Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP.Optional.YourFileDownloader and PUP.Optional.InstalleRex believed rootkits?!


  • This topic is locked This topic is locked
4 replies to this topic

#1 ITguy2014

ITguy2014

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:53 AM

Posted 12 June 2014 - 06:11 PM

  OK I am a moderate security guy trying to learn more from the REAL Security PROs. I was looking for server 2012 Installing and Configuring study material FOR FREE of course and got in a little to deep. I use Zone alarm firewall Free version and Malwarebytes religiously. As well as MSE as my regular day to day antivirus. Now normally I would not dig as deep as I did this time to get so ROOTKIT infected.

  Recently I ran GMER and found a lot of RED in the registry; Files and other important places so I figured I need to reimage my machine......! I also ran Kaspersky's TDSSKiller and it came back clean?? I will attach the Kaspersky log below... Now I also use CMS Product Ultimate BounceBack version 11.4.0.29, I believe so I can make all this go away with a backup reimage. But I am pursuing my Server 2012 MCSA and eventually want to become Security focused. So I have all the Rootkit tools and have played with them in the past but in my experience it has always been best to completely reinstall the OS version, Whatever the OS may be at the time, and move forward because otherwise you are never going to completely clean the machine. Not to mention, the time saved by doing this speaks for itself. All that being said I would still like to get a better understanding of this from a Security standpoint..... I am running a Windows 7 Professional Elitebook 8650p laptop with 240GB Crucial SSD and 16GB RAM.This time around I am going to use a HIPS such as Winpatrol but want a solid baseline first so will do this after reimaging the machine. My first question is can I run zonealarm alongside or are they going to fight for resources and best to stick with one as opposed to two applications that both do similar things. I assume the HIPS will detect and prevent the attacks in most cases so WinPatrol is probably enough but I want to make sure.

  So I have quarantined all the PUP files with Malwarebytes but according to GMER some are possibly already affecting the system files in Windows folder specifically system 32 amongst others. If I am not totally reading it wrong.

 

TDSSKiller log file:

 

