Google Chrome (Version: 34.0.1847.116)
Google Earth (Version: 7.0.3.8542)
Google Earth (Version: 7.1.2.2041)
Google Talk Plugin (Version: 3.19.1.13088)
Google Update Helper (Version: 1.3.23.9)
Hide IP Easy (Version: 5.1.9.6)
HiDownloadPlatinum
HitmanPro 3.7 (Version: 3.7.9.212)
Hot Keyboard Pro 4 (Version: 4.0)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Help (Version: 140.0.61.61)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2119)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Turbo Boost Technology Driver (Version: 01.01.01.1007)
iWisoft Free Video Converter 1.2 (Version: 1.2)
Java 7 Update 51 (64-bit) (Version: 7.0.510)
Java Auto Updater (Version: 2.1.6.0)
Junk Mail filter update (Version: 16.4.3505.0912)
LaCie Desktop Manager 1.5.5 (Version: 1.5.5)
Live Update 5 (Version: 5.0.109)
Macro Recorder 5.7.2 (Version: 5.7.2)
Magical Jelly Bean KeyFinder (Version: 2.0.9.8)
Maxthon Cloud Browser (Version: 4.1.2.4000)
MediaCoder x64 0.8.22.5525 (Version: 0.8.22.5525)
MediaInfo 0.7.67 (Version: 0.7.67)
MEGATRADER (Version: 4.00)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Expression Blend 3 SDK (Version: 1.0.1343.0)
Microsoft Expression Blend 4 (Version: 4.0.20525.0)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0)
Microsoft Expression Design 4 (Version: 7.0.20516.0)
Microsoft Expression Encoder 4 (Version: 4.0.1639.0)
Microsoft Expression Encoder 4 Screen Capture Codec (Version: 4.0.1639.0)
Microsoft Expression Studio 4 (Version: 4.0.20525.0)
Microsoft Expression Web 4 (Version: 4.0.1303.0)
Microsoft Expression Web 4 Service Pack 2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - Greek/???????? (Version: 12.0.6612.1000)
Microsoft Office O MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (Greek) 2007 (Version: 12.0.4518.1029)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer 2010 (Version: 14.0.6029.1000)
Microsoft Office SharePoint Designer MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office SharePoint Designer MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Office X MUI (Greek) 2007 (Version: 12.0.6612.1000)
Microsoft Report Viewer Redistributable 2005
Microsoft Report Viewer Redistributable 2005 (Version: 8.0.56405)
Microsoft Security Client (Version: 4.5.0216.0)
Microsoft Security Essentials (Version: 4.5.216.0)
Microsoft SharePoint Designer 2010 (Version: 14.0.6029.1000)
Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50401.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
MixPad Audio Mixer
Motorola Bluetooth (Version: 3.0.02.280)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 29.0 (x86 en-US) (Version: 29.0)
Mozilla Maintenance Service (Version: 29.0)
msi Software Install (Version: 3.0.1004.102)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero Burning ROM 11 (Version: 11.0.10400)
Nero Burning ROM 11 (Version: 11.0.12200.23.100)
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300)
Nero ControlCenter 11 (Version: 11.0.12300.0.23)
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300)
Nero Core Components 11 (Version: 11.0.14700.1.9)
Nero RescueAgent 11 (Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400)
Nero Update (Version: 11.0.10623.22.0)
nero.prerequisites.msi (Version: 11.0.20007)
neroxml (Version: 1.0.0)
Nmap 6.40
Notepad++ (Version: 6.0)
Office Shuttle Software (Version: 12.05.0004)
Opera Stable 18.0.1284.63 (Version: 18.0.1284.63)
Opera Stable 20.0.1387.91 (Version: 20.0.1387.91)
ophcrack 3.6.0 (Version: 3.6.0)
Paint.NET v3.5.11 (Version: 3.61.0)
PC Sleep (Version: 2.2.0)
PDFill PDF Editor with FREE Writer and FREE Tools (Version: 9.0)
Photo Common (Version: 16.4.3505.0912)
Photo Gallery (Version: 16.4.3505.0912)
Photo Story 3 for Windows (Version: 3.0.1115.11)
Photo! Editor 1.1
PhotoPad Image Editor
PhotoScape
PicoZip Recovery Tool 1.02 (Version: 1.02)
PowerDirector (Version: 10.00.0000)
PowerXpressHybrid (Version: 1.00.0000)
PX Profile Update (Version: 1.00.1.)
Ralink RT2870 Wireless LAN Card (Version: 1.5.31.0)
RAR Password Recovery v1.1 RC17 (remove only)
RAR Password Unlocker 4.2.0.0
Realtek Ethernet Controller Driver (Version: 7.77.1126.2013)
Realtek High Definition Audio Driver (Version: 6.0.1.7111)
RecordPad Sound Recorder
Recuva (Version: 1.48)
Replay Video Capture (Version: 3.1B)
Replay Video Capture 7 (Version: 7.2)
Revo Uninstaller Pro 3.0.7 (Version: 3.0.7)
S?????? f?t???af??? (Version: 16.4.3505.0912)
Skype Click to Call (Version: 7.2.15747.10003)
Skype™ 6.14 (Version: 6.14.104)
Slideshow Creator (Version: 2.2)
SlimCleaner (Version: 4.0.30878)
SmartSound Quicktracks 5 (Version: 5.1.8)
SoftEther VPN Client (Version: 4.05.9423)
Speccy (Version: 1.23)
Spotflux (Version: 2.9.20)
Stellar Phoenix Windows Data Recovery - Professional (Version: 5.0.0.0)
StrategyRunner Paper Console (Version: 4.0.0.5)
Streaming Audio Recorder V2.5.2 (Version: 2.5.2)
StreamTransport version: 1.0.2.2171
Subtitle Edit 3.2.7 (Version: 3.2.7)
Super-Charger (Version: 1.2.018)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.3.1.2)
TeamViewer 7 (Version: 7.0.15723)
Torch (Version: 29.0.0.5530)
Traffic Travis 4.1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft SharePoint Designer 2010 (KB2553382) 32-Bit Edition
Update for Microsoft SharePoint Designer 2010 (KB2553459) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Viber (Version: 3.0.0.134193)
VideoGenie (Version: 1.0.0.12)
VideoPad Video Editor
VLC media player 2.1.3 (Version: 2.1.3)
Vuze (Version: 5.3.0.0)
WebM Media Foundation Components (Version: 1.0.1.0)
Winamp (Version: 5.65 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
WinPcap 4.1.3 (Version: 4.1.0.2980)
WinRAR 5.10 beta 2 (64-bit) (Version: 5.10.2)
WinRAR archiver
WinX DVD Ripper 5.5.6
WPF Toolkit February 2010 (Version 3.5.50211.1) (Version: 3.5.50211.1)
YTD YouTube Downloader & Converter 3.7
ZIP Password Unlocker 3.0.1.9

========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 7981.53 MB
Available physical RAM: 5577.8 MB
Total Pagefile: 15961.23 MB
Available Pagefile: 13816.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.29 MB

========================= Partitions: =====================================

1 Drive c: (OS_Install) (Fixed) (Total:272.2 GB) (Free:111.47 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:181.47 GB) (Free:179.01 GB) NTFS
4 Drive y: (Elements) (Fixed) (Total:931.48 GB) (Free:541.23 GB) NTFS

========================= Users: ========================================

User accounts for \\MSI-MSI

Administrator            Guest                    msi                      


**** End of log ****
 



#6 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 17 April 2014 - 07:09 PM

step 2 - TDSSKiller log.txt results

 

 

 

 