15:42:51.0306 0x0e54  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
15:43:14.0527 0x0e54  ============================================================
15:43:14.0527 0x0e54  Current date / time: 2014/06/12 15:43:14.0527
15:43:14.0527 0x0e54  SystemInfo:
15:43:14.0527 0x0e54  
15:43:14.0527 0x0e54  OS Version: 6.1.7601 ServicePack: 1.0
15:43:14.0527 0x0e54  Product type: Workstation
15:43:14.0527 0x0e54  ComputerName: YINGYANG-PC
15:43:14.0528 0x0e54  UserName: Ying Yang
15:43:14.0528 0x0e54  Windows directory: C:\Windows
15:43:14.0528 0x0e54  System windows directory: C:\Windows
15:43:14.0528 0x0e54  Running under WOW64
15:43:14.0528 0x0e54  Processor architecture: Intel x64
15:43:14.0528 0x0e54  Number of processors: 4
15:43:14.0528 0x0e54  Page size: 0x1000
15:43:14.0528 0x0e54  Boot type: Normal boot
15:43:14.0528 0x0e54  ============================================================
15:43:14.0610 0x0e54  KLMD registered as C:\Windows\system32\drivers\98499222.sys
15:43:14.0731 0x0e54  System UUID: {60BEB63D-90BE-6233-87C7-2EF0E12E6DB5}
15:43:18.0960 0x0e54  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:43:18.0967 0x0e54  Drive \Device\Harddisk1\DR1 - Size: 0x7470C05E00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:43:18.0970 0x0e54  ============================================================
15:43:18.0970 0x0e54  \Device\Harddisk0\DR0:
15:43:18.0970 0x0e54  MBR partitions:
15:43:18.0970 0x0e54  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:43:18.0971 0x0e54  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0000
15:43:18.0971 0x0e54  \Device\Harddisk1\DR1:
15:43:18.0971 0x0e54  MBR partitions:
15:43:18.0971 0x0e54  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
15:43:18.0971 0x0e54  ============================================================
15:43:18.0973 0x0e54  C: <-> \Device\Harddisk0\DR0\Partition2
15:43:19.0381 0x0e54  E: <-> \Device\Harddisk1\DR1\Partition1
15:43:19.0381 0x0e54  ============================================================
15:43:19.0381 0x0e54  Initialize success
15:43:19.0381 0x0e54  ============================================================
15:43:35.0752 0x1740  ============================================================
15:43:35.0752 0x1740  Scan started
15:43:35.0752 0x1740  Mode: Manual;
15:43:35.0752 0x1740  ============================================================
15:43:35.0752 0x1740  KSN ping started
15:43:37.0897 0x1740  KSN ping finished: true
15:43:39.0150 0x1740  ================ Scan system memory ========================
15:43:39.0150 0x1740  System memory - ok
15:43:39.0151 0x1740  ================ Scan services =============================
15:43:39.0199 0x1740  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:43:39.0205 0x1740  1394ohci - ok
15:43:39.0218 0x1740  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
15:43:39.0220 0x1740  Accelerometer - ok
15:43:39.0230 0x1740  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:43:39.0237 0x1740  ACPI - ok
15:43:39.0240 0x1740  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:43:39.0241 0x1740  AcpiPmi - ok
15:43:39.0247 0x1740  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:43:39.0248 0x1740  AdobeARMservice - ok
15:43:39.0273 0x1740  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:43:39.0278 0x1740  AdobeFlashPlayerUpdateSvc - ok
15:43:39.0291 0x1740  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:43:39.0303 0x1740  adp94xx - ok
15:43:39.0313 0x1740  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:43:39.0321 0x1740  adpahci - ok
15:43:39.0328 0x1740  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:43:39.0333 0x1740  adpu320 - ok
15:43:39.0339 0x1740  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:43:39.0341 0x1740  AeLookupSvc - ok
15:43:39.0348 0x1740  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
15:43:39.0350 0x1740  AESTFilters - ok
15:43:39.0363 0x1740  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
15:43:39.0374 0x1740  AFD - ok
15:43:39.0378 0x1740  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:43:39.0380 0x1740  agp440 - ok
15:43:39.0385 0x1740  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:43:39.0388 0x1740  ALG - ok
15:43:39.0392 0x1740  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:43:39.0393 0x1740  aliide - ok
15:43:39.0401 0x1740  [ CFB48BC8B4A5A43075F8363D8B8E34C0, ECED24FF09EAE0B186F19F60217A9A5D710D5E3784620672470772331CA475E5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:43:39.0404 0x1740  AMD External Events Utility - ok
15:43:39.0408 0x1740  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:43:39.0409 0x1740  amdide - ok
15:43:39.0413 0x1740  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:43:39.0415 0x1740  AmdK8 - ok
15:43:39.0609 0x1740  [ E4ADB0BFC3F2F878FA1BAA3187A48F42, 22134766075BBAA764E5DEC09EC73038223289C29B9B35576D6C30BD66E5EF05 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:43:39.0884 0x1740  amdkmdag - ok
15:43:39.0902 0x1740  [ 6B68035CEA83015C055E6621669C1CAA, 2DDFEC64AB531F872A7260FD6F82C4D3141369BC6196BD0CE8DD5798BA3A05E5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:43:39.0909 0x1740  amdkmdap - ok
15:43:39.0913 0x1740  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:43:39.0915 0x1740  AmdPPM - ok
15:43:39.0920 0x1740  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:43:39.0923 0x1740  amdsata - ok
15:43:39.0930 0x1740  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:43:39.0935 0x1740  amdsbs - ok
15:43:39.0939 0x1740  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:43:39.0940 0x1740  amdxata - ok
15:43:39.0945 0x1740  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:43:39.0947 0x1740  AppID - ok
15:43:39.0951 0x1740  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:43:39.0952 0x1740  AppIDSvc - ok
15:43:39.0957 0x1740  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:43:39.0959 0x1740  Appinfo - ok
15:43:39.0965 0x1740  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:43:39.0966 0x1740  Apple Mobile Device - ok
15:43:39.0977 0x1740  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:43:39.0982 0x1740  AppMgmt - ok
15:43:39.0987 0x1740  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:43:39.0990 0x1740  arc - ok
15:43:39.0994 0x1740  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:43:39.0997 0x1740  arcsas - ok
15:43:40.0013 0x1740  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:43:40.0015 0x1740  aspnet_state - ok
15:43:40.0019 0x1740  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:43:40.0020 0x1740  AsyncMac - ok
15:43:40.0024 0x1740  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:43:40.0025 0x1740  atapi - ok
15:43:40.0032 0x1740  [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:43:40.0035 0x1740  AtiHDAudioService - ok
15:43:40.0053 0x1740  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:43:40.0068 0x1740  AudioEndpointBuilder - ok
15:43:40.0086 0x1740  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:43:40.0098 0x1740  AudioSrv - ok
15:43:40.0106 0x1740  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:43:40.0109 0x1740  AxInstSV - ok
15:43:40.0122 0x1740  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:43:40.0133 0x1740  b06bdrv - ok
15:43:40.0142 0x1740  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:43:40.0148 0x1740  b57nd60a - ok
15:43:40.0158 0x1740  [ E183E096AB69C601006AAEB125EE5315, 866FD32C16BB61D47F0EA593349C684B5DD98A594919CFCF32C15029FCD4D60D ] BBWatcherService C:\Program Files (x86)\CMS Products\BounceBack Ultimate\BBWatcherService.exe
15:43:40.0160 0x1740  BBWatcherService - ok
15:43:40.0163 0x1740  [ CCABEAC61E8D8ADD9DA16E319ED6BF07, AD6D3ADC19108E2B95968174334367E12F2805E5517BC59896934690DE8FB948 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
15:43:40.0164 0x1740  BCM42RLY - ok
15:43:40.0233 0x1740  [ 0E7A9264576B40638A3FBC804DE1FF76, D307179E6FA5D39E03175F37D297E4D0DA86CF0FC6EFA6CFCFAA0E8713489BC5 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
15:43:40.0300 0x1740  BCM43XX - ok
15:43:40.0311 0x1740  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:43:40.0315 0x1740  BDESVC - ok
15:43:40.0319 0x1740  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:43:40.0320 0x1740  Beep - ok
15:43:40.0340 0x1740  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:43:40.0356 0x1740  BFE - ok
15:43:40.0378 0x1740  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:43:40.0397 0x1740  BITS - ok
15:43:40.0402 0x1740  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:43:40.0404 0x1740  blbdrive - ok
15:43:40.0417 0x1740  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:43:40.0425 0x1740  Bonjour Service - ok
15:43:40.0430 0x1740  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:43:40.0433 0x1740  bowser - ok
15:43:40.0438 0x1740  [ 5896C1DBD423673B2A6FA9783EABE712, BBA958C4BC04E94B0CBE9E9E9DDB589BDDA6A52BA68B59F8512EDDD04868A05F ] BoxSyncUpdateService C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
15:43:40.0451 0x1740  BoxSyncUpdateService - ok
15:43:40.0454 0x1740  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:43:40.0456 0x1740  BrFiltLo - ok
15:43:40.0458 0x1740  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:43:40.0460 0x1740  BrFiltUp - ok
15:43:40.0465 0x1740  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:43:40.0469 0x1740  Browser - ok
15:43:40.0478 0x1740  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:43:40.0485 0x1740  Brserid - ok
15:43:40.0489 0x1740  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:43:40.0491 0x1740  BrSerWdm - ok
15:43:40.0495 0x1740  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:43:40.0496 0x1740  BrUsbMdm - ok
15:43:40.0499 0x1740  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:43:40.0500 0x1740  BrUsbSer - ok
15:43:40.0505 0x1740  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:43:40.0507 0x1740  BthEnum - ok
15:43:40.0511 0x1740  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:43:40.0514 0x1740  BTHMODEM - ok
15:43:40.0519 0x1740  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:43:40.0522 0x1740  BthPan - ok
15:43:40.0537 0x1740  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:43:40.0549 0x1740  BTHPORT - ok
15:43:40.0555 0x1740  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:43:40.0557 0x1740  bthserv - ok
15:43:40.0562 0x1740  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:43:40.0564 0x1740  BTHUSB - ok
15:43:40.0574 0x1740  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
15:43:40.0583 0x1740  btwampfl - ok
15:43:40.0588 0x1740  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
15:43:40.0591 0x1740  btwaudio - ok
15:43:40.0597 0x1740  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
15:43:40.0601 0x1740  btwavdt - ok
15:43:40.0626 0x1740  [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:43:40.0643 0x1740  btwdins - ok
15:43:40.0647 0x1740  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
15:43:40.0649 0x1740  btwl2cap - ok
15:43:40.0653 0x1740  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
15:43:40.0654 0x1740  btwrchid - ok
15:43:40.0666 0x1740  [ B6EA7E4E23C43DB6E722E9D0B18FE3C3, C7AD98FB71E7A4017EE88D20DA835883E7CE6C48D914578D939DA0C6632F7CD9 ] cbfs4           C:\Windows\system32\drivers\cbfs4.sys
15:43:40.0675 0x1740  cbfs4 - ok
15:43:40.0680 0x1740  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:43:40.0683 0x1740  cdfs - ok
15:43:40.0689 0x1740  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:43:40.0692 0x1740  cdrom - ok
15:43:40.0698 0x1740  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:43:40.0700 0x1740  CertPropSvc - ok
15:43:40.0704 0x1740  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:43:40.0706 0x1740  circlass - ok
15:43:40.0717 0x1740  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:43:40.0725 0x1740  CLFS - ok
15:43:40.0733 0x1740  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:43:40.0736 0x1740  clr_optimization_v2.0.50727_32 - ok
15:43:40.0745 0x1740  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:43:40.0748 0x1740  clr_optimization_v2.0.50727_64 - ok
15:43:40.0759 0x1740  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:43:40.0762 0x1740  clr_optimization_v4.0.30319_32 - ok
15:43:40.0767 0x1740  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:43:40.0769 0x1740  clr_optimization_v4.0.30319_64 - ok
15:43:40.0773 0x1740  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:43:40.0774 0x1740  CmBatt - ok
15:43:40.0777 0x1740  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:43:40.0778 0x1740  cmdide - ok
15:43:40.0791 0x1740  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:43:40.0800 0x1740  CNG - ok
15:43:40.0804 0x1740  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:43:40.0806 0x1740  Compbatt - ok
15:43:40.0810 0x1740  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:43:40.0812 0x1740  CompositeBus - ok
15:43:40.0814 0x1740  COMSysApp - ok
15:43:40.0819 0x1740  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:43:40.0820 0x1740  crcdisk - ok
15:43:40.0829 0x1740  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:43:40.0834 0x1740  CryptSvc - ok
15:43:40.0848 0x1740  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:43:40.0860 0x1740  CSC - ok
15:43:40.0878 0x1740  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:43:40.0893 0x1740  CscService - ok
15:43:40.0909 0x1740  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:43:40.0921 0x1740  DcomLaunch - ok
15:43:40.0930 0x1740  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:43:40.0938 0x1740  defragsvc - ok
15:43:40.0943 0x1740  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:43:40.0945 0x1740  DfsC - ok
15:43:40.0955 0x1740  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:43:40.0963 0x1740  Dhcp - ok
15:43:40.0967 0x1740  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:43:40.0968 0x1740  discache - ok
15:43:40.0972 0x1740  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:43:40.0975 0x1740  Disk - ok
15:43:40.0982 0x1740  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:43:40.0987 0x1740  Dnscache - ok
15:43:40.0995 0x1740  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:43:41.0001 0x1740  dot3svc - ok
15:43:41.0008 0x1740  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:43:41.0013 0x1740  DPS - ok
15:43:41.0016 0x1740  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:43:41.0017 0x1740  drmkaud - ok
15:43:41.0027 0x1740  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:43:41.0034 0x1740  dtsoftbus01 - ok
15:43:41.0061 0x1740  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:43:41.0082 0x1740  DXGKrnl - ok
15:43:41.0096 0x1740  [ BA01A130D2B850CA87483CE6AC1A2BBA, DFF760DB1A6F60A856D64F01C67B8FC075ABED9DD80FFA50AA681296FF56FCE0 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
15:43:41.0107 0x1740  e1cexpress - ok
15:43:41.0113 0x1740  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:43:41.0116 0x1740  EapHost - ok
15:43:41.0190 0x1740  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:43:41.0261 0x1740  ebdrv - ok
15:43:41.0269 0x1740  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
15:43:41.0270 0x1740  EFS - ok
15:43:41.0289 0x1740  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:43:41.0305 0x1740  ehRecvr - ok
15:43:41.0314 0x1740  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:43:41.0318 0x1740  ehSched - ok
15:43:41.0337 0x1740  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:43:41.0352 0x1740  elxstor - ok
15:43:41.0356 0x1740  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:43:41.0357 0x1740  ErrDev - ok
15:43:41.0375 0x1740  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:43:41.0386 0x1740  EventSystem - ok
15:43:41.0395 0x1740  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:43:41.0400 0x1740  exfat - ok
15:43:41.0514 0x1740  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:43:41.0529 0x1740  fastfat - ok
15:43:41.0565 0x1740  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:43:41.0585 0x1740  Fax - ok