03:06:02.0502 0x1250  TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
03:06:05.0913 0x1250  ============================================================
03:06:05.0913 0x1250  Current date / time: 2014/04/18 03:06:05.0913
03:06:05.0913 0x1250  SystemInfo:
03:06:05.0913 0x1250  
03:06:05.0913 0x1250  OS Version: 6.1.7601 ServicePack: 1.0
03:06:05.0913 0x1250  Product type: Workstation
03:06:05.0913 0x1250  ComputerName: MSI-MSI
03:06:05.0914 0x1250  UserName: msi
03:06:05.0914 0x1250  Windows directory: C:\Windows
03:06:05.0914 0x1250  System windows directory: C:\Windows
03:06:05.0914 0x1250  Running under WOW64
03:06:05.0914 0x1250  Processor architecture: Intel x64
03:06:05.0914 0x1250  Number of processors: 4
03:06:05.0914 0x1250  Page size: 0x1000
03:06:05.0914 0x1250  Boot type: Normal boot
03:06:05.0914 0x1250  ============================================================
03:06:08.0099 0x1250  KLMD registered as C:\Windows\system32\drivers\37102115.sys
03:06:08.0338 0x1250  System UUID: {5EECFF24-F63B-2512-7B57-ADEF81ECC520}
03:06:09.0015 0x1250  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:06:09.0366 0x1250  Drive \Device\Harddisk1\DR3 - Size: 0xE8DED00000 (931.48 Gb), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
03:06:09.0369 0x1250  ============================================================
03:06:09.0369 0x1250  \Device\Harddisk0\DR0:
03:06:09.0369 0x1250  MBR partitions:
03:06:09.0369 0x1250  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x22064800
03:06:09.0369 0x1250  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23897000, BlocksNum 0x16AEE800
03:06:09.0369 0x1250  \Device\Harddisk1\DR3:
03:06:09.0370 0x1250  MBR partitions:
03:06:09.0370 0x1250  \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F6000
03:06:09.0370 0x1250  ============================================================
03:06:09.0421 0x1250  C: <-> \Device\Harddisk0\DR0\Partition1
03:06:09.0466 0x1250  D: <-> \Device\Harddisk0\DR0\Partition2
03:06:09.0481 0x1250  Y: <-> \Device\Harddisk1\DR3\Partition1
03:06:09.0481 0x1250  ============================================================
03:06:09.0481 0x1250  Initialize success
03:06:09.0481 0x1250  ============================================================
03:06:10.0514 0x1734  ============================================================
03:06:10.0514 0x1734  Scan started
03:06:10.0514 0x1734  Mode: Manual;
03:06:10.0514 0x1734  ============================================================
03:06:10.0514 0x1734  KSN ping started
03:06:13.0004 0x1734  KSN ping finished: true
03:06:13.0954 0x1734  ================ Scan system memory ========================
03:06:13.0954 0x1734  System memory - ok
03:06:13.0956 0x1734  ================ Scan services =============================
03:06:14.0278 0x1734  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
03:06:14.0285 0x1734  1394ohci - ok
03:06:14.0543 0x1734  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
03:06:14.0549 0x1734  ACDaemon - ok
03:06:14.0583 0x1734  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
03:06:14.0595 0x1734  ACPI - ok
03:06:14.0614 0x1734  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
03:06:14.0614 0x1734  AcpiPmi - ok
03:06:14.0783 0x1734  [ AD1EE24224F770E598794ECABA26E8F3, 7ABD9895311FA257CBF1AFA196FB1A4AEC760252B8B364D4BB69877B704E2019 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
03:06:14.0812 0x1734  AcrSch2Svc - ok
03:06:14.0876 0x1734  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
03:06:14.0880 0x1734  AdobeARMservice - ok
03:06:15.0093 0x1734  [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
03:06:15.0100 0x1734  AdobeFlashPlayerUpdateSvc - ok
03:06:15.0176 0x1734  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
03:06:15.0189 0x1734  adp94xx - ok
03:06:15.0263 0x1734  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
03:06:15.0272 0x1734  adpahci - ok
03:06:15.0297 0x1734  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
03:06:15.0302 0x1734  adpu320 - ok
03:06:15.0384 0x1734  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
03:06:15.0389 0x1734  AeLookupSvc - ok
03:06:15.0481 0x1734  [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
03:06:15.0496 0x1734  afcdp - ok
03:06:15.0688 0x1734  [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
03:06:15.0775 0x1734  afcdpsrv - ok
03:06:15.0892 0x1734  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
03:06:15.0909 0x1734  AFD - ok
03:06:15.0948 0x1734  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
03:06:15.0950 0x1734  agp440 - ok
03:06:15.0965 0x1734  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
03:06:15.0967 0x1734  ALG - ok
03:06:16.0010 0x1734  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
03:06:16.0011 0x1734  aliide - ok
03:06:16.0065 0x1734  [ AA04E9011C4CFEC60AF3734BF64EB50F, 9297758DC7CF6F9EA61CB28A4E52C9B8BDA8732F293237711850422F3A391A9F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
03:06:16.0076 0x1734  AMD External Events Utility - ok
03:06:16.0095 0x1734  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
03:06:16.0096 0x1734  amdide - ok
03:06:16.0136 0x1734  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
03:06:16.0138 0x1734  AmdK8 - ok
03:06:16.0456 0x1734  [ 0D0AF6574E723334F8BDE3E631145D18, 46BE3216ADC1FA7165B81F4C1671429B51866533CF3E59242BC97C8BC0B4C978 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
03:06:16.0633 0x1734  amdkmdag - ok
03:06:16.0769 0x1734  [ 693D7A53BCA6433FDC660CEA0AD20153, 10BEFEA463DAB99ED8DF9A816846773405A1F22CC920D0113D6A6007334BCAB8 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
03:06:16.0778 0x1734  amdkmdap - ok
03:06:16.0796 0x1734  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
03:06:16.0798 0x1734  AmdPPM - ok
03:06:16.0853 0x1734  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
03:06:16.0856 0x1734  amdsata - ok
03:06:16.0883 0x1734  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
03:06:16.0889 0x1734  amdsbs - ok
03:06:16.0959 0x1734  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
03:06:16.0961 0x1734  amdxata - ok
03:06:17.0004 0x1734  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
03:06:17.0006 0x1734  AppID - ok
03:06:17.0069 0x1734  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
03:06:17.0070 0x1734  AppIDSvc - ok
03:06:17.0120 0x1734  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
03:06:17.0123 0x1734  Appinfo - ok
03:06:17.0169 0x1734  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
03:06:17.0172 0x1734  arc - ok
03:06:17.0187 0x1734  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
03:06:17.0190 0x1734  arcsas - ok
03:06:17.0245 0x1734  [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
03:06:17.0246 0x1734  ArcSoftKsUFilter - ok
03:06:17.0466 0x1734  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
03:06:17.0468 0x1734  aspnet_state - ok
03:06:17.0487 0x1734  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
03:06:17.0488 0x1734  AsyncMac - ok
03:06:17.0524 0x1734  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
03:06:17.0525 0x1734  atapi - ok
03:06:17.0697 0x1734  [ B4174564AD5834A1680610572477878C, EA8687C90FE871AA427B4139BEE425E6DC4CFBC4CF3DCE29695EB9B967D9872F ] athr            C:\Windows\system32\DRIVERS\athrx.sys
03:06:17.0763 0x1734  athr - ok
03:06:17.0919 0x1734  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:06:17.0940 0x1734  AudioEndpointBuilder - ok
03:06:17.0972 0x1734  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
03:06:17.0989 0x1734  AudioSrv - ok
03:06:18.0017 0x1734  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
03:06:18.0020 0x1734  AxInstSV - ok
03:06:18.0105 0x1734  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
03:06:18.0125 0x1734  b06bdrv - ok
03:06:18.0242 0x1734  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
03:06:18.0259 0x1734  b57nd60a - ok
03:06:18.0397 0x1734  [ C68EF736CB6E92E885B9A085536B8C6F, F8821F5ECAAA25457619AB11B46AF372B1E7AED7491D2C640C1C4A67CB1E0D77 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.352.0\BBSvc.exe
03:06:18.0403 0x1734  BBSvc - ok
03:06:18.0433 0x1734  [ D4B0EE780CF3C1918A8FF65865D3B91F, 6ECA1E43C114D6E449D0A509CA3A8B762F53C5BC23B4D37F877B8DB2367010E5 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.352.0\SeaPort.exe
03:06:18.0439 0x1734  BBUpdate - ok
03:06:18.0492 0x1734  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
03:06:18.0499 0x1734  BDESVC - ok
03:06:18.0517 0x1734  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
03:06:18.0518 0x1734  Beep - ok
03:06:18.0579 0x1734  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
03:06:18.0599 0x1734  BFE - ok
03:06:18.0673 0x1734  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
03:06:18.0697 0x1734  BITS - ok
03:06:18.0729 0x1734  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
03:06:18.0731 0x1734  blbdrive - ok
03:06:19.0014 0x1734  [ 9928D0CDD422213432C28EB22A856299, 7D419BA2096CF4C8919D86CAFF2BF55E8979870EE268CEE88E7937A4BF7454A3 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
03:06:19.0112 0x1734  Bluetooth Device Manager - ok
03:06:19.0178 0x1734  [ 21B1CB06C0254BBC08B8C30D8F282E69, 96119169E4CFE89F52F80E5B2C27988EB4B5E9F1AB41A58F1C42BD8DB473099E ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
03:06:19.0207 0x1734  Bluetooth Media Service - ok
03:06:19.0245 0x1734  [ 0BC0DC720F22A9D6D721FD5B7D15E84F, B1BD408A3A97AD6D8AFF17065FE5DFD7F156DC80D4FA9B6F471E220924ACDE5E ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
03:06:19.0261 0x1734  Bluetooth OBEX Service - ok
03:06:19.0309 0x1734  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
03:06:19.0312 0x1734  bowser - ok
03:06:19.0369 0x1734  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
03:06:19.0370 0x1734  BrFiltLo - ok
03:06:19.0389 0x1734  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
03:06:19.0390 0x1734  BrFiltUp - ok
03:06:19.0466 0x1734  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
03:06:19.0473 0x1734  Browser - ok
03:06:19.0565 0x1734  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
03:06:19.0578 0x1734  Brserid - ok
03:06:19.0616 0x1734  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
03:06:19.0618 0x1734  BrSerWdm - ok
03:06:19.0636 0x1734  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
03:06:19.0637 0x1734  BrUsbMdm - ok
03:06:19.0656 0x1734  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
03:06:19.0656 0x1734  BrUsbSer - ok
03:06:19.0671 0x1734  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
03:06:19.0674 0x1734  BTHMODEM - ok
03:06:19.0741 0x1734  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
03:06:19.0745 0x1734  bthserv - ok
03:06:19.0819 0x1734  [ 6D3FF2B480F7AB8DA103CBC7FBEACD48, 549EAF2A6362DD7FE3B9B3A6644CF89D6BEEC9C4D71296580799B5399C4304D1 ] BTMCOM          C:\Windows\system32\Drivers\btmcom.sys
03:06:19.0822 0x1734  BTMCOM - ok
03:06:19.0926 0x1734  [ 30F82ED1690986E9E49357A1F6F6D14A, 87B4A0FBD3F9A3DA1C96210D986D734BE2D83A40BBD562133A9355B3AA162A8F ] BTMUSB          C:\Windows\system32\Drivers\btmusb.sys
03:06:19.0940 0x1734  BTMUSB - ok
03:06:20.0210 0x1734  [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
03:06:20.0244 0x1734  c2cautoupdatesvc - ok
03:06:20.0348 0x1734  [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
03:06:20.0391 0x1734  c2cpnrsvc - ok
03:06:20.0453 0x1734  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
03:06:20.0458 0x1734  cdfs - ok
03:06:20.0496 0x1734  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
03:06:20.0503 0x1734  cdrom - ok
03:06:20.0557 0x1734  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
03:06:20.0563 0x1734  CertPropSvc - ok
03:06:20.0744 0x1734  [ 6A61DFC83D7BB41F376CBB16124D480B, BF6FEB177D892BA4EE2973596A99A5F23DE28EE164FBF47EAC7A601EDD103EDD ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
03:06:20.0802 0x1734  CGVPNCliSrvc - ok
03:06:20.0824 0x1734  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
03:06:20.0826 0x1734  circlass - ok
03:06:20.0850 0x1734  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
03:06:20.0859 0x1734  CLFS - ok
03:06:20.0947 0x1734  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:06:20.0952 0x1734  clr_optimization_v2.0.50727_32 - ok
03:06:21.0048 0x1734  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:06:21.0053 0x1734  clr_optimization_v2.0.50727_64 - ok
03:06:21.0177 0x1734  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:06:21.0183 0x1734  clr_optimization_v4.0.30319_32 - ok
03:06:21.0231 0x1734  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:06:21.0236 0x1734  clr_optimization_v4.0.30319_64 - ok
03:06:21.0259 0x1734  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
03:06:21.0260 0x1734  CmBatt - ok
03:06:21.0301 0x1734  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
03:06:21.0302 0x1734  cmdide - ok
03:06:21.0363 0x1734  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
03:06:21.0377 0x1734  CNG - ok
03:06:21.0437 0x1734  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
03:06:21.0438 0x1734  Compbatt - ok
03:06:21.0453 0x1734  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
03:06:21.0455 0x1734  CompositeBus - ok
03:06:21.0461 0x1734  COMSysApp - ok
03:06:21.0476 0x1734  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
03:06:21.0477 0x1734  crcdisk - ok
03:06:21.0533 0x1734  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
03:06:21.0538 0x1734  CryptSvc - ok
03:06:21.0598 0x1734  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
03:06:21.0613 0x1734  DcomLaunch - ok
03:06:21.0663 0x1734  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
03:06:21.0671 0x1734  defragsvc - ok
03:06:21.0706 0x1734  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
03:06:21.0709 0x1734  DfsC - ok
03:06:21.0736 0x1734  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
03:06:21.0744 0x1734  Dhcp - ok
03:06:21.0763 0x1734  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
03:06:21.0764 0x1734  discache - ok
03:06:21.0798 0x1734  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
03:06:21.0800 0x1734  Disk - ok
03:06:21.0882 0x1734  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
03:06:21.0891 0x1734  Dnscache - ok
03:06:21.0951 0x1734  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
03:06:21.0964 0x1734  dot3svc - ok
03:06:21.0996 0x1734  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
03:06:22.0001 0x1734  DPS - ok
03:06:22.0057 0x1734  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
03:06:22.0057 0x1734  drmkaud - ok
03:06:22.0173 0x1734  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
03:06:22.0196 0x1734  DXGKrnl - ok
03:06:22.0250 0x1734  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
03:06:22.0258 0x1734  EapHost - ok
03:06:22.0434 0x1734  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
03:06:22.0513 0x1734  ebdrv - ok
03:06:22.0574 0x1734  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
03:06:22.0578 0x1734  EFS - ok
03:06:22.0701 0x1734  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
03:06:22.0722 0x1734  ehRecvr - ok
03:06:22.0752 0x1734  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
03:06:22.0755 0x1734  ehSched - ok
03:06:22.0843 0x1734  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
03:06:22.0865 0x1734  elxstor - ok
03:06:22.0917 0x1734  [ 6106653B08F4F72EEAA7F099E7C408A4, 96B77284744F8761C4F2558388E0AEE2140618B484FF53FA8B222B340D2A9C84 ] epmntdrv        C:\windows\system32\epmntdrv.sys
03:06:22.0918 0x1734  epmntdrv - ok
03:06:22.0936 0x1734  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
03:06:22.0937 0x1734  ErrDev - ok
03:06:23.0009 0x1734  [ 991C04A31777ED77CB92A4F96F14C2E2, 6CC2A311D8E67032D0847D70B20DCA87B52B2B7FB3C380B3A5AB6C233E955DD2 ] EuGdiDrv        C:\windows\system32\EuGdiDrv.sys
03:06:23.0010 0x1734  EuGdiDrv - ok
03:06:23.0101 0x1734  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
03:06:23.0114 0x1734  EventSystem - ok
03:06:23.0138 0x1734  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
03:06:23.0144 0x1734  exfat - ok
03:06:23.0169 0x1734  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
03:06:23.0175 0x1734  fastfat - ok
03:06:23.0268 0x1734  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
03:06:23.0291 0x1734  Fax - ok
03:06:23.0330 0x1734  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
03:06:23.0331 0x1734  fdc - ok
03:06:23.0359 0x1734  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
03:06:23.0361 0x1734  fdPHost - ok
03:06:23.0374 0x1734  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
03:06:23.0375 0x1734  FDResPub - ok
03:06:23.0383 0x1734  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
03:06:23.0386 0x1734  FileInfo - ok
03:06:23.0401 0x1734  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
03:06:23.0402 0x1734  Filetrace - ok
03:06:23.0495 0x1734  [ 3D9B36631032FDE0FFEA0DC0260E4E35, 48B574A67D3FA015EBD078715CEC3E2B63B939D379CD4B40BFBB80397A2C58B3 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
03:06:23.0511 0x1734  FLEXnet Licensing Service - ok
03:06:23.0643 0x1734  [ 52C0312AB35EB7187015FB6A99136BB5, 54A45B0BF8108D018C86FD0542DA92E7A6F58CDB92C9E3674E115CD770031732 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
03:06:23.0668 0x1734  FLEXnet Licensing Service 64 - ok
03:06:23.0689 0x1734  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
03:06:23.0690 0x1734  flpydisk - ok
03:06:23.0715 0x1734  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
03:06:23.0723 0x1734  FltMgr - ok
03:06:23.0841 0x1734  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
03:06:23.0870 0x1734  FontCache - ok
03:06:23.0950 0x1734  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:06:23.0953 0x1734  FontCache3.0.0.0 - ok
03:06:23.0972 0x1734  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
03:06:23.0975 0x1734  FsDepends - ok
03:06:24.0029 0x1734  [ 768FAE6C348E5538B370FA62AB1B43B1, F1BEE8AE7A55745314A31734C0FAEE6141B423B55275322AB92DC258E7170CFB ] fspad_wlh64     C:\Windows\system32\DRIVERS\fspad_wlh64.sys
03:06:24.0032 0x1734  fspad_wlh64 - ok
03:06:24.0093 0x1734  [ 768FAE6C348E5538B370FA62AB1B43B1, F1BEE8AE7A55745314A31734C0FAEE6141B423B55275322AB92DC258E7170CFB ] fspad_xp64      C:\Windows\system32\DRIVERS\fspad_xp64.sys
03:06:24.0097 0x1734  fspad_xp64 - ok
03:06:24.0138 0x1734  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
03:06:24.0139 0x1734  Fs_Rec - ok
03:06:24.0209 0x1734  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
03:06:24.0219 0x1734  fvevol - ok
03:06:24.0279 0x1734  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
03:06:24.0282 0x1734  gagp30kx - ok
03:06:24.0349 0x1734  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:06:24.0351 0x1734  GEARAspiWDM - ok
03:06:24.0455 0x1734  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
03:06:24.0474 0x1734  gpsvc - ok
03:06:24.0622 0x1734  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:06:24.0629 0x1734  gupdate - ok
03:06:24.0640 0x1734  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:06:24.0645 0x1734  gupdatem - ok
03:06:24.0659 0x1734  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
03:06:24.0661 0x1734  hcw85cir - ok
03:06:24.0735 0x1734  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:06:24.0753 0x1734  HdAudAddService - ok
03:06:24.0784 0x1734  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
03:06:24.0787 0x1734  HDAudBus - ok
03:06:24.0842 0x1734  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
03:06:24.0846 0x1734  HECIx64 - ok
03:06:24.0861 0x1734  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
03:06:24.0863 0x1734  HidBatt - ok
03:06:24.0883 0x1734  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
03:06:24.0886 0x1734  HidBth - ok
03:06:24.0906 0x1734  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
03:06:24.0908 0x1734  HidIr - ok
03:06:24.0946 0x1734  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
03:06:24.0949 0x1734  hidserv - ok
03:06:25.0013 0x1734  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
03:06:25.0016 0x1734  HidUsb - ok
03:06:25.0536 0x1734  [ 7B3BE448BCACBF31FA486FAA67BF28C4, 62F523148F13FD8522895173B15CA81C2BFBF06C1F274929CEF591A644318ED0 ] HitmanPro37CrusaderBoot C:\Program Files\HitmanPro\HitmanPro.exe
03:06:25.0792 0x1734  HitmanPro37CrusaderBoot - ok
03:06:25.0920 0x1734  [ 760B03AE5E3244E22FFC3C1AE1F5264A, 1D926E28B95394C211CC29B898ECF3C3E19814EF4D09B04DBF9BDFB2596BD1AB ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
03:06:25.0927 0x1734  HitmanProScheduler - ok
03:06:25.0979 0x1734  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
03:06:25.0985 0x1734  hkmsvc - ok
03:06:26.0029 0x1734  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:06:26.0040 0x1734  HomeGroupListener - ok
03:06:26.0120 0x1734  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:06:26.0129 0x1734  HomeGroupProvider - ok
03:06:26.0206 0x1734  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
03:06:26.0211 0x1734  HpSAMD - ok
03:06:26.0283 0x1734  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
03:06:26.0301 0x1734  HTTP - ok
03:06:26.0316 0x1734  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
03:06:26.0317 0x1734  hwpolicy - ok
03:06:26.0346 0x1734  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
03:06:26.0349 0x1734  i8042prt - ok
03:06:26.0415 0x1734  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
03:06:26.0434 0x1734  iaStorV - ok
03:06:26.0536 0x1734  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:06:26.0560 0x1734  idsvc - ok
03:06:26.0601 0x1734  IEEtwCollectorService - ok
03:06:26.0618 0x1734  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
03:06:26.0619 0x1734  iirsp - ok
03:06:26.0727 0x1734  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
03:06:26.0750 0x1734  IKEEXT - ok
03:06:26.0783 0x1734  [ 4B6363CD4610BB848531BB260B15DFCC, 13A8AA9571497086341AC00797EFF212FF76EE62F9CFF758D3C08B377EC7BF04 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
03:06:26.0787 0x1734  Impcd - ok
03:06:27.0003 0x1734  [ 69976169745EDFB3225D9ABEB5E91155, D1AFF69AF178B46FD9F319AA9DF8738ACB03559DE24C1114EEF46A22D01F0982 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
03:06:27.0093 0x1734  IntcAzAudAddService - ok
03:06:27.0188 0x1734  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
03:06:27.0203 0x1734  IntcDAud - ok
03:06:27.0230 0x1734  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
03:06:27.0231 0x1734  intelide - ok
03:06:27.0968 0x1734  [ 09CE164AFA8483E41808784D7FCA154E, 43557E44C8339469BD34B54D2080AF041356F0201A7ECA3A6EEEA9C9C7D78F87 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
03:06:28.0212 0x1734  intelkmd - ok
03:06:28.0358 0x1734  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
03:06:28.0362 0x1734  intelppm - ok
03:06:28.0409 0x1734  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
03:06:28.0413 0x1734  IPBusEnum - ok
03:06:28.0435 0x1734  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:06:28.0438 0x1734  IpFilterDriver - ok
03:06:28.0514 0x1734  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
03:06:28.0536 0x1734  iphlpsvc - ok
03:06:28.0550 0x1734  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
03:06:28.0552 0x1734  IPMIDRV - ok
03:06:28.0571 0x1734  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
03:06:28.0574 0x1734  IPNAT - ok
03:06:28.0594 0x1734  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
03:06:28.0595 0x1734  IRENUM - ok
03:06:28.0610 0x1734  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
03:06:28.0611 0x1734  isapnp - ok
03:06:28.0654 0x1734  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
03:06:28.0670 0x1734  iScsiPrt - ok
03:06:28.0714 0x1734  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
03:06:28.0717 0x1734  kbdclass - ok
03:06:28.0748 0x1734  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
03:06:28.0751 0x1734  kbdhid - ok
03:06:28.0772 0x1734  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
03:06:28.0776 0x1734  KeyIso - ok