15:43:41.0589 0x1740  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:43:41.0591 0x1740  fdc - ok
15:43:41.0594 0x1740  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:43:41.0595 0x1740  fdPHost - ok
15:43:41.0599 0x1740  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:43:41.0600 0x1740  FDResPub - ok
15:43:41.0605 0x1740  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:43:41.0607 0x1740  FileInfo - ok
15:43:41.0610 0x1740  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:43:41.0612 0x1740  Filetrace - ok
15:43:41.0615 0x1740  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:43:41.0617 0x1740  flpydisk - ok
15:43:41.0625 0x1740  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:43:41.0632 0x1740  FltMgr - ok
15:43:41.0660 0x1740  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:43:41.0685 0x1740  FontCache - ok
15:43:41.0690 0x1740  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:43:41.0691 0x1740  FontCache3.0.0.0 - ok
15:43:41.0695 0x1740  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:43:41.0697 0x1740  FsDepends - ok
15:43:41.0700 0x1740  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:43:41.0702 0x1740  Fs_Rec - ok
15:43:41.0710 0x1740  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:43:41.0714 0x1740  fvevol - ok
15:43:41.0719 0x1740  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:43:41.0732 0x1740  gagp30kx - ok
15:43:41.0735 0x1740  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:43:41.0737 0x1740  GEARAspiWDM - ok
15:43:41.0757 0x1740  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:43:41.0774 0x1740  gpsvc - ok
15:43:41.0782 0x1740  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:43:41.0784 0x1740  gupdate - ok
15:43:41.0789 0x1740  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:43:41.0791 0x1740  gupdatem - ok
15:43:41.0795 0x1740  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:43:41.0797 0x1740  hcw85cir - ok
15:43:41.0807 0x1740  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:43:41.0815 0x1740  HdAudAddService - ok
15:43:41.0821 0x1740  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:43:41.0824 0x1740  HDAudBus - ok
15:43:41.0827 0x1740  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:43:41.0829 0x1740  HidBatt - ok
15:43:41.0833 0x1740  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:43:41.0837 0x1740  HidBth - ok
15:43:41.0840 0x1740  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:43:41.0843 0x1740  HidIr - ok
15:43:41.0846 0x1740  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:43:41.0848 0x1740  hidserv - ok
15:43:41.0852 0x1740  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:43:41.0853 0x1740  HidUsb - ok
15:43:41.0858 0x1740  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:43:41.0861 0x1740  hkmsvc - ok
15:43:41.0869 0x1740  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:43:41.0875 0x1740  HomeGroupListener - ok
15:43:41.0882 0x1740  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:43:41.0887 0x1740  HomeGroupProvider - ok
15:43:41.0892 0x1740  [ 7265EA277DE1F4CD7F270AF3DA01F203, 87E055AA4E1E8B66DE7B3A6F65F4A12572D8A4BAD4CFB3D30AE7146231C50316 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:43:41.0894 0x1740  HPDrvMntSvc.exe - ok
15:43:41.0898 0x1740  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
15:43:41.0900 0x1740  hpdskflt - ok
15:43:41.0909 0x1740  [ 0ADC6AFAB2B17FFC9C6E24DD1583F888, 328D8353F06C7D24CFBF1264640C58315ECC7575B0FADB6DB1528D0C1085C383 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
15:43:41.0914 0x1740  hpHotkeyMonitor - ok
15:43:41.0918 0x1740  [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:43:41.0919 0x1740  HpqKbFiltr - ok
15:43:41.0939 0x1740  [ DB3072C61D56F5CEA4AEBE3042CD76A1, 8C03BF6B5AC3830DBB71C7E53B8177B57E14F2D5054168722D7138170935EFB6 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:43:41.0953 0x1740  hpqwmiex - ok
15:43:41.0958 0x1740  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:43:41.0961 0x1740  HpSAMD - ok
15:43:41.0964 0x1740  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
15:43:41.0966 0x1740  hpsrv - ok
15:43:41.0984 0x1740  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:43:42.0000 0x1740  HTTP - ok
15:43:42.0004 0x1740  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:43:42.0005 0x1740  hwpolicy - ok
15:43:42.0011 0x1740  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:43:42.0014 0x1740  i8042prt - ok
15:43:42.0027 0x1740  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:43:42.0034 0x1740  iaStor - ok
15:43:42.0038 0x1740  [ 117FF657E0D9BBD61B5C3E71E63D3919, F8AD1C861F018754A9BF348C9F1D6503854ED9D7DEEBF40E6B4E2FEA9FC6E56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:43:42.0039 0x1740  IAStorDataMgrSvc - ok
15:43:42.0051 0x1740  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:43:42.0060 0x1740  iaStorV - ok
15:43:42.0082 0x1740  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:43:42.0101 0x1740  idsvc - ok
15:43:42.0105 0x1740  IEEtwCollectorService - ok
15:43:42.0109 0x1740  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:43:42.0111 0x1740  iirsp - ok
15:43:42.0132 0x1740  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:43:42.0151 0x1740  IKEEXT - ok
15:43:42.0156 0x1740  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:43:42.0158 0x1740  intelide - ok
15:43:42.0162 0x1740  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:43:42.0163 0x1740  intelppm - ok
15:43:42.0168 0x1740  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:43:42.0171 0x1740  IPBusEnum - ok
15:43:42.0176 0x1740  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:43:42.0179 0x1740  IpFilterDriver - ok
15:43:42.0194 0x1740  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:43:42.0206 0x1740  iphlpsvc - ok
15:43:42.0211 0x1740  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:43:42.0214 0x1740  IPMIDRV - ok
15:43:42.0219 0x1740  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:43:42.0222 0x1740  IPNAT - ok
15:43:42.0239 0x1740  [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:43:42.0251 0x1740  iPod Service - ok
15:43:42.0255 0x1740  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:43:42.0256 0x1740  IRENUM - ok
15:43:42.0260 0x1740  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:43:42.0261 0x1740  isapnp - ok
15:43:42.0270 0x1740  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:43:42.0277 0x1740  iScsiPrt - ok
15:43:42.0283 0x1740  [ DF4265062DB60A2A72E8E04C358BD3D1, B97E719F4E68D508BB715BDEAB0C347CD107E21BA1D322FB10EC00CED878C17D ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
15:43:42.0288 0x1740  JMCR - ok
15:43:42.0291 0x1740  [ 885B4A3134E8F35A272DA63496F6E789, 97941212D0561F9EED5956C4FFE7CBFDAFFD04BF4E5942E20DA0A39D9ADCEFD8 ] johci           C:\Windows\system32\DRIVERS\johci.sys
15:43:42.0293 0x1740  johci - ok
15:43:42.0296 0x1740  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:43:42.0298 0x1740  kbdclass - ok
15:43:42.0301 0x1740  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:43:42.0303 0x1740  kbdhid - ok
15:43:42.0306 0x1740  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
15:43:42.0308 0x1740  KeyIso - ok
15:43:42.0313 0x1740  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:43:42.0316 0x1740  KSecDD - ok
15:43:42.0323 0x1740  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:43:42.0327 0x1740  KSecPkg - ok
15:43:42.0330 0x1740  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:43:42.0332 0x1740  ksthunk - ok
15:43:42.0342 0x1740  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:43:42.0352 0x1740  KtmRm - ok
15:43:42.0361 0x1740  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:43:42.0367 0x1740  LanmanServer - ok
15:43:42.0373 0x1740  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:43:42.0377 0x1740  LanmanWorkstation - ok
15:43:42.0388 0x1740  [ D186AAAE72691136BDE00BBB41F48D12, C64885A726C0642C92BC4993667696DFEC8D284C20872D58E49786EE280A01ED ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:43:42.0396 0x1740  LBTServ - ok
15:43:42.0403 0x1740  [ 015BABFCD2E911C505204257DAB5ADC5, 94239919E967ABA12394D445E2D126447B5B7FB042DB95B1CCB280AF02D93833 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
15:43:42.0405 0x1740  LEqdUsb - ok
15:43:42.0408 0x1740  [ 20A23B8863AAA8A23EEB9E2919F529FD, 5DD7C780346DA6A36AB55B38109167B3BE138713C5A7C913BFED2B61F34E8BA1 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
15:43:42.0409 0x1740  LHidEqd - ok
15:43:42.0415 0x1740  [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:43:42.0417 0x1740  LHidFilt - ok
15:43:42.0424 0x1740  [ FCBDCC6F1801E32244235608E1277752, 8CC8E22E412645F4A534C51FB550AB22410AE90FA266D75498827EB922E8191E ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:43:42.0426 0x1740  LightScribeService - ok
15:43:42.0430 0x1740  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:43:42.0432 0x1740  lltdio - ok
15:43:42.0442 0x1740  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:43:42.0449 0x1740  lltdsvc - ok
15:43:42.0452 0x1740  lmab_device - ok
15:43:42.0455 0x1740  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:43:42.0457 0x1740  lmhosts - ok
15:43:42.0461 0x1740  [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:43:42.0463 0x1740  LMouFilt - ok
15:43:42.0474 0x1740  [ DE75F2EA497DA4B3A764D4EAC43135E9, D3F610AB375E8789DF8203BDE2E4D437BD5F0F91A22BA39DC518912A6A9AB7FD ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:43:42.0479 0x1740  LMS - ok
15:43:42.0486 0x1740  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:43:42.0490 0x1740  LSI_FC - ok
15:43:42.0495 0x1740  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:43:42.0498 0x1740  LSI_SAS - ok
15:43:42.0502 0x1740  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:43:42.0504 0x1740  LSI_SAS2 - ok
15:43:42.0510 0x1740  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:43:42.0513 0x1740  LSI_SCSI - ok
15:43:42.0518 0x1740  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:43:42.0521 0x1740  luafv - ok
15:43:42.0527 0x1740  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:43:42.0530 0x1740  MBAMSwissArmy - ok
15:43:42.0535 0x1740  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:43:42.0538 0x1740  Mcx2Svc - ok
15:43:42.0542 0x1740  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:43:42.0544 0x1740  megasas - ok
15:43:42.0553 0x1740  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:43:42.0560 0x1740  MegaSR - ok
15:43:42.0564 0x1740  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:43:42.0566 0x1740  MEIx64 - ok
15:43:42.0570 0x1740  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:43:42.0573 0x1740  MMCSS - ok
15:43:42.0576 0x1740  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:43:42.0578 0x1740  Modem - ok
15:43:42.0581 0x1740  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:43:42.0582 0x1740  monitor - ok
15:43:42.0587 0x1740  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:43:42.0588 0x1740  mouclass - ok
15:43:42.0592 0x1740  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:43:42.0593 0x1740  mouhid - ok
15:43:42.0598 0x1740  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:43:42.0601 0x1740  mountmgr - ok
15:43:42.0606 0x1740  [ E1B6FCAE82474FC071155263E2841D54, 341E2CEB1A86586730130311C4FAF86851151D5F08EF915A5F89B6C4094AE1F4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:43:42.0610 0x1740  MozillaMaintenance - ok
15:43:42.0619 0x1740  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:43:42.0625 0x1740  MpFilter - ok
15:43:42.0632 0x1740  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:43:42.0636 0x1740  mpio - ok
15:43:42.0641 0x1740  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:43:42.0643 0x1740  mpsdrv - ok
15:43:42.0664 0x1740  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:43:42.0682 0x1740  MpsSvc - ok
15:43:42.0689 0x1740  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:43:42.0693 0x1740  MRxDAV - ok
15:43:42.0699 0x1740  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:43:42.0703 0x1740  mrxsmb - ok
15:43:42.0712 0x1740  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:43:42.0719 0x1740  mrxsmb10 - ok
15:43:42.0725 0x1740  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:43:42.0728 0x1740  mrxsmb20 - ok
15:43:42.0732 0x1740  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:43:42.0733 0x1740  msahci - ok
15:43:42.0739 0x1740  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:43:42.0742 0x1740  msdsm - ok
15:43:42.0748 0x1740  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:43:42.0753 0x1740  MSDTC - ok
15:43:42.0759 0x1740  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:43:42.0760 0x1740  Msfs - ok
15:43:42.0763 0x1740  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:43:42.0765 0x1740  mshidkmdf - ok
15:43:42.0768 0x1740  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:43:42.0769 0x1740  msisadrv - ok
15:43:42.0776 0x1740  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:43:42.0780 0x1740  MSiSCSI - ok
15:43:42.0783 0x1740  msiserver - ok
15:43:42.0786 0x1740  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:43:42.0788 0x1740  MSKSSRV - ok
15:43:42.0792 0x1740  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:43:42.0792 0x1740  MsMpSvc - ok
15:43:42.0795 0x1740  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:43:42.0796 0x1740  MSPCLOCK - ok
15:43:42.0799 0x1740  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:43:42.0800 0x1740  MSPQM - ok
15:43:42.0812 0x1740  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:43:42.0821 0x1740  MsRPC - ok
15:43:42.0826 0x1740  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:43:42.0827 0x1740  mssmbios - ok
15:43:42.0829 0x1740  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:43:42.0831 0x1740  MSTEE - ok
15:43:42.0833 0x1740  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:43:42.0835 0x1740  MTConfig - ok
15:43:42.0839 0x1740  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:43:42.0841 0x1740  Mup - ok
15:43:42.0854 0x1740  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:43:42.0866 0x1740  napagent - ok
15:43:42.0876 0x1740  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:43:42.0883 0x1740  NativeWifiP - ok
15:43:42.0906 0x1740  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:43:42.0927 0x1740  NDIS - ok
15:43:42.0932 0x1740  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:43:42.0933 0x1740  NdisCap - ok
15:43:42.0937 0x1740  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:43:42.0938 0x1740  NdisTapi - ok
15:43:42.0942 0x1740  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:43:42.0944 0x1740  Ndisuio - ok
15:43:42.0951 0x1740  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:43:42.0955 0x1740  NdisWan - ok
15:43:42.0959 0x1740  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:43:42.0961 0x1740  NDProxy - ok
15:43:42.0965 0x1740  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:43:42.0966 0x1740  NetBIOS - ok
15:43:42.0975 0x1740  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:43:42.0981 0x1740  NetBT - ok
15:43:42.0990 0x1740  [ 56F5EDF40EF5D82129CF84E3915B9363, CF67C4A6C89542FBC2798D7116001FF6B757AFCB431FE03474B3934367C85C58 ] NETGEARGenieDaemon C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
15:43:42.0995 0x1740  NETGEARGenieDaemon - ok
15:43:42.0998 0x1740  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
15:43:42.0999 0x1740  Netlogon - ok
15:43:43.0011 0x1740  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:43:43.0020 0x1740  Netman - ok
15:43:43.0025 0x1740  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:43.0029 0x1740  NetMsmqActivator - ok
15:43:43.0035 0x1740  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:43.0038 0x1740  NetPipeActivator - ok
15:43:43.0050 0x1740  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:43:43.0061 0x1740  netprofm - ok
15:43:43.0067 0x1740  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:43.0070 0x1740  NetTcpActivator - ok