03:06:28.0820 0x1734  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
03:06:28.0825 0x1734  KSecDD - ok
03:06:28.0843 0x1734  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
03:06:28.0850 0x1734  KSecPkg - ok
03:06:28.0866 0x1734  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
03:06:28.0867 0x1734  ksthunk - ok
03:06:28.0921 0x1734  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
03:06:28.0932 0x1734  KtmRm - ok
03:06:29.0089 0x1734  [ B4D3522E89DB87F0DF722D73842B2513, 98FD5DE14D0F17A813F2D0285AAF6C4E8C152ED6A673D836C8D235C16932C73F ] LaCieDesktopManagerService C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
03:06:29.0123 0x1734  LaCieDesktopManagerService - ok
03:06:29.0190 0x1734  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
03:06:29.0198 0x1734  LanmanServer - ok
03:06:29.0247 0x1734  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:06:29.0254 0x1734  LanmanWorkstation - ok
03:06:29.0285 0x1734  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
03:06:29.0287 0x1734  lltdio - ok
03:06:29.0343 0x1734  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
03:06:29.0352 0x1734  lltdsvc - ok
03:06:29.0368 0x1734  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
03:06:29.0370 0x1734  lmhosts - ok
03:06:29.0477 0x1734  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
03:06:29.0484 0x1734  LMS - ok
03:06:29.0518 0x1734  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
03:06:29.0521 0x1734  LSI_FC - ok
03:06:29.0569 0x1734  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
03:06:29.0572 0x1734  LSI_SAS - ok
03:06:29.0590 0x1734  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
03:06:29.0592 0x1734  LSI_SAS2 - ok
03:06:29.0609 0x1734  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
03:06:29.0612 0x1734  LSI_SCSI - ok
03:06:29.0649 0x1734  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
03:06:29.0652 0x1734  luafv - ok
03:06:29.0699 0x1734  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
03:06:29.0705 0x1734  Mcx2Svc - ok
03:06:29.0797 0x1734  [ CF17A39BA7D1D1E386FD0C1303642B91, 8C7F6530F30C56241D54FC0799347E586332C1299DE1222AC9C08AD523E9CD96 ] MDA_NTDRV       C:\Windows\system32\MDA_NTDRV.sys
03:06:29.0800 0x1734  MDA_NTDRV - ok
03:06:29.0821 0x1734  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
03:06:29.0823 0x1734  megasas - ok
03:06:29.0858 0x1734  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
03:06:29.0869 0x1734  MegaSR - ok
03:06:30.0021 0x1734  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
03:06:30.0026 0x1734  Microsoft Office Groove Audit Service - ok
03:06:30.0086 0x1734  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
03:06:30.0092 0x1734  MMCSS - ok
03:06:30.0114 0x1734  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
03:06:30.0116 0x1734  Modem - ok
03:06:30.0170 0x1734  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
03:06:30.0172 0x1734  monitor - ok
03:06:30.0191 0x1734  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
03:06:30.0194 0x1734  mouclass - ok
03:06:30.0226 0x1734  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
03:06:30.0228 0x1734  mouhid - ok
03:06:30.0244 0x1734  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
03:06:30.0248 0x1734  mountmgr - ok
03:06:30.0370 0x1734  [ C8F70DDFD2CAA5B624CABF267304215D, 1734BC28470D5CAEC6154BA9BC44ADE25D55653C897724EFB93C74F73E45DAF7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
03:06:30.0379 0x1734  MozillaMaintenance - ok
03:06:30.0456 0x1734  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
03:06:30.0471 0x1734  MpFilter - ok
03:06:30.0492 0x1734  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
03:06:30.0496 0x1734  mpio - ok
03:06:30.0534 0x1734  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
03:06:30.0536 0x1734  mpsdrv - ok
03:06:30.0637 0x1734  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
03:06:30.0658 0x1734  MpsSvc - ok
03:06:30.0710 0x1734  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
03:06:30.0714 0x1734  MRxDAV - ok
03:06:30.0798 0x1734  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
03:06:30.0807 0x1734  mrxsmb - ok
03:06:30.0836 0x1734  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:06:30.0845 0x1734  mrxsmb10 - ok
03:06:30.0905 0x1734  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:06:30.0912 0x1734  mrxsmb20 - ok
03:06:30.0974 0x1734  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
03:06:30.0976 0x1734  msahci - ok
03:06:31.0044 0x1734  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
03:06:31.0053 0x1734  msdsm - ok
03:06:31.0089 0x1734  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
03:06:31.0099 0x1734  MSDTC - ok
03:06:31.0139 0x1734  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
03:06:31.0141 0x1734  Msfs - ok
03:06:31.0172 0x1734  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
03:06:31.0173 0x1734  mshidkmdf - ok
03:06:31.0195 0x1734  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
03:06:31.0196 0x1734  msisadrv - ok
03:06:31.0248 0x1734  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
03:06:31.0259 0x1734  MSiSCSI - ok
03:06:31.0264 0x1734  msiserver - ok
03:06:31.0439 0x1734  [ C23F5F6865AD25DD70A00A32DEA2D0A9, 5C284AC9ABED799D6668096D3FBA9C26C9BDA844B91D93CB057048725CAA56B5 ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
03:06:31.0447 0x1734  MSI_SuperCharger - ok
03:06:31.0474 0x1734  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
03:06:31.0475 0x1734  MSKSSRV - ok
03:06:31.0588 0x1734  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
03:06:31.0590 0x1734  MsMpSvc - ok
03:06:31.0603 0x1734  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
03:06:31.0604 0x1734  MSPCLOCK - ok
03:06:31.0615 0x1734  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
03:06:31.0615 0x1734  MSPQM - ok
03:06:31.0639 0x1734  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
03:06:31.0648 0x1734  MsRPC - ok
03:06:31.0663 0x1734  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
03:06:31.0664 0x1734  mssmbios - ok
03:06:31.0679 0x1734  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
03:06:31.0680 0x1734  MSTEE - ok
03:06:31.0696 0x1734  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
03:06:31.0697 0x1734  MTConfig - ok
03:06:31.0715 0x1734  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
03:06:31.0717 0x1734  Mup - ok
03:06:31.0794 0x1734  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
03:06:31.0809 0x1734  napagent - ok
03:06:31.0854 0x1734  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
03:06:31.0863 0x1734  NativeWifiP - ok
03:06:31.0993 0x1734  [ 1BBBF640BC0E0B750537BAECE8D66C18, 621C1130B0C48AA900D78097E1685507A614AA9953644972C572DE267B2A6348 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
03:06:32.0016 0x1734  NAUpdate - ok
03:06:32.0133 0x1734  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
03:06:32.0156 0x1734  NDIS - ok
03:06:32.0169 0x1734  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
03:06:32.0170 0x1734  NdisCap - ok
03:06:32.0199 0x1734  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
03:06:32.0200 0x1734  NdisTapi - ok
03:06:32.0213 0x1734  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
03:06:32.0215 0x1734  Ndisuio - ok
03:06:32.0233 0x1734  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
03:06:32.0238 0x1734  NdisWan - ok
03:06:32.0254 0x1734  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
03:06:32.0256 0x1734  NDProxy - ok
03:06:32.0303 0x1734  [ 62B511C3920978B4CE087F7E01DAD9A3, EF1B4F1471F384E16A95F03AAC1DFB8E0CED4264C4A12B9CF02A37CCD30B75A0 ] Neo_VPN-test    C:\Windows\system32\DRIVERS\Neo_0053.sys
03:06:32.0304 0x1734  Neo_VPN-test - ok
03:06:32.0321 0x1734  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
03:06:32.0323 0x1734  NetBIOS - ok
03:06:32.0349 0x1734  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
03:06:32.0356 0x1734  NetBT - ok
03:06:32.0372 0x1734  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
03:06:32.0374 0x1734  Netlogon - ok
03:06:32.0441 0x1734  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
03:06:32.0462 0x1734  Netman - ok
03:06:32.0513 0x1734  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:06:32.0517 0x1734  NetMsmqActivator - ok
03:06:32.0535 0x1734  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:06:32.0539 0x1734  NetPipeActivator - ok
03:06:32.0558 0x1734  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
03:06:32.0571 0x1734  netprofm - ok
03:06:32.0733 0x1734  [ 78DFEAB988E0B0EA4ECF29D908D09AF6, E7D447CBBF4B3B561D5062CE5B7B26E8430D2A0DA7E0F59CC3A07839B37E8136 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
03:06:32.0787 0x1734  netr28ux - ok
03:06:32.0812 0x1734  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:06:32.0817 0x1734  NetTcpActivator - ok
03:06:32.0824 0x1734  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:06:32.0828 0x1734  NetTcpPortSharing - ok
03:06:32.0894 0x1734  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
03:06:32.0899 0x1734  nfrd960 - ok
03:06:32.0949 0x1734  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
03:06:32.0957 0x1734  NisDrv - ok
03:06:33.0033 0x1734  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
03:06:33.0045 0x1734  NisSrv - ok
03:06:33.0099 0x1734  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
03:06:33.0118 0x1734  NlaSvc - ok
03:06:33.0175 0x1734  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
03:06:33.0178 0x1734  NPF - ok
03:06:33.0199 0x1734  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
03:06:33.0202 0x1734  Npfs - ok
03:06:33.0261 0x1734  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
03:06:33.0265 0x1734  nsi - ok
03:06:33.0294 0x1734  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
03:06:33.0296 0x1734  nsiproxy - ok
03:06:33.0440 0x1734  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
03:06:33.0481 0x1734  Ntfs - ok
03:06:33.0541 0x1734  [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3   C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
03:06:33.0542 0x1734  NTIOLib_1_0_3 - ok
03:06:33.0637 0x1734  [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4   C:\Program Files (x86)\msi\Live Update 5\NTIOLib_X64.sys
03:06:33.0638 0x1734  NTIOLib_1_0_4 - ok
03:06:33.0660 0x1734  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
03:06:33.0660 0x1734  Null - ok
03:06:33.0693 0x1734  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
03:06:33.0699 0x1734  nvraid - ok
03:06:33.0781 0x1734  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
03:06:33.0789 0x1734  nvstor - ok
03:06:33.0825 0x1734  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
03:06:33.0830 0x1734  nv_agp - ok
03:06:33.0996 0x1734  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
03:06:34.0015 0x1734  odserv - ok
03:06:34.0036 0x1734  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
03:06:34.0038 0x1734  ohci1394 - ok
03:06:34.0101 0x1734  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:06:34.0109 0x1734  ose - ok
03:06:34.0441 0x1734  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:06:34.0558 0x1734  osppsvc - ok
03:06:34.0648 0x1734  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
03:06:34.0662 0x1734  p2pimsvc - ok
03:06:34.0734 0x1734  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
03:06:34.0749 0x1734  p2psvc - ok
03:06:34.0769 0x1734  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
03:06:34.0772 0x1734  Parport - ok
03:06:34.0829 0x1734  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
03:06:34.0833 0x1734  partmgr - ok
03:06:34.0864 0x1734  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
03:06:34.0874 0x1734  PcaSvc - ok
03:06:34.0898 0x1734  pccsmcfd - ok
03:06:34.0966 0x1734  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
03:06:34.0976 0x1734  pci - ok
03:06:35.0022 0x1734  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
03:06:35.0024 0x1734  pciide - ok
03:06:35.0052 0x1734  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