15:43:43.0075 0x1740  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:43.0077 0x1740  NetTcpPortSharing - ok
15:43:43.0082 0x1740  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:43:43.0084 0x1740  nfrd960 - ok
15:43:43.0090 0x1740  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:43:43.0093 0x1740  NisDrv - ok
15:43:43.0103 0x1740  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:43:43.0109 0x1740  NisSrv - ok
15:43:43.0119 0x1740  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:43:43.0127 0x1740  NlaSvc - ok
15:43:43.0131 0x1740  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\Windows\system32\drivers\npf.sys
15:43:43.0133 0x1740  NPF - ok
15:43:43.0137 0x1740  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:43:43.0138 0x1740  Npfs - ok
15:43:43.0142 0x1740  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:43:43.0144 0x1740  nsi - ok
15:43:43.0147 0x1740  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:43:43.0148 0x1740  nsiproxy - ok
15:43:43.0189 0x1740  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:43:43.0225 0x1740  Ntfs - ok
15:43:43.0229 0x1740  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:43:43.0230 0x1740  Null - ok
15:43:43.0234 0x1740  [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
15:43:43.0237 0x1740  nusb3hub - ok
15:43:43.0243 0x1740  [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:43:43.0248 0x1740  nusb3xhc - ok
15:43:43.0254 0x1740  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:43:43.0258 0x1740  nvraid - ok
15:43:43.0265 0x1740  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:43:43.0269 0x1740  nvstor - ok
15:43:43.0275 0x1740  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:43:43.0278 0x1740  nv_agp - ok
15:43:43.0282 0x1740  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:43:43.0285 0x1740  ohci1394 - ok
15:43:43.0292 0x1740  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:43:43.0297 0x1740  ose64 - ok
15:43:43.0406 0x1740  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:43:43.0508 0x1740  osppsvc - ok
15:43:43.0525 0x1740  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:43:43.0533 0x1740  p2pimsvc - ok
15:43:43.0546 0x1740  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:43:43.0556 0x1740  p2psvc - ok
15:43:43.0561 0x1740  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:43:43.0564 0x1740  Parport - ok
15:43:43.0569 0x1740  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:43:43.0571 0x1740  partmgr - ok
15:43:43.0578 0x1740  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:43:43.0583 0x1740  PcaSvc - ok
15:43:43.0590 0x1740  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:43:43.0594 0x1740  pci - ok
15:43:43.0598 0x1740  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:43:43.0599 0x1740  pciide - ok
15:43:43.0607 0x1740  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:43:43.0612 0x1740  pcmcia - ok
15:43:43.0616 0x1740  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:43:43.0618 0x1740  pcw - ok
15:43:43.0635 0x1740  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:43:43.0649 0x1740  PEAUTH - ok
15:43:43.0681 0x1740  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:43:43.0710 0x1740  PeerDistSvc - ok
15:43:43.0738 0x1740  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:43:43.0740 0x1740  PerfHost - ok
15:43:43.0777 0x1740  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:43:43.0807 0x1740  pla - ok
15:43:43.0935 0x1740  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:43:43.0958 0x1740  PlugPlay - ok
15:43:43.0965 0x1740  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:43:43.0968 0x1740  PNRPAutoReg - ok
15:43:43.0982 0x1740  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:43:43.0989 0x1740  PNRPsvc - ok
15:43:44.0003 0x1740  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:43:44.0014 0x1740  PolicyAgent - ok
15:43:44.0022 0x1740  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:43:44.0027 0x1740  Power - ok
15:43:44.0033 0x1740  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:43:44.0036 0x1740  PptpMiniport - ok
15:43:44.0040 0x1740  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:43:44.0042 0x1740  Processor - ok
15:43:44.0049 0x1740  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:43:44.0055 0x1740  ProfSvc - ok
15:43:44.0059 0x1740  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:43:44.0060 0x1740  ProtectedStorage - ok
15:43:44.0066 0x1740  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:43:44.0069 0x1740  Psched - ok
15:43:44.0104 0x1740  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:43:44.0136 0x1740  ql2300 - ok
15:43:44.0240 0x1740  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:43:44.0250 0x1740  ql40xx - ok
15:43:44.0276 0x1740  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:43:44.0288 0x1740  QWAVE - ok
15:43:44.0294 0x1740  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:43:44.0297 0x1740  QWAVEdrv - ok
15:43:44.0302 0x1740  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:43:44.0304 0x1740  RasAcd - ok
15:43:44.0310 0x1740  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:43:44.0312 0x1740  RasAgileVpn - ok
15:43:44.0317 0x1740  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:43:44.0321 0x1740  RasAuto - ok
15:43:44.0327 0x1740  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:43:44.0330 0x1740  Rasl2tp - ok
15:43:44.0340 0x1740  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:43:44.0349 0x1740  RasMan - ok
15:43:44.0354 0x1740  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:43:44.0357 0x1740  RasPppoe - ok
15:43:44.0362 0x1740  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:43:44.0364 0x1740  RasSstp - ok
15:43:44.0374 0x1740  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:43:44.0381 0x1740  rdbss - ok
15:43:44.0384 0x1740  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:43:44.0386 0x1740  rdpbus - ok
15:43:44.0388 0x1740  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:43:44.0389 0x1740  RDPCDD - ok
15:43:44.0398 0x1740  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:43:44.0402 0x1740  RDPDR - ok
15:43:44.0406 0x1740  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:43:44.0406 0x1740  RDPENCDD - ok
15:43:44.0411 0x1740  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:43:44.0412 0x1740  RDPREFMP - ok
15:43:44.0417 0x1740  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:43:44.0428 0x1740  RdpVideoMiniport - ok
15:43:44.0435 0x1740  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:43:44.0440 0x1740  RDPWD - ok
15:43:44.0449 0x1740  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:43:44.0454 0x1740  rdyboost - ok
15:43:44.0459 0x1740  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:43:44.0462 0x1740  RemoteAccess - ok
15:43:44.0469 0x1740  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:43:44.0474 0x1740  RemoteRegistry - ok
15:43:44.0480 0x1740  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:43:44.0484 0x1740  RFCOMM - ok
15:43:44.0489 0x1740  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:43:44.0492 0x1740  RpcEptMapper - ok
15:43:44.0495 0x1740  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:43:44.0496 0x1740  RpcLocator - ok
15:43:44.0511 0x1740  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:43:44.0521 0x1740  RpcSs - ok
15:43:44.0526 0x1740  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:43:44.0528 0x1740  rspndr - ok
15:43:44.0531 0x1740  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:43:44.0532 0x1740  s3cap - ok
15:43:44.0536 0x1740  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
15:43:44.0537 0x1740  SamSs - ok
15:43:44.0542 0x1740  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:43:44.0545 0x1740  sbp2port - ok
15:43:44.0552 0x1740  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:43:44.0558 0x1740  SCardSvr - ok
15:43:44.0561 0x1740  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:43:44.0563 0x1740  scfilter - ok
15:43:44.0590 0x1740  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:43:44.0614 0x1740  Schedule - ok
15:43:44.0620 0x1740  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:43:44.0622 0x1740  SCPolicySvc - ok
15:43:44.0627 0x1740  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
15:43:44.0630 0x1740  sdbus - ok
15:43:44.0637 0x1740  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:43:44.0643 0x1740  SDRSVC - ok
15:43:44.0651 0x1740  [ 787EDDC7B5CD3F8E5E391D9A18FFF63D, 48C5E67DB0EC24D430FF72C90E6A492B1396049480BC5BD81C2F1062FE8511A6 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
15:43:44.0652 0x1740  Seagate Dashboard Services - ok
15:43:44.0659 0x1740  [ 2B5053413162A5C8404B2F0A812A8B73, E98FA94B2AD7AC9B9067BE217E7D76BD32CFBBE872E2EBB3BF35C183F8A9D778 ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
15:43:44.0662 0x1740  Seagate MobileBackup Service - ok
15:43:44.0666 0x1740  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:43:44.0667 0x1740  secdrv - ok
15:43:44.0671 0x1740  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:43:44.0673 0x1740  seclogon - ok
15:43:44.0678 0x1740  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:43:44.0680 0x1740  SENS - ok
15:43:44.0684 0x1740  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:43:44.0686 0x1740  SensrSvc - ok
15:43:44.0690 0x1740  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:43:44.0691 0x1740  Serenum - ok
15:43:44.0696 0x1740  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:43:44.0699 0x1740  Serial - ok
15:43:44.0805 0x1740  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:43:44.0809 0x1740  sermouse - ok
15:43:44.0832 0x1740  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:43:44.0841 0x1740  SessionEnv - ok
15:43:44.0847 0x1740  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:43:44.0850 0x1740  sffdisk - ok
15:43:44.0853 0x1740  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:43:44.0855 0x1740  sffp_mmc - ok
15:43:44.0858 0x1740  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:43:44.0860 0x1740  sffp_sd - ok
15:43:44.0863 0x1740  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:43:44.0865 0x1740  sfloppy - ok
15:43:44.0876 0x1740  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:43:44.0884 0x1740  SharedAccess - ok
15:43:44.0896 0x1740  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:43:44.0905 0x1740  ShellHWDetection - ok
15:43:44.0909 0x1740  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:43:44.0911 0x1740  SiSRaid2 - ok
15:43:44.0915 0x1740  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:43:44.0918 0x1740  SiSRaid4 - ok
15:43:44.0923 0x1740  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:43:44.0926 0x1740  Smb - ok
15:43:44.0932 0x1740  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:43:44.0934 0x1740  SNMPTRAP - ok
15:43:44.0978 0x1740  [ 80B683DF156771E30D33E01AF09ABE3C, 950496EAF8BF1AEDDF1B0555E9BA605DF7F9E9E3EA2D7BDEF7A0083B859F0D93 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
15:43:45.0017 0x1740  SNP2UVC - ok
15:43:45.0023 0x1740  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:43:45.0024 0x1740  spldr - ok
15:43:45.0040 0x1740  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:43:45.0051 0x1740  Spooler - ok
15:43:45.0129 0x1740  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:43:45.0202 0x1740  sppsvc - ok
15:43:45.0210 0x1740  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:43:45.0213 0x1740  sppuinotify - ok
15:43:45.0227 0x1740  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:43:45.0235 0x1740  srv - ok
15:43:45.0247 0x1740  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:43:45.0256 0x1740  srv2 - ok
15:43:45.0263 0x1740  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:43:45.0267 0x1740  srvnet - ok
15:43:45.0275 0x1740  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:43:45.0281 0x1740  SSDPSRV - ok
15:43:45.0285 0x1740  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:43:45.0288 0x1740  SstpSvc - ok
15:43:45.0299 0x1740  [ 0CDEA5ACBB69C45F642E96D81E906CCD, F7F4E9D5CBE0161611A8F66D9950D4CC8F408B6A42B80454962F3C059D60400E ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
15:43:45.0304 0x1740  STacSV - ok
15:43:45.0308 0x1740  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:43:45.0310 0x1740  stexstor - ok
15:43:45.0324 0x1740  [ 5C8D6072D1D09F11789C6A014688048A, 06D762E8C0201600E9F3F5A8FC2D943789572903C3DCAA1C8A8166F9F76BE608 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
15:43:45.0335 0x1740  STHDA - ok
15:43:45.0351 0x1740  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:43:45.0365 0x1740  stisvc - ok
15:43:45.0369 0x1740  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:43:45.0371 0x1740  storflt - ok
15:43:45.0375 0x1740  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
15:43:45.0377 0x1740  StorSvc - ok
15:43:45.0381 0x1740  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:43:45.0382 0x1740  storvsc - ok
15:43:45.0386 0x1740  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:43:45.0387 0x1740  swenum - ok
15:43:45.0401 0x1740  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:43:45.0413 0x1740  swprv - ok
15:43:45.0429 0x1740  [ 2CD7E4392A5E98FA1281B22F62A48E04, 6C0B0436C4BC2B083CEA0E22726A8855AF5FFD63FB9EF32CD82960AA9BEE0BE6 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:43:45.0442 0x1740  SynTP - ok
15:43:45.0484 0x1740  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:43:45.0521 0x1740  SysMain - ok
15:43:45.0528 0x1740  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:43:45.0532 0x1740  TabletInputService - ok
15:43:45.0542 0x1740  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:43:45.0550 0x1740  TapiSrv - ok
15:43:45.0555 0x1740  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:43:45.0557 0x1740  TBS - ok
15:43:45.0601 0x1740  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:43:45.0641 0x1740  Tcpip - ok
15:43:45.0687 0x1740  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:43:45.0720 0x1740  TCPIP6 - ok
15:43:45.0728 0x1740  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:43:45.0730 0x1740  tcpipreg - ok
15:43:45.0734 0x1740  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:43:45.0736 0x1740  TDPIPE - ok
15:43:45.0740 0x1740  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:43:45.0741 0x1740  TDTCP - ok
15:43:45.0747 0x1740  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:43:45.0750 0x1740  tdx - ok
15:43:45.0755 0x1740  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:43:45.0757 0x1740  TermDD - ok
15:43:45.0775 0x1740  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
15:43:45.0795 0x1740  TermService - ok
15:43:45.0800 0x1740  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:43:45.0803 0x1740  Themes - ok
15:43:45.0807 0x1740  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:43:45.0809 0x1740  THREADORDER - ok
15:43:45.0813 0x1740  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:43:45.0815 0x1740  TPM - ok
15:43:45.0821 0x1740  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:43:45.0825 0x1740  TrkWks - ok
15:43:45.0833 0x1740  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:43:45.0836 0x1740  TrustedInstaller - ok
15:43:45.0841 0x1740  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:43:45.0843 0x1740  tssecsrv - ok
15:43:45.0848 0x1740  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:43:45.0850 0x1740  TsUsbFlt - ok
15:43:45.0856 0x1740  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:43:45.0859 0x1740  tunnel - ok
15:43:45.0864 0x1740  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:43:45.0866 0x1740  uagp35 - ok
15:43:45.0877 0x1740  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:43:45.0885 0x1740  udfs - ok
15:43:45.0891 0x1740  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:43:45.0894 0x1740  UI0Detect - ok
15:43:45.0898 0x1740  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:43:45.0900 0x1740  uliagpkx - ok
15:43:45.0904 0x1740  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:43:45.0906 0x1740  umbus - ok