03:06:35.0063 0x1734  pcmcia - ok
03:06:35.0089 0x1734  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
03:06:35.0091 0x1734  pcw - ok
03:06:35.0161 0x1734  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
03:06:35.0177 0x1734  PEAUTH - ok
03:06:35.0314 0x1734  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
03:06:35.0317 0x1734  PerfHost - ok
03:06:35.0451 0x1734  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
03:06:35.0487 0x1734  pla - ok
03:06:35.0560 0x1734  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
03:06:35.0574 0x1734  PlugPlay - ok
03:06:35.0585 0x1734  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
03:06:35.0588 0x1734  PNRPAutoReg - ok
03:06:35.0617 0x1734  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
03:06:35.0626 0x1734  PNRPsvc - ok
03:06:35.0701 0x1734  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
03:06:35.0714 0x1734  PolicyAgent - ok
03:06:35.0785 0x1734  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
03:06:35.0797 0x1734  Power - ok
03:06:35.0848 0x1734  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
03:06:35.0854 0x1734  PptpMiniport - ok
03:06:35.0903 0x1734  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
03:06:35.0906 0x1734  Processor - ok
03:06:35.0967 0x1734  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
03:06:35.0980 0x1734  ProfSvc - ok
03:06:35.0995 0x1734  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
03:06:35.0998 0x1734  ProtectedStorage - ok
03:06:36.0097 0x1734  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
03:06:36.0133 0x1734  ql2300 - ok
03:06:36.0159 0x1734  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
03:06:36.0162 0x1734  ql40xx - ok
03:06:36.0239 0x1734  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
03:06:36.0255 0x1734  QWAVE - ok
03:06:36.0278 0x1734  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
03:06:36.0279 0x1734  QWAVEdrv - ok
03:06:36.0428 0x1734  [ E3D78F6FE54B27DE451E350AC908E8B4, 55F4EC8044E513640867DC9521279FA92D8C753807049D136C9C1D041B99E254 ] RalinkRegistryWriter C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
03:06:36.0447 0x1734  RalinkRegistryWriter - ok
03:06:36.0479 0x1734  [ 956C8ADBCBCD003AEE3D34B10E94D04A, 25A419A8283D56BCCD743482696F1FB430CB201211127490E3120F2452D3B701 ] RalinkRegistryWriter64 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
03:06:36.0490 0x1734  RalinkRegistryWriter64 - ok
03:06:36.0623 0x1734  [ 2977F7750EA2BECB3E623814D2C18800, A2FAE078FC18481C59D7D3B465D4E53756D85C1C49F6471D3840EEF49814EA19 ] RaMediaServer   C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
03:06:36.0667 0x1734  RaMediaServer - ok
03:06:36.0764 0x1734  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
03:06:36.0766 0x1734  RasAcd - ok
03:06:36.0817 0x1734  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
03:06:36.0820 0x1734  RasAgileVpn - ok
03:06:36.0865 0x1734  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
03:06:36.0871 0x1734  RasAuto - ok
03:06:36.0896 0x1734  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
03:06:36.0901 0x1734  Rasl2tp - ok
03:06:36.0941 0x1734  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
03:06:36.0956 0x1734  RasMan - ok
03:06:36.0968 0x1734  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
03:06:36.0972 0x1734  RasPppoe - ok
03:06:36.0982 0x1734  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
03:06:36.0984 0x1734  RasSstp - ok
03:06:37.0039 0x1734  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
03:06:37.0054 0x1734  rdbss - ok
03:06:37.0074 0x1734  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
03:06:37.0075 0x1734  rdpbus - ok
03:06:37.0092 0x1734  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
03:06:37.0092 0x1734  RDPCDD - ok
03:06:37.0126 0x1734  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
03:06:37.0127 0x1734  RDPENCDD - ok
03:06:37.0138 0x1734  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
03:06:37.0139 0x1734  RDPREFMP - ok
03:06:37.0198 0x1734  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
03:06:37.0199 0x1734  RdpVideoMiniport - ok
03:06:37.0247 0x1734  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
03:06:37.0259 0x1734  RDPWD - ok
03:06:37.0293 0x1734  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
03:06:37.0300 0x1734  rdyboost - ok
03:06:37.0346 0x1734  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
03:06:37.0351 0x1734  RemoteAccess - ok
03:06:37.0375 0x1734  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
03:06:37.0381 0x1734  RemoteRegistry - ok
03:06:37.0461 0x1734  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
03:06:37.0463 0x1734  Revoflt - ok
03:06:37.0567 0x1734  [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
03:06:37.0582 0x1734  RichVideo64 - ok
03:06:37.0645 0x1734  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
03:06:37.0652 0x1734  rpcapd - ok
03:06:37.0672 0x1734  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
03:06:37.0677 0x1734  RpcEptMapper - ok
03:06:37.0717 0x1734  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
03:06:37.0719 0x1734  RpcLocator - ok
03:06:37.0764 0x1734  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
03:06:37.0782 0x1734  RpcSs - ok
03:06:37.0851 0x1734  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
03:06:37.0856 0x1734  rspndr - ok
03:06:37.0975 0x1734  [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
03:06:38.0000 0x1734  RTL8167 - ok
03:06:38.0016 0x1734  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
03:06:38.0018 0x1734  SamSs - ok
03:06:38.0040 0x1734  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
03:06:38.0043 0x1734  sbp2port - ok
03:06:38.0074 0x1734  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
03:06:38.0081 0x1734  SCardSvr - ok
03:06:38.0094 0x1734  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
03:06:38.0095 0x1734  scfilter - ok
03:06:38.0164 0x1734  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
03:06:38.0193 0x1734  Schedule - ok
03:06:38.0243 0x1734  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
03:06:38.0245 0x1734  SCPolicySvc - ok
03:06:38.0276 0x1734  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
03:06:38.0282 0x1734  SDRSVC - ok
03:06:38.0329 0x1734  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
03:06:38.0330 0x1734  secdrv - ok
03:06:38.0343 0x1734  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
03:06:38.0346 0x1734  seclogon - ok
03:06:38.0359 0x1734  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
03:06:38.0363 0x1734  SENS - ok
03:06:38.0376 0x1734  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
03:06:38.0379 0x1734  SensrSvc - ok
03:06:38.0390 0x1734  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
03:06:38.0391 0x1734  Serenum - ok
03:06:38.0407 0x1734  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
03:06:38.0410 0x1734  Serial - ok
03:06:38.0466 0x1734  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
03:06:38.0468 0x1734  sermouse - ok
03:06:38.0518 0x1734  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
03:06:38.0523 0x1734  SessionEnv - ok
03:06:38.0780 0x1734  [ F1E263DE9C7A597F38B8C4E070F56139, DA5AFA6ED8D3B58729F04173BC799408BD4B9E559AA11136C13AEF8539ABC29B ] SEVPNCLIENT     C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
03:06:38.0882 0x1734  SEVPNCLIENT - ok
03:06:38.0984 0x1734  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
03:06:38.0986 0x1734  sffdisk - ok
03:06:39.0007 0x1734  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
03:06:39.0008 0x1734  sffp_mmc - ok
03:06:39.0028 0x1734  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
03:06:39.0029 0x1734  sffp_sd - ok
03:06:39.0045 0x1734  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
03:06:39.0046 0x1734  sfloppy - ok
03:06:39.0112 0x1734  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
03:06:39.0127 0x1734  SharedAccess - ok
03:06:39.0186 0x1734  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:06:39.0197 0x1734  ShellHWDetection - ok
03:06:39.0228 0x1734  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
03:06:39.0229 0x1734  SiSRaid2 - ok
03:06:39.0240 0x1734  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
03:06:39.0243 0x1734  SiSRaid4 - ok
03:06:39.0353 0x1734  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
03:06:39.0362 0x1734  SkypeUpdate - ok
03:06:39.0397 0x1734  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
03:06:39.0401 0x1734  Smb - ok
03:06:39.0485 0x1734  [ 39951F935C2FF77C6F4262DC5851F253, E8CBEAED3F018B29368F8CD59B55B3C9AB31561422300233B4F7626FAA79231D ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
03:06:39.0487 0x1734  SmbDrvI - ok
03:06:39.0584 0x1734  [ 7AE8BCA90539ECBDE87AC45BA1436BE3, E599200C44ECA5EB06475F90F67A58723B30C3C2887BD12ED7C31FF1042382EA ] smserial        C:\Windows\system32\DRIVERS\SmSerl64.sys
03:06:39.0613 0x1734  smserial - ok
03:06:39.0679 0x1734  [ 10450F432811D7FDA60A97FCC674D7B2, FD6245B06DD81C6E287DA47173D622357D86D84E3A5444CD34645973FE2E8BF5 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
03:06:39.0693 0x1734  snapman - ok
03:06:39.0747 0x1734  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
03:06:39.0749 0x1734  SNMPTRAP - ok
03:06:39.0807 0x1734  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
03:06:39.0808 0x1734  spldr - ok
03:06:39.0916 0x1734  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
03:06:39.0938 0x1734  Spooler - ok
03:06:40.0061 0x1734  [ DD1471053A74F62A6E656D4F5B1EEF70, F485F9A52B0BF8FE987DC4A3F1DB7E13157B3266EC04F4A0B8C74D52EECF49F1 ] SpotfluxUpdateService C:\Program Files (x86)\Spotflux\services\SpotfluxUpdateService.exe
03:06:40.0062 0x1734  SpotfluxUpdateService - ok
03:06:40.0220 0x1734  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
03:06:40.0305 0x1734  sppsvc - ok
03:06:40.0360 0x1734  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
03:06:40.0369 0x1734  sppuinotify - ok
03:06:40.0440 0x1734  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
03:06:40.0452 0x1734  srv - ok
03:06:40.0471 0x1734  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
03:06:40.0483 0x1734  srv2 - ok
03:06:40.0531 0x1734  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
03:06:40.0536 0x1734  srvnet - ok
03:06:40.0585 0x1734  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
03:06:40.0592 0x1734  SSDPSRV - ok
03:06:40.0614 0x1734  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
03:06:40.0619 0x1734  SstpSvc - ok
03:06:40.0662 0x1734  [ C270C64B4F6CA87DAC2D7F68ED57A141, A224264B90FCA9C597ED7D7923EBC34A3AD14885245D570CBEE8F24E27C91DC8 ] stdriver        C:\Windows\system32\DRIVERS\stdriver64.sys
03:06:40.0668 0x1734  stdriver - ok
03:06:40.0706 0x1734  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
03:06:40.0707 0x1734  stexstor - ok
03:06:40.0786 0x1734  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
03:06:40.0804 0x1734  stisvc - ok
03:06:40.0822 0x1734  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
03:06:40.0823 0x1734  swenum - ok
03:06:40.0860 0x1734  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
03:06:40.0875 0x1734  swprv - ok
03:06:40.0949 0x1734  [ 8080114C4B1954456BB1904000BCC293, B112509C5A6CC29318ACEA57D2F2711820C4C45F1BE698F097BF82D315001A09 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
03:06:40.0961 0x1734  SynTP - ok
03:06:41.0070 0x1734  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
03:06:41.0114 0x1734  SysMain - ok
03:06:41.0161 0x1734  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:06:41.0165 0x1734  TabletInputService - ok
03:06:41.0236 0x1734  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
03:06:41.0239 0x1734  tap0901 - ok
03:06:41.0274 0x1734  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
03:06:41.0288 0x1734  TapiSrv - ok
03:06:41.0351 0x1734  [ 185C2170CFD84F9D708276FBB5ABD77D, FCA00B5CC62F2C160326DBA2F6BF31746324BBE7D5E96291C345DCF2583CE324 ] tapSF0901       C:\Windows\system32\DRIVERS\tapSF0901.sys