15:43:45.0909 0x1740  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:43:45.0911 0x1740  UmPass - ok
15:43:45.0919 0x1740  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:43:45.0925 0x1740  UmRdpService - ok
15:43:45.0986 0x1740  [ 2955A9ADBC618B6A09E3D3BECC3CCB3D, E4258A01E9DCF66F0E91A691DD0CDBF3E0EBB92D2B041CF63FC66B7991B9D6AD ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:43:46.0033 0x1740  UNS - ok
15:43:46.0047 0x1740  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:43:46.0057 0x1740  upnphost - ok
15:43:46.0063 0x1740  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:43:46.0080 0x1740  USBAAPL64 - ok
15:43:46.0086 0x1740  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:43:46.0089 0x1740  usbccgp - ok
15:43:46.0095 0x1740  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:43:46.0098 0x1740  usbcir - ok
15:43:46.0103 0x1740  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:43:46.0104 0x1740  usbehci - ok
15:43:46.0115 0x1740  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:43:46.0123 0x1740  usbhub - ok
15:43:46.0127 0x1740  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:43:46.0129 0x1740  usbohci - ok
15:43:46.0132 0x1740  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:43:46.0134 0x1740  usbprint - ok
15:43:46.0138 0x1740  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:43:46.0140 0x1740  USBSTOR - ok
15:43:46.0144 0x1740  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:43:46.0146 0x1740  usbuhci - ok
15:43:46.0153 0x1740  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:43:46.0158 0x1740  usbvideo - ok
15:43:46.0162 0x1740  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:43:46.0165 0x1740  UxSms - ok
15:43:46.0168 0x1740  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
15:43:46.0170 0x1740  VaultSvc - ok
15:43:46.0250 0x1740  [ 41EEF971DD82A3674D07F275A4DEF702, 67F5CAAD5FCDAFBF6C5140662B00921BEBF2F65C368D42E50047E596465F1451 ] vcsFPService    C:\Windows\system32\vcsFPService.exe
15:43:46.0306 0x1740  vcsFPService - ok
15:43:46.0313 0x1740  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:43:46.0314 0x1740  vdrvroot - ok
15:43:46.0329 0x1740  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:43:46.0342 0x1740  vds - ok
15:43:46.0346 0x1740  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:43:46.0348 0x1740  vga - ok
15:43:46.0352 0x1740  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:43:46.0353 0x1740  VgaSave - ok
15:43:46.0361 0x1740  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:43:46.0366 0x1740  vhdmp - ok
15:43:46.0369 0x1740  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:43:46.0371 0x1740  viaide - ok
15:43:46.0378 0x1740  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:43:46.0383 0x1740  vmbus - ok
15:43:46.0386 0x1740  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:43:46.0388 0x1740  VMBusHID - ok
15:43:46.0392 0x1740  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:43:46.0395 0x1740  volmgr - ok
15:43:46.0405 0x1740  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:43:46.0414 0x1740  volmgrx - ok
15:43:46.0423 0x1740  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:43:46.0430 0x1740  volsnap - ok
15:43:46.0438 0x1740  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
15:43:46.0442 0x1740  vpcbus - ok
15:43:46.0448 0x1740  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
15:43:46.0450 0x1740  vpcnfltr - ok
15:43:46.0456 0x1740  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
15:43:46.0459 0x1740  vpcusb - ok
15:43:46.0471 0x1740  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
15:43:46.0479 0x1740  vpcvmm - ok
15:43:46.0484 0x1740  [ 0A896CED40823D46BCDCD3AD8D664C96, E68E4E441FBAA361445AE34C08FE625315EE0C0CAA3A0BF08A409546A20020E7 ] vpnpbus         C:\Windows\system32\DRIVERS\vpnpbus.sys
15:43:46.0492 0x1740  vpnpbus - ok
15:43:46.0506 0x1740  [ D122E5576F7CA9903F6576C7F09FA62D, 1A706C24BBAD6A322CBECF9F82231234F1D11CA0398C49EB7743B6932A25AB29 ] Vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
15:43:46.0514 0x1740  Vsdatant - ok
15:43:46.0518 0x1740  vsmon - ok
15:43:46.0525 0x1740  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:43:46.0530 0x1740  vsmraid - ok
15:43:46.0567 0x1740  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:43:46.0599 0x1740  VSS - ok
15:43:46.0604 0x1740  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:43:46.0606 0x1740  vwifibus - ok
15:43:46.0610 0x1740  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:43:46.0612 0x1740  vwififlt - ok
15:43:46.0624 0x1740  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:43:46.0633 0x1740  W32Time - ok
15:43:46.0639 0x1740  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:43:46.0640 0x1740  WacomPen - ok
15:43:46.0646 0x1740  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:43:46.0649 0x1740  WANARP - ok
15:43:46.0653 0x1740  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:43:46.0655 0x1740  Wanarpv6 - ok
15:43:46.0686 0x1740  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:43:46.0713 0x1740  WatAdminSvc - ok
15:43:46.0750 0x1740  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:43:46.0783 0x1740  wbengine - ok
15:43:46.0793 0x1740  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:43:46.0800 0x1740  WbioSrvc - ok
15:43:46.0817 0x1740  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:43:46.0827 0x1740  wcncsvc - ok
15:43:46.0831 0x1740  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:43:46.0834 0x1740  WcsPlugInService - ok
15:43:46.0837 0x1740  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:43:46.0839 0x1740  Wd - ok
15:43:46.0842 0x1740  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
15:43:46.0843 0x1740  WDC_SAM - ok
15:43:46.0864 0x1740  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:43:46.0881 0x1740  Wdf01000 - ok
15:43:46.0888 0x1740  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:43:46.0894 0x1740  WdiServiceHost - ok
15:43:46.0899 0x1740  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:43:46.0901 0x1740  WdiSystemHost - ok
15:43:46.0911 0x1740  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:43:46.0918 0x1740  WebClient - ok
15:43:46.0926 0x1740  [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:43:46.0932 0x1740  Wecsvc - ok
15:43:46.0937 0x1740  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:43:46.0941 0x1740  wercplsupport - ok
15:43:46.0947 0x1740  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:43:46.0951 0x1740  WerSvc - ok
15:43:46.0954 0x1740  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:43:46.0955 0x1740  WfpLwf - ok
15:43:46.0959 0x1740  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:43:46.0960 0x1740  WIMMount - ok
15:43:46.0963 0x1740  WinDefend - ok
15:43:46.0970 0x1740  WinHttpAutoProxySvc - ok
15:43:46.0983 0x1740  [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:43:46.0988 0x1740  Winmgmt - ok
15:43:47.0053 0x1740  [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:43:47.0114 0x1740  WinRM - ok
15:43:47.0125 0x1740  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
15:43:47.0133 0x1740  WinUSB - ok
15:43:47.0156 0x1740  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:43:47.0176 0x1740  Wlansvc - ok
15:43:47.0181 0x1740  [ 9E281477BF61B1CF77CE725851B144CE, C1A077F9416A9F9DAA1E6B848148091E65E518AF7E14024544026F7E74C8FDCE ] wltrysvc        C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
15:43:47.0182 0x1740  wltrysvc - ok
15:43:47.0186 0x1740  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:43:47.0187 0x1740  WmiAcpi - ok
15:43:47.0196 0x1740  [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:43:47.0201 0x1740  wmiApSrv - ok
15:43:47.0203 0x1740  WMPNetworkSvc - ok
15:43:47.0208 0x1740  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:43:47.0210 0x1740  WPCSvc - ok
15:43:47.0216 0x1740  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:43:47.0220 0x1740  WPDBusEnum - ok
15:43:47.0224 0x1740  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:43:47.0225 0x1740  ws2ifsl - ok
15:43:47.0231 0x1740  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:43:47.0235 0x1740  wscsvc - ok
15:43:47.0238 0x1740  WSearch - ok
15:43:47.0295 0x1740  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:43:47.0348 0x1740  wuauserv - ok
15:43:47.0355 0x1740  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:43:47.0358 0x1740  WudfPf - ok
15:43:47.0366 0x1740  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:43:47.0371 0x1740  WUDFRd - ok
15:43:47.0376 0x1740  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:43:47.0380 0x1740  wudfsvc - ok
15:43:47.0388 0x1740  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:43:47.0394 0x1740  WwanSvc - ok
15:43:47.0402 0x1740  [ 44C7B5504CC17733BF7E824307C7E1C7, E00854C6961CC30A5F1DE5E14A37A705B2BA1D86411370C639C5E5309AB3DB24 ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
15:43:47.0403 0x1740  ZAPrivacyService - ok
15:43:47.0409 0x1740  ================ Scan global ===============================
15:43:47.0412 0x1740  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:43:47.0421 0x1740  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:43:47.0433 0x1740  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:43:47.0440 0x1740  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:43:47.0451 0x1740  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:43:47.0458 0x1740  [ Global ] - ok
15:43:47.0458 0x1740  ================ Scan MBR ==================================
15:43:47.0460 0x1740  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:43:47.0535 0x1740  \Device\Harddisk0\DR0 - ok
15:43:47.0538 0x1740  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1
15:43:47.0727 0x1740  \Device\Harddisk1\DR1 - ok
15:43:47.0728 0x1740  ================ Scan VBR ==================================
15:43:47.0734 0x1740  [ 3693428BBFE761933D67F32B5C965653 ] \Device\Harddisk0\DR0\Partition1
15:43:47.0737 0x1740  \Device\Harddisk0\DR0\Partition1 - ok
15:43:47.0742 0x1740  [ 419049F77651F60F683565C0C7E8B892 ] \Device\Harddisk0\DR0\Partition2
15:43:47.0747 0x1740  \Device\Harddisk0\DR0\Partition2 - ok
15:43:47.0752 0x1740  [ 62BB1BBC82E93494B79D161E2007B1CB ] \Device\Harddisk1\DR1\Partition1
15:43:47.0756 0x1740  \Device\Harddisk1\DR1\Partition1 - ok
15:43:47.0757 0x1740  ================ Scan generic autorun ======================
15:43:47.0880 0x1740  [ A720DE5341D6E750E5262298CF5F65FB, D7DA616D77705DB851E9F21198178B594FD20D73BF338B3C50973616C69EDBE5 ] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
15:43:47.0988 0x1740  Broadcom Wireless Manager UI - ok
15:43:48.0011 0x1740  [ AF891F9CA22113D229B5EF18AFAEEFB7, 0CFC5326C819542CFCEDE22B8AA059F7C93E66552C4F995D11D6C4CB7D57A458 ] C:\Program Files\IDT\WDM\sttray64.exe
15:43:48.0026 0x1740  SysTrayApp - ok
15:43:48.0158 0x1740  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] c:\Program Files\Microsoft Security Client\msseces.exe
15:43:48.0179 0x1740  MSC - ok
15:43:48.0181 0x1740  SynTPEnh - ok
15:43:48.0254 0x1740  [ 9401DC5119D4E64F91CDAD7124C0260A, B762AC2EDDCD159D63495FAFC2226189600243F72B1A968CF40527A0F343A682 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
15:43:48.0310 0x1740  EvtMgr6 - ok
15:43:48.0637 0x1740  [ 0544D65ACFF017D368B5305861121A4D, 12B1030A67F1460D4D8B6D1A3E4C546DBC1C3C59B031A4D04F2CE10787840013 ] c:\Program Files\Box\Box Sync\BoxSync.exe
15:43:48.0857 0x1740  BoxSync - ok
15:43:48.0882 0x1740  [ 29043513D8B960AA461452C677E9CAE7, 7D6A83413B324070D435265CDF810AB5EA97CC2DF04A5AD34A588F83AF649DE5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:43:48.0893 0x1740  StartCCC - ok
15:43:48.0902 0x1740  [ CAC998C8D3E0D56D2F245E42C2F70809, 99148E6C7EB6A299B00320350C31D9AAB9326DF85089E92E50E175C1355549EC ] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
15:43:48.0908 0x1740  QLBController - ok
15:43:48.0917 0x1740  [ 20E2FB1FF86FDEA6894F98AC31568396, B9F84A13BBEDF1D7033269B34E7F9B7B7BDC629AE60C2D6BE48853898E987F33 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
15:43:48.0922 0x1740  IAStorIcon - ok
15:43:49.0022 0x1740  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
15:43:49.0027 0x1740  NUSB3MON - ok
15:43:49.0061 0x1740  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:43:49.0077 0x1740  Adobe ARM - ok
15:43:49.0085 0x1740  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:43:49.0090 0x1740  SunJavaUpdateSched - ok
15:43:49.0109 0x1740  [ 1C86D0C84FF3870A3E13808B853C040A, 129B757C9ED918EAA821F77D70C8DDAABC33E7E2929CF48ECD6AEB370D1F43CF ] C:\Program Files (x86)\AirPort\APAgent.exe
15:43:49.0122 0x1740  AirPort Base Station Agent - ok
15:43:49.0128 0x1740  [ 3EDFF682DC8F13851E725CE2F636453E, 7FFC5F11336CB0354D2CEA44C1FC47E67FA4D4D105583F252432EF257CD2A50F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
15:43:49.0130 0x1740  ZoneAlarm - ok
15:43:49.0166 0x1740  [ 4C4A0D2BD3D7EFD27A422C2FD6E631A6, 503F7689AA70B4A37F0F9E59DC0C183259E9FA9323815285916E270A4FD91F0A ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
15:43:49.0192 0x1740  DBAgent - ok
15:43:49.0199 0x1740  [ D2E3E6D94A9E1CFA1561D9C748136FD0, C8CD851F1872086D18A329B47C7DEFAD2CE2E3A8F4321411247D06D07B2DB1D3 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:43:49.0202 0x1740  iTunesHelper - ok
15:43:49.0230 0x1740  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:49.0255 0x1740  Sidebar - ok
15:43:49.0349 0x1740  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:49.0354 0x1740  mctadmin - ok
15:43:49.0398 0x1740  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:43:49.0423 0x1740  Sidebar - ok
15:43:49.0428 0x1740  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:43:49.0430 0x1740  mctadmin - ok
15:43:49.0576 0x1740  [ 23EAB1066FD45A929E662C242062FB3E, E4DE73C63D3906479D454CB1B82C45E49661C446D90FD309BB5D899FE4B04B04 ] C:\Program Files\CCleaner\CCleaner64.exe
15:43:49.0680 0x1740  CCleaner - ok
15:43:49.0702 0x1740  [ 95EA648ACEF2E5CF88A4E28302E1CCF8, 5D2034DB36A39186CCAD6D5109D0310A0E4425D6F4E873029D2EA0A2E50ACCA3 ] C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
15:43:49.0712 0x1740  NETGEARGenie - ok
15:43:49.0728 0x1740  [ AC0EADF509DBD1A9BFC98858052DDA34, 0B549B1E63481E59F0909CA829D1262CEA7FA041849E0C0C4EF693356697D529 ] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
15:43:49.0738 0x1740  LMab1err - ok
15:43:49.0798 0x1740  [ 328EF5D436FADDED0D0D709A394A0C75, 91D1815DD2DED437F4A3D70721B420F013B3CDB8325758E2BB9967C65732B6C5 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
15:43:49.0854 0x1740  LightScribe Control Panel - ok
15:43:49.0922 0x1740  [ B62AC75D3D91445B71F02A90BE144573, B1833E7E5133B4FDBFB721ABF554D321D153F42350EEF19F2ED9DBC1C3007158 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
15:43:49.0930 0x1740  Uploader - ok
15:43:49.0968 0x1740  [ F2B6223824D6DA16216EC3C9FB76C584, 1B52D9301AF0102142424F761C918CC9612DE1F9B1DFB47F5CAB31B69CEC40A7 ] C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe
15:43:49.0988 0x1740  Boxcryptor.exe - ok
15:43:50.0094 0x1740  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\Ying Yang\AppData\Local\Akamai\netsession_win.exe
15:43:50.0174 0x1740  Akamai NetSession Interface - ok
15:43:50.0191 0x1740  [ 8C4C9D676F60BC0ADD7704A9A34EAA60, E6A8FE4FBBD5008E50C219561FDF0D54E0F458D00D689C150BA8E0A1922E20ED ] C:\Users\Ying Yang\AppData\Local\Box\Box Edit\Box Edit.exe
15:43:50.0199 0x1740  Box Edit - ok
15:43:50.0201 0x1740  Waiting for KSN requests completion. In queue: 126
15:43:51.0234 0x1740  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
15:43:51.0239 0x1740  FW detected via SS2: ZoneAlarm Free Firewall Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.1.211.0 ), 0x41010 ( enabled )
15:43:51.0850 0x1740  ============================================================
15:43:51.0850 0x1740  Scan finished
15:43:51.0850 0x1740  ============================================================
15:43:51.0870 0x16e8  Detected object count: 0
15:43:51.0870 0x16e8  Actual detected object count: 0
15:51:16.0791 0x22e8  Deinitialize success
 

I also ran MiniToolBox and here is its log file as well:

 

MiniToolBox by Farbar  Version: 11-06-2014
Ran by Ying Yang (administrator) on 12-06-2014 at 17:31:43
Running from "C:\Users\Ying Yang\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 43224AG 802.11a/b/g/draft-n Wi-Fi Adapter = Wireless Network Connection (Connected)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?A subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : YingYang-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
   Physical Address. . . . . . . . . : E4-11-5B-F8-C2-1F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 43224AG 802.11a/b/g/draft-n Wi-Fi Adapter
   Physical Address. . . . . . . . . : AC-81-12-DA-7F-3D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::400c:a954:8121:aa5d%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.119(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, June 12, 2014 2:02:07 PM
   Lease Expires . . . . . . . . . . : Friday, June 13, 2014 2:02:07 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 296517906
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-64-8B-9F-AC-81-12-DA-7F-3D
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F66FA1DE-0CFB-472D-824D-6218E3A55EBA}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{071E034D-1023-4896-A97A-858A3B0C8330}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:4:233e:3f57:fe88(Preferred)
   Link-local IPv6 Address . . . . . : fe80::4:233e:3f57:fe88%14(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4002:c07::64
      74.125.196.113
      74.125.196.101
      74.125.196.139
      74.125.196.100
      74.125.196.102
      74.125.196.138