03:06:41.0354 0x1734  tapSF0901 - ok
03:06:41.0389 0x1734  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
03:06:41.0395 0x1734  TBS - ok
03:06:41.0517 0x1734  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
03:06:41.0563 0x1734  Tcpip - ok
03:06:41.0675 0x1734  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
03:06:41.0720 0x1734  TCPIP6 - ok
03:06:41.0782 0x1734  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
03:06:41.0785 0x1734  tcpipreg - ok
03:06:41.0835 0x1734  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
03:06:41.0836 0x1734  TDPIPE - ok
03:06:41.0947 0x1734  [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273      C:\Windows\system32\DRIVERS\tdrpm273.sys
03:06:41.0977 0x1734  tdrpman273 - ok
03:06:42.0023 0x1734  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
03:06:42.0025 0x1734  TDTCP - ok
03:06:42.0048 0x1734  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
03:06:42.0051 0x1734  tdx - ok
03:06:42.0249 0x1734  [ C9B9373A0A430C11F0213E359D0772B2, 819D967B58987E1BBF0D4E6DDE0FB4800EDA6273762756A4BABB128566FED33B ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
03:06:42.0318 0x1734  TeamViewer7 - ok
03:06:42.0345 0x1734  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
03:06:42.0347 0x1734  TermDD - ok
03:06:42.0427 0x1734  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
03:06:42.0447 0x1734  TermService - ok
03:06:42.0491 0x1734  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
03:06:42.0494 0x1734  Themes - ok
03:06:42.0551 0x1734  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
03:06:42.0557 0x1734  THREADORDER - ok
03:06:42.0577 0x1734  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
03:06:42.0585 0x1734  TrkWks - ok
03:06:42.0659 0x1734  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:06:42.0664 0x1734  TrustedInstaller - ok
03:06:42.0707 0x1734  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
03:06:42.0708 0x1734  tssecsrv - ok
03:06:42.0765 0x1734  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
03:06:42.0769 0x1734  TsUsbFlt - ok
03:06:42.0810 0x1734  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
03:06:42.0812 0x1734  TsUsbGD - ok
03:06:42.0866 0x1734  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
03:06:42.0870 0x1734  tunnel - ok
03:06:42.0895 0x1734  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
03:06:42.0898 0x1734  uagp35 - ok
03:06:42.0929 0x1734  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
03:06:42.0938 0x1734  udfs - ok
03:06:42.0983 0x1734  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
03:06:42.0986 0x1734  UI0Detect - ok
03:06:43.0030 0x1734  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
03:06:43.0033 0x1734  uliagpkx - ok
03:06:43.0057 0x1734  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
03:06:43.0059 0x1734  umbus - ok
03:06:43.0074 0x1734  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
03:06:43.0075 0x1734  UmPass - ok
03:06:43.0313 0x1734  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
03:06:43.0370 0x1734  UNS - ok
03:06:43.0399 0x1734  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
03:06:43.0410 0x1734  upnphost - ok
03:06:43.0453 0x1734  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
03:06:43.0456 0x1734  usbccgp - ok
03:06:43.0518 0x1734  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
03:06:43.0521 0x1734  usbcir - ok
03:06:43.0567 0x1734  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
03:06:43.0569 0x1734  usbehci - ok
03:06:43.0625 0x1734  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
03:06:43.0635 0x1734  usbhub - ok
03:06:43.0682 0x1734  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
03:06:43.0684 0x1734  usbohci - ok
03:06:43.0762 0x1734  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
03:06:43.0764 0x1734  usbprint - ok
03:06:43.0820 0x1734  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
03:06:43.0823 0x1734  usbscan - ok
03:06:43.0885 0x1734  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:06:43.0891 0x1734  USBSTOR - ok
03:06:43.0988 0x1734  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
03:06:43.0990 0x1734  usbuhci - ok
03:06:44.0043 0x1734  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
03:06:44.0046 0x1734  UxSms - ok
03:06:44.0060 0x1734  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
03:06:44.0062 0x1734  VaultSvc - ok
03:06:44.0093 0x1734  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
03:06:44.0095 0x1734  vdrvroot - ok
03:06:44.0137 0x1734  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
03:06:44.0151 0x1734  vds - ok
03:06:44.0189 0x1734  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
03:06:44.0190 0x1734  vga - ok
03:06:44.0206 0x1734  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
03:06:44.0208 0x1734  VgaSave - ok
03:06:44.0232 0x1734  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
03:06:44.0239 0x1734  vhdmp - ok
03:06:44.0293 0x1734  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
03:06:44.0295 0x1734  viaide - ok
03:06:44.0322 0x1734  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
03:06:44.0326 0x1734  volmgr - ok
03:06:44.0362 0x1734  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
03:06:44.0377 0x1734  volmgrx - ok
03:06:44.0399 0x1734  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
03:06:44.0406 0x1734  volsnap - ok
03:06:44.0454 0x1734  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
03:06:44.0458 0x1734  vsmraid - ok
03:06:44.0564 0x1734  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
03:06:44.0604 0x1734  VSS - ok
03:06:44.0627 0x1734  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
03:06:44.0628 0x1734  vwifibus - ok
03:06:44.0665 0x1734  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
03:06:44.0667 0x1734  vwififlt - ok
03:06:44.0697 0x1734  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
03:06:44.0699 0x1734  vwifimp - ok
03:06:44.0727 0x1734  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
03:06:44.0739 0x1734  W32Time - ok
03:06:44.0753 0x1734  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
03:06:44.0755 0x1734  WacomPen - ok
03:06:44.0814 0x1734  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
03:06:44.0816 0x1734  WANARP - ok
03:06:44.0824 0x1734  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
03:06:44.0827 0x1734  Wanarpv6 - ok
03:06:44.0956 0x1734  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
03:06:44.0987 0x1734  WatAdminSvc - ok
03:06:45.0066 0x1734  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
03:06:45.0104 0x1734  wbengine - ok
03:06:45.0124 0x1734  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
03:06:45.0131 0x1734  WbioSrvc - ok
03:06:45.0155 0x1734  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
03:06:45.0166 0x1734  wcncsvc - ok
03:06:45.0178 0x1734  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:06:45.0181 0x1734  WcsPlugInService - ok
03:06:45.0191 0x1734  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
03:06:45.0192 0x1734  Wd - ok
03:06:45.0254 0x1734  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
03:06:45.0274 0x1734  Wdf01000 - ok
03:06:45.0299 0x1734  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
03:06:45.0304 0x1734  WdiServiceHost - ok
03:06:45.0312 0x1734  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
03:06:45.0316 0x1734  WdiSystemHost - ok
03:06:45.0359 0x1734  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
03:06:45.0369 0x1734  WebClient - ok
03:06:45.0396 0x1734  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
03:06:45.0404 0x1734  Wecsvc - ok
03:06:45.0418 0x1734  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
03:06:45.0422 0x1734  wercplsupport - ok
03:06:45.0445 0x1734  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
03:06:45.0449 0x1734  WerSvc - ok
03:06:45.0471 0x1734  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
03:06:45.0472 0x1734  WfpLwf - ok
03:06:45.0512 0x1734  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
03:06:45.0513 0x1734  WIMMount - ok
03:06:45.0559 0x1734  WinDefend - ok
03:06:45.0582 0x1734  WinHttpAutoProxySvc - ok
03:06:45.0693 0x1734  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
03:06:45.0704 0x1734  Winmgmt - ok
03:06:45.0722 0x1734  WinRing0_1_2_0 - ok
03:06:45.0869 0x1734  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
03:06:45.0920 0x1734  WinRM - ok
03:06:46.0060 0x1734  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
03:06:46.0083 0x1734  Wlansvc - ok
03:06:46.0330 0x1734  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:06:46.0390 0x1734  wlidsvc - ok
03:06:46.0488 0x1734  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
03:06:46.0489 0x1734  WmiAcpi - ok
03:06:46.0570 0x1734  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
03:06:46.0582 0x1734  wmiApSrv - ok
03:06:46.0640 0x1734  WMPNetworkSvc - ok
03:06:46.0657 0x1734  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
03:06:46.0661 0x1734  WPCSvc - ok
03:06:46.0686 0x1734  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
03:06:46.0693 0x1734  WPDBusEnum - ok
03:06:46.0734 0x1734  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
03:06:46.0735 0x1734  ws2ifsl - ok
03:06:46.0756 0x1734  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
03:06:46.0763 0x1734  wscsvc - ok
03:06:46.0768 0x1734  WSearch - ok
03:06:46.0941 0x1734  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
03:06:47.0003 0x1734  wuauserv - ok
03:06:47.0186 0x1734  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
03:06:47.0190 0x1734  WudfPf - ok
03:06:47.0225 0x1734  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
03:06:47.0232 0x1734  WUDFRd - ok
03:06:47.0273 0x1734  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
03:06:47.0277 0x1734  wudfsvc - ok
03:06:47.0328 0x1734  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
03:06:47.0337 0x1734  WwanSvc - ok
03:06:47.0422 0x1734  ================ Scan global ===============================
03:06:47.0461 0x1734  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
03:06:47.0506 0x1734  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
03:06:47.0528 0x1734  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
03:06:47.0607 0x1734  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
03:06:47.0684 0x1734  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
03:06:47.0699 0x1734  [ Global ] - ok
03:06:47.0700 0x1734  ================ Scan MBR ==================================
03:06:47.0712 0x1734  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:06:48.0090 0x1734  \Device\Harddisk0\DR0 - ok
03:06:48.0483 0x1734  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
03:06:48.0500 0x1734  \Device\Harddisk1\DR3 - ok
03:06:48.0500 0x1734  ================ Scan VBR ==================================
03:06:48.0505 0x1734  [ FF04C0115C87E2B31F7B10CAE5DB2757 ] \Device\Harddisk0\DR0\Partition1
03:06:48.0509 0x1734  \Device\Harddisk0\DR0\Partition1 - ok
03:06:48.0514 0x1734  [ 7EC115CBE72E8EA07C797166AF15A0A9 ] \Device\Harddisk0\DR0\Partition2
03:06:48.0517 0x1734  \Device\Harddisk0\DR0\Partition2 - ok
03:06:48.0523 0x1734  [ 88D4D6BF121381C1CFEA1B29A66B31E5 ] \Device\Harddisk1\DR3\Partition1
03:06:48.0565 0x1734  \Device\Harddisk1\DR3\Partition1 - ok
03:06:48.0566 0x1734  Waiting for KSN requests completion. In queue: 80
03:06:49.0566 0x1734  Waiting for KSN requests completion. In queue: 80
03:06:50.0566 0x1734  Waiting for KSN requests completion. In queue: 80
03:06:51.0582 0x1734  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
03:06:51.0588 0x1734  Win FW state via NFP2: enabled
03:06:54.0090 0x1734  ============================================================
03:06:54.0090 0x1734  Scan finished
03:06:54.0090 0x1734  ============================================================
03:06:54.0104 0x1078  Detected object count: 0
03:06:54.0104 0x1078  Actual detected object count: 0
03:07:05.0495 0x0d94  Deinitialize success