Pinging google.com [74.125.196.102] with 32 bytes of data:
Reply from 74.125.196.102: bytes=32 time=24ms TTL=43
Reply from 74.125.196.102: bytes=32 time=25ms TTL=43

Ping statistics for 74.125.196.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 25ms, Average = 24ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=58ms TTL=46
Reply from 98.139.183.24: bytes=32 time=61ms TTL=46

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 58ms, Maximum = 61ms, Average = 59ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
 13...e4 11 5b f8 c2 1f ......Intel® 82579LM Gigabit Network Connection
 12...ac 81 12 da 7f 3d ......Broadcom 43224AG 802.11a/b/g/draft-n Wi-Fi Adapter
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.119     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.119    281
    192.168.1.119  255.255.255.255         On-link     192.168.1.119    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.119    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.119    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.119    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:90d7:4:233e:3f57:fe88/128
                                    On-link
 12    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::4:233e:3f57:fe88/128
                                    On-link
 12    281 fe80::400c:a954:8121:aa5d/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/12/2014 02:02:29 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   19 119.1.168.192.in-addr.arpa. PTR YingYang-PC.local.

Error: (06/12/2014 02:02:29 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.119:5353   21 119.1.168.192.in-addr.arpa. PTR YingYang-PC-2.local.

Error: (06/12/2014 01:54:18 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   19 119.1.168.192.in-addr.arpa. PTR YingYang-PC.local.

Error: (06/12/2014 01:54:18 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.119:5353   21 119.1.168.192.in-addr.arpa. PTR YingYang-PC-2.local.

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (06/12/2014 02:50:07 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (06/12/2014 01:54:34 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (06/12/2014 01:54:04 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/12/2014 01:54:04 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (06/12/2014 00:52:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/12/2014 00:52:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (06/10/2014 07:58:02 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (06/10/2014 06:41:33 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (06/10/2014 04:30:20 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (06/10/2014 03:53:20 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (06/12/2014 02:02:29 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   19 119.1.168.192.in-addr.arpa. PTR YingYang-PC.local.

Error: (06/12/2014 02:02:29 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.119:5353   21 119.1.168.192.in-addr.arpa. PTR YingYang-PC-2.local.

Error: (06/12/2014 01:54:18 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   19 119.1.168.192.in-addr.arpa. PTR YingYang-PC.local.

Error: (06/12/2014 01:54:18 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.119:5353   21 119.1.168.192.in-addr.arpa. PTR YingYang-PC-2.local.

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (06/12/2014 01:54:04 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)


CodeIntegrity Errors:
===================================
  Date: 2014-02-05 15:10:57.987
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-05 15:10:57.985
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-05 15:10:57.983
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-05 15:10:56.863
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-05 15:10:56.860
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-05 15:10:56.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-01 09:48:23.579
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-01 09:48:23.564
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-01 09:48:23.564
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-01 09:48:22.503
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 13 ActiveX (HKCU-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKCU-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKCU-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AirPort (HKCU-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro Smart Card Reader Driver (HKCU-x32 Version: 1.7.16.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKCU-x32\...\SZCCID) (Version: 1.7.16.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.16.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.16.0 - Alcor Micro Corp.) Hidden
Apple Application Support (HKCU-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKCU-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{D5526B83-25C4-88A8-A984-98F871DA1415}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.31516 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BounceBack Ultimate (HKCU-x32\...\{7A61CA24-1CE7-41AB-9FF5-C68373246DB1}) (Version: 11.4.0 - CMS Products)
BounceBack Ultimate (HKLM-x32\...\{7A61CA24-1CE7-41AB-9FF5-C68373246DB1}) (Version: 11.4.0 - CMS Products)
Box Edit (HKCU-x32\...\{E2FF4AB2-6569-42F1-BE29-6436A5AFCA3F}) (Version: 2.0.31.311 - Box)
Box Edit (HKLM-x32\...\{E2FF4AB2-6569-42F1-BE29-6436A5AFCA3F}) (Version: 2.0.31.311 - Box)
Box Sync (HKCU-x32 Version: 4.0.4962.0 - Box Inc.) Hidden
Box Sync (HKLM\...\{CD608C4C-D470-41A5-A960-A2C7A0E68DC8}) (Version: 4.0.4973.0 - Box, Inc.)
Box Sync (x32 Version: 4.0.4962.0 - Box Inc.) Hidden
Boxcryptor 2.0 (HKCU-x32\...\{EBFEBFC7-B128-4700-ADBC-E839BFC833AE}) (Version: 2.0.419.376 - Secomba GmbH)
Boxcryptor 2.0 (HKLM-x32\...\{EBFEBFC7-B128-4700-ADBC-E839BFC833AE}) (Version: 2.0.419.376 - Secomba GmbH)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.61 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.61 - Broadcom Corporation)
calibre (HKCU-x32\...\{39509A2F-C63C-404E-A4DC-7E6D4FCB6D66}) (Version: 1.39.0 - Kovid Goyal)
calibre (HKLM-x32\...\{39509A2F-C63C-404E-A4DC-7E6D4FCB6D66}) (Version: 1.39.0 - Kovid Goyal)
Catalyst Control Center - Branding (HKCU-x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (HKCU-x32 Version: 2011.0206.1335.24298 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0206.1335.24298 - ATI) Hidden
Catalyst Control Center InstallProxy (HKCU-x32 Version: 2011.0206.1335.24298 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0206.1335.24298 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (HKCU-x32 Version: 2011.0206.1335.24298 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0206.1335.24298 - ATI) Hidden
Catalyst Control Center Profiles Mobile (HKCU-x32 Version: 2011.0206.1335.24298 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0206.1335.24298 - ATI) Hidden
CCC Help Chinese Standard (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Chinese Traditional (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Czech (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Danish (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Dutch (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help English (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help English (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Finnish (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help French (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help French (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help German (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help German (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Greek (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Hungarian (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Italian (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Japanese (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Korean (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Norwegian (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Polish (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Portuguese (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Russian (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Spanish (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Swedish (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Thai (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Turkish (HKCU-x32 Version: 2011.0206.1334.24298 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0206.1334.24298 - ATI) Hidden
ccc-core-static (HKCU-x32 Version: 2011.0206.1335.24298 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0206.1335.24298 - ATI) Hidden
ccc-utility64 (Version: 2011.0206.1335.24298 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cisco EAP-FAST Module (HKCU-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKCU-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKCU-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKCU-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
DAEMON Tools Lite (HKCU-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version:  - Microsoft)
DVD Shrink 3.2 (HKCU-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
eReg (HKCU-x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free Fire Screensaver (HKCU-x32\...\Free Fire Screensaver) (Version:  - Laconic Software)
Free Fire Screensaver (HKLM-x32\...\Free Fire Screensaver) (Version:  - Laconic Software)
Google Chrome (HKCU-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (HKCU-x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKCU-x32\...\HandBrake) (Version: 0.9.9.1 - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HP 3D DriveGuard (HKLM\...\{83DA38AB-1014-41C2-A3CD-E2B93832A71A}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Webcam Driver (HKCU-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
IDT Audio (HKCU-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
ImagXpress (HKCU-x32 Version: 7.0.74.0 - Nero AG) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Management Engine Components (HKCU-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel® Rapid Storage Technology (HKCU-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKCU-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (HKCU-x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron 1394 Filter Driver (HKCU-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.20.00 - JMicron Technology Corp.)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.20.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKCU-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.56.1 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.56.1 - JMicron Technology Corp.)
Lexmark Network TWAIN Driver Uninstaller (HKLM\...\Lexmark Network TWAIN Driver) (Version:  - Lexmark International, Inc.)
Lexmark Software Uninstall (HKLM\...\Lexmark_HostCD) (Version:  - Lexmark International, Inc.)
LightScribe System Software (HKCU-x32\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe)
LightScribe System Software (HKLM-x32\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKCU-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKCU-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKCU-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKCU-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKCU-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKCU-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKCU-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 en-US) (HKCU-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKCU-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKCU-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKCU-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (HKCU-x32 Version: 1.0.0 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR Genie (HKCU-x32\...\NETGEAR Genie) (Version: 2.3.1.16 - NETGEAR Inc.)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.16 - NETGEAR Inc.)
Renesas Electronics USB 3.0 Host Controller Driver (HKCU-x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKCU-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Seagate Dashboard (HKCU-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.0.34.1 - Seagate)
Seagate Dashboard (HKLM-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.0.34.1 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.SingleImage_{E84E9B25-BEB6-4F2F-84BB-755CDA8E89C0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.SingleImage_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.SingleImage_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VLC media player 2.1.3 (HKCU-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
ZoneAlarm Firewall (HKCU-x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKCU-x32\...\ZoneAlarm Free Firewall) (Version: 13.1.211.000 - Check Point)
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.1.211.000 - Check Point)
ZoneAlarm Security (HKCU-x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden

========================= Devices: ================================

Name: Broadcom 2070 Bluetooth
Description: Broadcom 2070 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 16334.36 MB
Available physical RAM: 12981.38 MB
Total Pagefile: 32666.9 MB
Available Pagefile: 29146.1 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.04 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:238.37 GB) (Free:117.81 GB) NTFS
3 Drive e: (FreeAgent GoFlex Drive) (Fixed) (Total:465.76 GB) (Free:426.26 GB) NTFS

========================= Users: ========================================

User accounts for \\YINGYANG-PC

Administrator            Guest                    Ying Yang                

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

06-06-2014 23:37:16 Windows Update
07-06-2014 20:44:51 Installed BounceBack Ultimate
07-06-2014 23:47:40 Installed calibre
08-06-2014 19:42:17 Windows Update
10-06-2014 05:16:59 Windows Update
10-06-2014 23:50:45 Installed 7-Zip 9.20 (x64 edition)
11-06-2014 00:33:55 Device Driver Package Install: DT Soft Ltd System devices
11-06-2014 19:12:03 Windows Update

**** End of log ****
 

 

Processes, Services, and Modules came back with no RED. GMER showed some registry keys in RED like HKLM/Security and HKLM/Software, Documents and Settings folders in RED, Users folder in RED, pagefile.sys and hiberfil.sys in RED, system volume information, camera.log, HPCamDrv.log, and TDSSkiller.3.0.0.39_12.06.2014_15.42.51__log.txt to name a few and the deeper I dug the worse it seemed to get. But GMER said one thing and TDSSkiller said another? See attached GMER.txt for more...

 

I would appreciate any and all help with this matter in me having a better understanding of this overall situation like when, if ever, is a good time to try and remove a rootkit. Where to start looking? In the BIOS first or system processses and services. In the WINDOWS folder as well as the SYSTEM 32 folder?

 

Seems to me that with all the damage a ROOTKIT does that unless you are trying to identify the reason of the ROOTKIT itself that trying to remove it is a waste of time. But I would like to be able to know what to look for as well so any and all information would be greatly appreciated

 

Thanks in advance,

 

ITGUY2014

Attached File  TDSSKiller.3.0.0.39_12.06.2014_15.42.51_log.txt   222.29KB   0 downloads

Attached File  MiniToolBox.txt   24.18KB   0 downloads

Attached File  GMER.txt   24.18KB   0 downloads


Edited by Orange Blossom, 13 June 2014 - 12:04 AM.


BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:53 AM

Posted 17 June 2014 - 06:15 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/537537 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 ITguy2014

ITguy2014
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:53 AM

Posted 18 June 2014 - 12:27 PM

I forgot to mention 64 bit Windows 7 Professional SP1. I am attaching the DDS file and its attachment. I do not believe I am infected but I want to make sure and learn a thing or two for future reference. I have the install disk for windows 7 and I am running Bounceback reimaging software and have not done an incremental backup since the incident....

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.55.2
Run by Ying Yang at 13:00:08 on 2014-06-18
Microsoft Windows 7 Professional 64bit   6.1.7601.1.1252.1.1033.18.16334.13994 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\CMS Products\BounceBack Ultimate\BBWatcherService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\LMabcoms.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\vssvc.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Box\Box Sync\BoxSync.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Ying Yang\AppData\Local\Akamai\netsession_win.exe
C:\PROGRA~1\Box\BOXSYN~1\BoxSync.exe
C:\Users\Ying Yang\AppData\Local\Box\Box Edit\Box Edit.exe
C:\Users\Ying Yang\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AirPort\APAgent.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CMS Products\BounceBack Ultimate\BBLauncher.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Logitech\SetPointP\LogiAppBroker.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
uRun: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
uRun: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
uRun: [Boxcryptor.exe] "C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Ying Yang\AppData\Local\Akamai\netsession_win.exe"
uRun: [Box Edit] C:\Users\Ying Yang\AppData\Local\Box\Box Edit\Box Edit.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BOUNCE~1.LNK - C:\Program Files (x86)\CMS Products\BounceBack Ultimate\BBStartup.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T29L10NSP3-17099/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{071E034D-1023-4896-A97A-858A3B0C8330} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{071E034D-1023-4896-A97A-858A3B0C8330}\242516E64654374716475637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{071E034D-1023-4896-A97A-858A3B0C8330}\7395A43334 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{071E034D-1023-4896-A97A-858A3B0C8330}\77C656373736F6E6E65374 : DHCPNameServer = 208.67.222.222 172.23.1.1
TCP: Interfaces\{071E034D-1023-4896-A97A-858A3B0C8330}\9796E676029716E676D2537486A7 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{071E034D-1023-4896-A97A-858A3B0C8330}\9796E6769704E676 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator-cbfs4 - {CD3C4D08-9DA6-48A3-810A-BE18BB14DC93} - C:\Windows\SysWOW64\cbfsMntNtf4.dll
STS: Virtual Storage Mount Notification - {CD3C4D08-9DA6-48A3-810A-BE18BB14DC93} - C:\Windows\SysWOW64\cbfsMntNtf4.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [BoxSync] "c:\Program Files\Box\Box Sync\BoxSync.exe" -m
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator-cbfs4 - {CD3C4D08-9DA6-48A3-810A-BE18BB14DC93} - C:\Windows\System32\cbfsMntNtf4.dll
x64-STS: Virtual Storage Mount Notification - {CD3C4D08-9DA6-48A3-810A-BE18BB14DC93} - C:\Windows\System32\cbfsMntNtf4.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ying Yang\AppData\Roaming\Mozilla\Firefox\Profiles\739xrh9q.default\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Users\Ying Yang\AppData\Local\Box\Box Edit\npBoxEdit.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2014-1-12 26712]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R1 cbfs4;cbfs4;C:\Windows\System32\drivers\cbfs4.sys [2014-5-23 387776]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2014-6-10 283064]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2014-1-12 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-1-12 203776]
R2 BBWatcherService;BBWatcherService;C:\Program Files (x86)\CMS Products\BounceBack Ultimate\BBWatcherService.exe [2014-6-7 65536]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-1-11 92216]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-1-28 281656]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-1-12 13336]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2013-11-14 232192]
R2 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2014-2-10 16000]
R2 Seagate MobileBackup Service;Seagate MobileBackup Service;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [2014-2-10 157264]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2014-1-12 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2011-1-21 3154224]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2014-4-9 92176]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-1-12 115216]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2014-1-12 173656]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2013-5-23 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2013-5-23 13080]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 vpnpbus;EldoS PnP Virtual Bus driver;C:\Windows\System32\drivers\vpnpbus.sys [2014-5-23 18624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 BoxSyncUpdateService;Box Sync Update Service;C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [2014-5-19 28768]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2014-1-12 344616]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2014-1-12 39464]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-16 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-15 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-12 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-06-18 16:53:37    10779000    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C4B6A13A-D142-4FEA-B08C-BD329A1BC426}\mpengine.dll
2014-06-16 16:40:01    10702536    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-14 18:40:44    1031560    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5C844B33-3D37-4AA9-ACAB-E2CE3DF87B2C}\gapaengine.dll
2014-06-13 02:23:01    --------    d-----w-    C:\ProgramData\SecTaskMan
2014-06-11 23:13:40    --------    d-----w-    C:\Program Files (x86)\DVD Shrink
2014-06-11 22:54:52    --------    d-----w-    C:\Program Files\Handbrake
2014-06-11 19:04:10    506368    ----a-w-    C:\Windows\System32\aepdu.dll
2014-06-11 19:04:09    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-06-11 00:30:14    283064    ----a-w-    C:\Windows\System32\drivers\dtsoftbus01.sys
2014-06-11 00:26:43    --------    d-----w-    C:\Program Files (x86)\DAEMON Tools Lite
2014-06-10 18:50:44    --------    d-----w-    C:\Program Files\iPod
2014-06-10 18:50:43    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-10 18:50:43    --------    d-----w-    C:\Program Files\iTunes
2014-06-10 18:50:43    --------    d-----w-    C:\Program Files (x86)\iTunes
2014-06-09 01:38:58    --------    d-----w-    C:\ProgramData\IsolatedStorage
2014-06-08 19:43:10    74240    ------w-    C:\Windows\System32\wbem\NCProv.dll
2014-06-08 19:43:10    58368    ------w-    C:\Windows\System32\ncobjapi.dll
2014-06-08 19:43:10    46080    ------w-    C:\Windows\SysWow64\ncobjapi.dll
2014-06-08 16:44:38    --------    d-----w-    C:\SC2012_R2_SCCM_SCEP
2014-06-07 23:49:08    --------    d-----w-    C:\Users\Ying Yang\AppData\Local\calibre-cache
2014-06-07 23:48:11    --------    d-----w-    C:\Users\Ying Yang\AppData\Roaming\calibre
2014-06-07 23:47:48    --------    d-----w-    C:\Program Files (x86)\Calibre2
2014-06-05 09:37:45    --------    d-----w-    C:\Users\Ying Yang\AppData\Roaming\Box
2014-06-05 03:13:46    --------    d-----w-    C:\Users\Ying Yang\AppData\Local\Akamai
2014-06-04 03:32:30    --------    d-----w-    C:\Users\Ying Yang\AppData\Roaming\BitTorrent
2014-05-28 02:01:56    --------    d-sh--w-    C:\Users\Ying Yang\AppData\Local\EmieUserList
2014-05-28 02:01:56    --------    d-sh--w-    C:\Users\Ying Yang\AppData\Local\EmieSiteList
2014-05-27 02:37:21    --------    d-s---w-    C:\Users\Ying Yang\Box Sync
2014-05-27 02:35:07    --------    d-----w-    C:\Users\Ying Yang\AppData\Local\Box Sync
2014-05-27 02:34:46    --------    d-----w-    C:\Program Files\Box
2014-05-27 02:34:23    --------    d-----w-    C:\ProgramData\Package Cache
2014-05-23 22:19:03    --------    d-----w-    C:\Users\Ying Yang\AppData\Local\Boxcryptor
2014-05-23 22:15:07    387776    ------w-    C:\Windows\System32\drivers\cbfs4.sys
2014-05-23 22:15:07    218408    ------w-    C:\Windows\SysWow64\cbfsNetRdr4.dll
2014-05-23 22:15:07    183080    ------w-    C:\Windows\System32\cbfsMntNtf4.dll
2014-05-23 22:15:07    156456    ------w-    C:\Windows\SysWow64\cbfsMntNtf4.dll
2014-05-23 22:15:07    120104    ------w-    C:\Windows\System32\cbfsNetRdr4.dll
2014-05-23 22:14:48    9000    ------w-    C:\Windows\System32\elevtmsg.dll
2014-05-23 22:14:48    18624    ------w-    C:\Windows\System32\drivers\vpnpbus.sys
2014-05-23 22:14:46    --------    d-----w-    C:\Program Files (x86)\Boxcryptor
2014-05-23 22:04:41    --------    d-----w-    C:\Users\Ying Yang\AppData\Local\Box
.
==================== Find3M  ====================
.
2014-06-15 23:41:35    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-30 10:02:37    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22    5782528    ----a-w-    C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22    2040832    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56    2266112    ----a-w-    C:\Windows\System32\wininet.dll
2014-05-30 07:56:50    4244992    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38    1964544    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10    1790976    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-05-16 21:14:38    70832    ------w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-16 21:14:38    692400    ------w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-12 11:26:10    63704    ------w-    C:\Windows\System32\drivers\mwac.sys
2014-05-12 11:26:00    91352    ------w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 11:25:56    25816    ------w-    C:\Windows\System32\drivers\mbam.sys
2014-05-08 09:32:11    3178496    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11    16384    ----a-w-    C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-25 03:03:34    450968    ------w-    C:\Windows\System32\drivers\vsdatant.sys
2014-04-25 02:34:59    801280    ----a-w-    C:\Windows\System32\usp10.dll
2014-04-25 02:06:17    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll
2014-04-15 00:13:43    96168    ------w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05    95680    ------w-    C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ------w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ------w-    C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ------w-    C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ------w-    C:\Windows\System32\secur32.dll
2014-04-12 02:19:32    1460736    ------w-    C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05    31232    ------w-    C:\Windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ------w-    C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ------w-    C:\Windows\SysWow64\sspicli.dll
2014-04-05 02:47:20    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09    288192    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-03-28 05:40:49    18960    ------w-    C:\Windows\System32\drivers\LNonPnP.sys
2014-03-26 14:44:48    2002432    ----a-w-    C:\Windows\System32\msxml6.dll
2014-03-26 14:44:48    1882112    ----a-w-    C:\Windows\System32\msxml3.dll
2014-03-26 14:41:39    2048    ----a-w-    C:\Windows\System32\msxml6r.dll
2014-03-26 14:41:39    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2014-03-26 14:27:50    1389056    ----a-w-    C:\Windows\SysWow64\msxml6.dll
2014-03-26 14:27:50    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2014-03-26 14:25:14    2048    ----a-w-    C:\Windows\SysWow64\msxml6r.dll
2014-03-26 14:25:14    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
.
============= FINISH: 13:00:21.59 ===============
 



#4 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,559 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:53 PM

Posted 18 June 2014 - 01:52 PM

I do not believe I am infected but I want to make sure and learn a thing or two for future reference.

This section is for analyzing of logs if you are infected. Your queries are better suited Anti-Virus and Anti-Malware Software but I doubt you will get much information about our removal tools as the tutorials are private. I can say that just because an entry is red marked is not necessarily malicious.
If you are certain that you are infection we can proceed with your thread or I can close it. :)

Regards,
Valinorum

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#5 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,559 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:53 PM

Posted 21 June 2014 - 02:06 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users