Edited by neroman00, 18 April 2014 - 04:39 AM.


#7 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 17 April 2014 - 07:20 PM

step 3 - results

 

 

# AdwCleaner v3.023 - Report created 18/04/2014 at 03:15:04
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : msi - MSI-MSI
# Running from : C:\Users\msi\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bywifi
Folder Deleted : C:\Program Files (x86)\eSupport.com
Folder Deleted : C:\Program Files (x86)\fassurun
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\Vuze
Folder Deleted : C:\Users\msi\AppData\Local\CrashRpt
Folder Deleted : C:\Users\msi\AppData\Local\eSupport.com
Folder Deleted : C:\Users\msi\AppData\Local\PackageAware
Folder Deleted : C:\Users\msi\AppData\Local\torch
Folder Deleted : C:\Users\msi\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\msi\AppData\Roaming\Iminent
Folder Deleted : C:\Users\msi\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\msi\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\msi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\msi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna
Folder Deleted : C:\Users\msi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\msi\AppData\Roaming\Mozilla\Firefox\Profiles\cu81qoj4.default\user.js
File Deleted : C:\Users\msi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Deleted : HKCU\Software\5b53da8abd3aeb42
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511131190}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\torch
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0 (en-US)

[ File : C:\Users\msi\AppData\Roaming\Mozilla\Firefox\Profiles\cu81qoj4.default\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "1450a64e056aa6777682413963e37f8d");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\msi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [8846 octets] - [18/04/2014 03:13:18]
AdwCleaner[S0].txt - [8643 octets] - [18/04/2014 03:15:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8703 octets] ##########



#8 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 17 April 2014 - 07:33 PM

step 4

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by msi on Fri 18/04/2014 at  3:24:52.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2965899324-3394625851-2540308716-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\fixcleaner



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\msi\AppData\Roaming\fixcleaner"
Successfully deleted: [Folder] "C:\Program Files (x86)\fixcleaner"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\msi\appdata\local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 18/04/2014 at  3:32:03.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#9 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 18 April 2014 - 04:15 AM

last step - ESETScan - results

 

 

C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\Documents\Vuze Downloads\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}.rar    a variant of Win32/Toolbar.Widgi potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\Documents\Vuze Downloads\YouTube HD Video Downloader [PRO] v3.5 + Serial Key - {RedDragon}\YouTube HD Video DownloaderSetup 3.5 .exe    a variant of Win32/Toolbar.Widgi potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\FAVORITES\Users\msi\AppData\Local\Babylon\Setup\BExternal.dll    a variant of Win32/Toolbar.Babylon.F potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\FAVORITES\Users\msi\AppData\Local\Babylon\Setup\IECookieLow.dll    a variant of Win32/Toolbar.Babylon.E potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\FAVORITES\Users\msi\AppData\Local\Babylon\Setup\Setup.exe    a variant of Win32/Toolbar.Babylon.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\My programs\ccsetup309.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\My programs\ccsetup310.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\My programs\ccsetup312.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\My programs\Hide.IP.Easy.v5.0.8.8.rar    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\My programs\Avast_Professional_6.0.1203_Final\Av_Professional_6.0.1203_Final.rar    a variant of Win32/Packed.Enigma.AAI trojan    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\My programs\Avast_Professional_6.0.1203_Final\Avast\avast! Internet Security 6.0.1203 - Final\ashBase.dll    a variant of Win32/Packed.Enigma.AAI trojan    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\gusetup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\VARIOUS DOCS\SUNDRY- UNDER REVIEW\AA VARIOUS\AA PIC\Reduce\SoftonicDownloader76267.exe    Win32/SoftonicDownloader.A potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\MixPad\mixpad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\MixPad\mpsetup_v2.52.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\MixPad\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\Recordpad\recordpad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\Recordpad\rpsetup_v4.06.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\Recordpad\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\Switch\switch.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\Switch\switchsetup_v4.17.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Software\Switch\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Swift Sound\ExpressBurn\burnsetup_v4.40.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Swift Sound\ExpressBurn\expressburn.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Swift Sound\ExpressBurn\uninst.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Swift Sound\ExpressRip\expressrip.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Swift Sound\ExpressRip\ripsetup_v1.81.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Desktop\WavePad Audio Editor Masters Edition v4.55\WavePad Sound Editor\%ProgramFilesDir%\NCH Swift Sound\ExpressRip\uninst.exe    a variant of Win32/Toolbar.Conduit.K potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Some Files which have not succesfully copied from C Drive\AGA - PERSONAL\New Folder various\HotspotShield_1.22.zip    a variant of Win32/HotSpotShield potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\OLD DESKTOP\Some Files which have not succesfully copied from C Drive\FIDELITY-  Special rates and terms for a middleman (antonis)\New folder\Desktop\gusetup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\ANDREAS THEOFANOUS- ??????? ?????????\Social Media Project -Strategy - Andreas Theophanous\facebookspymonitor13.zip    multiple threats    
C:\Users\msi\Desktop\ALL FOLDERS\NEW 2013\PhotoScape_V3.6.3.exe    Win32/OpenCandy potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\NEW 2013\ppadsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\NEW 2013\NEW 2013 (2)\New folder 2\RadioCatchWebRadioRecorder.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\NEW 2013\NEW 2013 (2)\New folder 2\SoftonicDownloader_for_streaming-audio-recorder.exe    Win32/SoftonicDownloader.E potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\NEW 2013\NEW 2013 (2)\New folder 2\stsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Desktop\ALL FOLDERS\OCTOBER 2012\DESKTOP-NEW\WWW.EXPRESSHARE.COM_Platinum Hide IP 3.0.7.8.rar    a variant of Win32/Injector.FUM trojan    
C:\Users\msi\Desktop\ALL FOLDERS\OCTOBER 2012\DESKTOP-NEW\PROGRAMS- 2012 February Programs\ccsetup315.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\OCTOBER 2012\DESKTOP-NEW\PROGRAMS- 2012 February Programs\ccsetup317.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    
C:\Users\msi\Desktop\ALL FOLDERS\OCTOBER 2012\DESKTOP-NEW\PROGRAMS- 2012 February Programs\FFSetup290.zip    a variant of Win32/ELEX potentially unwanted application    
C:\Users\msi\Desktop\EPITELEIO\NIKOLAS-Social Media Project -Strategy\facebookspymonitor13.zip    multiple threats    
C:\Users\msi\Documents\Vuze Downloads\Debut Video Capture pro v1.64 by pramod-1\debutsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\msi\Documents\Vuze Downloads\Easy Hide Ip 5.1.9.6.Setup + Crack  Full Version 2012\HideIPEasy-5.1.9.6.Setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Users\msi\Documents\Vuze Downloads\Hide IP Easy 5.3.1.2+Crack-XenoCoder\HideIPEasy-5.3.1.2.Setup.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    
C:\Users\msi\Documents\Vuze Downloads\Revo Uninstaller Pro 3.0.7 - Cyclonoid\Patch.rar    a variant of Win32/HackTool.Patcher.AD potentially unsafe application    
C:\Users\msi\Documents\Vuze Downloads\Revo Uninstaller Pro 3.0.7 - Cyclonoid\32bit\revo.uninstaller.pro.3.x.(x86)-patch.exe    a variant of Win32/HackTool.Patcher.AD potentially unsafe application    
C:\Users\msi\Documents\Vuze Downloads\Revo Uninstaller Pro 3.0.7 - Cyclonoid\64bit\revo.uninstaller.pro.3.x.(x64)-patch.exe    a variant of Win32/HackTool.Patcher.AD potentially unsafe application    
C:\Users\msi\Documents\Vuze Downloads\VideoPad Video Editor 2.41 With Serial [DownSoftsFree]{h33t}\vpsetup.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
C:\Users\msi\Downloads\cbsi-3_2_5_41-10703122.exe    a variant of Win32/CNETInstaller.A potentially unwanted application    
C:\Users\msi\Downloads\cbsidlm-cbsi145-Aktiv_MP3_Recorder-ORG-10911882.exe    a variant of Win32/CNETInstaller.B potentially unwanted application    
C:\Users\msi\Downloads\OrbitDownloaderSetup.exe    Win32/OpenCandy potentially unsafe application    
C:\Users\msi\Downloads\YouTube\cnet2_aimp_3_00_985_zip.exe    a variant of Win32/InstallCore.D potentially unwanted application    
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll    a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application    
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll    a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application    
Y:\MARCH 2014\ccsetup412.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
Y:\TEMPORARY FOLDER 2\coretemp_d7632790.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
Y:\TEMPORRY FOLDER JANUARY 2014\New folder\cbsidlm-cbsi176-Free_Website_Submitter-ORG-75914870.exe    a variant of Win32/CNETInstaller.B potentially unwanted application    
Y:\TEMPORRY FOLDER JANUARY 2014\New folder\cbsidlm-cbsi176-Traffic_Travis-ORG-10865956.exe    a variant of Win32/CNETInstaller.B potentially unwanted application    
Y:\TEMPORRY FOLDER JANUARY 2014\New folder (2)\Hitman Pro 3.7.9 Build 212  (x86_x64) [aXeSwY]\NEW PATCH\hitmanpro.3.7.x-patch.exe    a variant of Win32/HackTool.Patcher.AD potentially unsafe application    
Y:\TEMPORRY FOLDER JANUARY 2014\New folder (2)\HitmanPro 3.7.8 Build 208 Multilingual (x86x64) Cracked-XenoCoder\HitmanPro 3.7.8 + Patch\HitmanPro 3.7.8 + Patch.rar    a variant of Win32/Amonetize.S potentially unwanted application    
Y:\TEMPORRY FOLDER JANUARY 2014\New folder (2)\HitmanPro 3.7.8 Build 208 Multilingual (x86x64) Cracked-XenoCoder\HitmanPro 3.7.8 + Patch\HitmanPro.exe    a variant of Win32/Amonetize.S potentially unwanted application    
C:\AdwCleaner\Quarantine\C\Program Files (x86)\fassurun\hjeglkhenpckoocpnajnnmcehdkcemnm.crx.vir    Win32/BrowseFox.B potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\hdvidextsetup.exe.vir    a variant of Win32/Packed.ScrambleWrapper.K potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze\.install4j\i4j_extf_20_5p83tu.exe.vir    Win32/Somoto.F potentially unwanted application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze\.install4j\i4j_extf_27_5p83tu.dll.vir    a variant of Win32/Bunndle potentially unsafe application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll.vir    a variant of Win32/Bunndle potentially unsafe application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Ask\APN-Stub\FF\APNIC.dll.vir    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\msi\AppData\Local\torch\Helper.dll.vir    Win32/Toolbar.SearchSuite.P potentially unwanted application    deleted - quarantined
C:\Program Files\VS Revo Group\Revo Uninstaller Pro\revo.uninstaller.pro.3.x.(x64)-patch.exe    a variant of Win32/HackTool.Patcher.AD potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\NCH Software\Debut\debut.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\Debut\debutsetup_v1.64.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\Debut\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\MixPad\mixpad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\MixPad\mpsetup_v3.09.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\MixPad\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\PhotoPad\photopad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\PhotoPad\photopadsetup_v2.27.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\Recordpad\recordpad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\Recordpad\recordpadsetup_v4.18.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\VideoPad\uninst.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\NCH Software\VideoPad\vpsetup_v2.41.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\ophcrack\ophcrack.exe    probably a variant of Win32/PSWTool.ophCrack.A potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\ophcrack\ophcrack_nogui.exe    probably a variant of Win32/PSWTool.ophCrack.A potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\ophcrack\pwdump\lsremora.dll    Win32/PSWTool.PWDump6 potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\ophcrack\pwdump\pwdump6_setup.exe    Win32/PSWTool.PWDump6 potentially unsafe application    deleted - quarantined
C:\Users\msi\AppData\Local\CFSoft\CFSoftIEHOOK.dll    a variant of Win32/PSWTool.IEPasswordsRevealer.A potentially unsafe application    deleted - quarantined
C:\Users\msi\AppData\Local\Installer\Install_7134\ytdi_smt_setup.exe    a variant of Win32/SpeedBit.A potentially unwanted application    deleted - quarantined
C:\Users\msi\AppData\Local\Temp\dlm8FCA.tmp\mypcbackuptier2_0529.exe    Win32/MyPCBackup.A potentially unwanted application    deleted - quarantined
C:\Users\msi\AppData\Local\Viber\Helper.dll    a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application    deleted - quarantined
C:\Users\msi\AppData\Roaming\WinLive\MSWinLive.dll    a variant of MSIL/Adware.BHO.B application    cleaned by deleting - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\FFSetup3.0.1.zip    a variant of Win32/Hao123.A potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\ccsetup326.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\ccsetup327.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\dfsetup208.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\disk-defrag-setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\FFSetup296.zip    a variant of Win32/Hao123.A potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\FFSetup3.0.1.zip    a variant of Win32/Hao123.A potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\fsSetup132.exe    Win32/Toolbar.Widgi potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\rcsetup143.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\rcsetup144.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\spsetup114.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\spsetup115.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\spsetup120.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\YTDSetup.exe    a variant of Win32/Toolbar.Widgi.B potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\ccsetup309.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\ccsetup310.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\ccsetup312.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\Hide.IP.Easy.v5.0.8.8.rar    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\winamp5601_full_emusic-7plus_en-us.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\Avast_Professional_6.0.1203_Final\Av_Professional_6.0.1203_Final.rar    a variant of Win32/Packed.Enigma.AAI trojan    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\Avast_Professional_6.0.1203_Final\Avast\avast! Internet Security 6.0.1203 - Final\ashBase.dll    a variant of Win32/Packed.Enigma.AAI trojan    cleaned by deleting - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\New Programs 2011\Wireless Hacking\Panetrate Pro for ANDROID\398987444    Android/Penetho.A potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\NEW-LATEST PROGRAMS\FinalMediaPlayer2011Setup.exe    a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\NEW-LATEST PROGRAMS\rcsetup141.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\NEW-LATEST PROGRAMS\YouTubeDownloaderSetup34.exe    a variant of Win32/Toolbar.Widgi potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2012 DOCS and PROGRAMS\MY PROGRAMS TRANSFERED\VeryPDF_PDF2Image_v2.1_Keygen_AT4RE\VeryPDF_PDF2Image_v2.1_Keygen_AT4RE.rar    a variant of Win32/Keygen.BC potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\Avi2Dvdv064.exe    a variant of Win32/OpenInstall potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\ccsetup405.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\ccsetup406.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\ccsetup407.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\ccsetup409.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\ccsetup410.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\dfsetup213.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\dfsetup214.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\dfsetup215.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\dfsetup216.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\disk-defrag-setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\FreeStudio.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\KeyFinderInstaller.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\MediaCoder64-bitv08225525.exe    a variant of Win32/OpenInstall potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\MediaInfo_DLL_0.7.64_Windows_x64.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\MediaInfo_GUI_0.7.64_Windows.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\MediaInfo_GUI_0.7.67_Windows.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\OrbitDownloader_4.1.1.17.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\PhotoScape_V3.6.5.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\rcsetup148.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\rpsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\spsetup123.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2013 DOCS and PROGRAMS\winamp565_full_emusic-7plus_all.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2014 PROGRAMS\ccsetup411.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2014 PROGRAMS\ccsetup412.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\2014 PROGRAMS\rcsetup151.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\Ahead_Nero_7.11.10..._edition.part1.rar\Ahead_Nero_7.11.10.0_Ultra_edition.part1.rar    a variant of Win32/Keygen.DS potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\Ahead_Nero_7.11.10..._edition.part1.rar\Nero 7 keygen.exe    a variant of Win32/Keygen.DS potentially unsafe application    deleted - quarantined
C:\Users\msi\Desktop\ALL FOLDERS\2012 DOCS and PROGRAMS\DESKTOP-NEW\WWW.EXPRESSHARE.COM_Platinum Hide IP 3.0.7.8.rar    a variant of Win32/Injector.FUM trojan    deleted - quarantined



#10 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 18 April 2014 - 05:46 AM

Another issue: Plugin Container for Firefox or something else increase the CPU usage.

 

1. TASK MANAGER - PROCESSES FROM ALL USERS AFTER THE SHUTDOWN of Plugin Container for Firefox:


1397818198798.jpg



2. TASK MANAGER BEFORE THE SHUTDOWN of Plugin Container for Firefox:

 

 

1397817965205.jpg


Edited by neroman00, 18 April 2014 - 05:55 AM.


#11 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 18 April 2014 - 06:48 AM

HitmanPro RESULTS - AFTER ALL THE ABOVE STEPS

HitmanPro 3.7.9.212
www.hitmanpro.com

   Computer name . . . . : MSI-MSI
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : msi-msi\msi
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Paid (255 days left)

   Scan date . . . . . . : 2014-04-18 14:24:30
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 10m 56s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 8

   Objects scanned . . . : 2,018,258
   Files scanned . . . . : 101,597
   Remnants scanned  . . : 617,342 files / 1,299,319 keys

Malware _____________________________________________________________________

   C:\ProgramData\googleupdate\gtqadjqbe.exe
      Size . . . . . . . : 220,392 bytes
      Age  . . . . . . . : 12.0 days (2014-04-06 13:41:16)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 45AB3A9C98ECEAA560F5E6A918B920C4C3908951491C00DA2CEAC163F37A9D22
      Product  . . . . . : Cisco PEAP Module
      Publisher  . . . . : Cisco PEAP Module
      Description  . . . : Cisco PEAP Module
      Version  . . . . . : 14.1.6.0
      Copyright  . . . . : Copyright (C) 2006-2009
    > Kaspersky  . . . . : Trojan.Win32.Pincav.cryr
      Fuzzy  . . . . . . : 106.0
      Forensic Cluster
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe
          0.0s C:\ProgramData\googleupdate\gtqadjqbe.exe


Suspicious files ____________________________________________________________

   C:\Program Files (x86)\Ralink\Common\RaUI.exe
      Size . . . . . . . : 15,661,872 bytes
      Age  . . . . . . . : 157.8 days (2013-11-11 18:47:29)
      Entropy  . . . . . : 5.4
      SHA-256  . . . . . : F79E3FD7F5582FEB8FE51B37E37DFC4AB58000E90AA049A5C7C6876E057153CF
      Product  . . . . . : RaUI Application
      Publisher  . . . . : Ralink Technology, Corp.
      Description  . . . : Ralink Wireless LAN Card Utility
      Version  . . . . . : 5.0.8.0
      Copyright  . . . . : (c) Copyright 2013, Ralink Technology, Inc.  All rights reserved.
      RSA Key Size . . . : 2048
      Gossip . . . . . . : Ralink Wireless Utility
      Parent Name  . . . : C:\Windows\Explorer.EXE
      Authenticode . . . : Invalid
      Running processes  : 2692
      Fuzzy  . . . . . . : 24.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         Uses the Startup folder in the Start Menu to run each time the user logs on.
         Program is running but currently exposes no human-computer interface (GUI).
         Program starts automatically without user intervention.
         The file is in use by one or more active processes.
         The file appears to be part of an installation package or setup program. This is typical for most programs.
      Startup
         C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
      References
         C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless\Ralink Wireless Utility.lnk


Cookies _____________________________________________________________________

   C:\Users\msi\AppData\Roaming\Microsoft\Windows\Cookies\M5NSBQ6F.txt
   C:\Users\msi\AppData\Roaming\Mozilla\Firefox\Profiles\cu81qoj4.default\cookies.sqlite:doubleclick.net
   C:\Users\msi\AppData\Roaming\Mozilla\Firefox\Profiles\cu81qoj4.default\cookies.sqlite:xiti.com

Edited by neroman00, 18 April 2014 - 06:48 AM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:36 PM

Posted 18 April 2014 - 02:50 PM

I think the issue is It's an injector Trojan

We need to get a deeper look to see how it is operating.. Start a new topic as per the Guide below. Name it Trojan.Win32.Pincav.cryr
Include this link back here
http://www.bleepingcomputer.com/forums/t/531327/cannot-delete-a-trojan-see-screenshot/#entry3345865

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 neroman00

neroman00
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 18 April 2014 - 03:59 PM

Yep, everything is fine till will manage to destroy the Trojan!
 
This is the new topic: http://www.bleepingcomputer.com/forums/t/531552/trojanwin32pincavcryr/
 
Thanks a lot. :thumbup2:

#14 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,733 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:09:36 AM

Posted 18 April 2014 - 04:13 PM

Hello,

Now that you have posted a log which you properly link to, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users