Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Suspicious Processes


  • This topic is locked This topic is locked
56 replies to this topic

#1 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 01 August 2014 - 07:33 AM

Mod Edit: Moved to Virus, Trojan, Spyware, and Malware Removal Logs  contains RogueKiller  log ~~boopme            
 
 
 
Hi at all !!!
I think that i am infected.
When i execute the RogueKiller and is checking the processes it finds and terminates 56 hidden processes.But i have do a lot of scans with Malwarebytes Anti-Malware,Emsisoft Anti-Malware,Kaspersky TDSSKiller,HitmanPro,and other scanners and none of them detect anything.So is this a RogueKiller's false positive or in my system are running malicious processes that the other scanners don't detect???
Also RogueKiller finds some suspicious sheduled tasks sometimes but other times not.
I am running Windows 8 Operating System 64 bit. :whistle:
I have post the logs of Malwarebytes,Rkill,TDSSKiller and RogueKiller.I f you want other logs tell me and in my next post i will post them.
Thanks! :)
_________________________________________________________________________________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/1/2014
Scan Time: 1:25:10 PM
Logfile: Malwarebytes Anti-Malware.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.01.01
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: I?II?I?I?IµI?I/I·I?
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 288350
Time Elapsed: 10 min, 22 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
_________________________________________________________________________________________________________

13:38:34.0513 0x5fdc  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:38:34.0513 0x5fdc  UEFI system
13:38:38.0216 0x5fdc  ============================================================
13:38:38.0216 0x5fdc  Current date / time: 2014/08/01 13:38:38.0216
13:38:38.0216 0x5fdc  SystemInfo:
13:38:38.0216 0x5fdc  
13:38:38.0216 0x5fdc  OS Version: 6.2.9200 ServicePack: 0.0
13:38:38.0216 0x5fdc  Product type: Workstation
13:38:38.0216 0x5fdc  ComputerName: LENOVOS500ARISG
13:38:38.0216 0x5fdc  UserName: Αριστειδης
13:38:38.0216 0x5fdc  Windows directory: C:\windows
13:38:38.0216 0x5fdc  System windows directory: C:\windows
13:38:38.0216 0x5fdc  Running under WOW64
13:38:38.0216 0x5fdc  Processor architecture: Intel x64
13:38:38.0216 0x5fdc  Number of processors: 4
13:38:38.0216 0x5fdc  Page size: 0x1000
13:38:38.0216 0x5fdc  Boot type: Normal boot
13:38:38.0216 0x5fdc  ============================================================
13:38:39.0279 0x5fdc  KLMD registered as C:\windows\system32\drivers\41327282.sys
13:38:39.0638 0x5fdc  System UUID: {ACE52361-E991-B375-CC20-323D5882142B}
13:38:40.0513 0x5fdc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:38:40.0545 0x5fdc  ============================================================
13:38:40.0545 0x5fdc  \Device\Harddisk0\DR0:
13:38:40.0545 0x5fdc  GPT partitions:
13:38:40.0545 0x5fdc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FF91B38C-CAB2-4FFF-9D56-A84270EF6332}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
13:38:40.0545 0x5fdc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {09280299-5C14-477B-9A74-E7B62888244B}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
13:38:40.0545 0x5fdc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {782D4567-1AB9-43B2-A6DD-60AF0E779C3D}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
13:38:40.0545 0x5fdc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4A4D8EAB-D10A-4A81-BFE1-CE234A9C9FF9}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
13:38:40.0545 0x5fdc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {588D55A4-1E66-4B57-866B-F4317C33D317}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x35174000
13:38:40.0545 0x5fdc  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {623725AE-C4B4-431D-9899-C10CAB4FB1E2}, Name: Basic data partition, StartLBA 0x3561E800, BlocksNum 0x3200000
13:38:40.0545 0x5fdc  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {984DAADB-591A-4F81-A8E7-0D7D1B0F9314}, Name: Basic data partition, StartLBA 0x3881E800, BlocksNum 0x1B67800
13:38:40.0545 0x5fdc  MBR partitions:
13:38:40.0545 0x5fdc  ============================================================
13:38:40.0576 0x5fdc  C: <-> \Device\Harddisk0\DR0\Partition5
13:38:40.0623 0x5fdc  D: <-> \Device\Harddisk0\DR0\Partition6
13:38:40.0623 0x5fdc  ============================================================
13:38:40.0623 0x5fdc  Initialize success
13:38:40.0623 0x5fdc  ============================================================
13:38:46.0543 0x5d3c  ============================================================
13:38:46.0543 0x5d3c  Scan started
13:38:46.0543 0x5d3c  Mode: Manual; SigCheck; TDLFS; 
13:38:46.0543 0x5d3c  ============================================================
13:38:46.0543 0x5d3c  KSN ping started
13:38:49.0309 0x5d3c  KSN ping finished: true
13:38:50.0997 0x5d3c  ================ Scan system memory ========================
13:38:50.0997 0x5d3c  System memory - ok
13:38:50.0997 0x5d3c  ================ Scan services =============================
13:38:51.0184 0x5d3c  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
13:38:51.0762 0x5d3c  1394ohci - ok
13:38:51.0794 0x5d3c  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
13:38:51.0950 0x5d3c  3ware - ok
13:38:52.0059 0x5d3c  [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA           C:\EEKAM\RUN\a2ddax64.sys
13:38:52.0137 0x5d3c  A2DDA - ok
13:38:52.0184 0x5d3c  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:38:52.0262 0x5d3c  ACPI - ok
13:38:52.0294 0x5d3c  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
13:38:52.0465 0x5d3c  acpiex - ok
13:38:52.0512 0x5d3c  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
13:38:52.0684 0x5d3c  acpipagr - ok
13:38:52.0700 0x5d3c  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
13:38:52.0934 0x5d3c  AcpiPmi - ok
13:38:52.0950 0x5d3c  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
13:38:53.0075 0x5d3c  acpitime - ok
13:38:53.0106 0x5d3c  [ 3B42D95D20CD2AACDB0564471AE43ED7, BF49568D7060159F61D5F6DE7ECDECCCD1F920A2881544BA83CF420C822F6653 ] ACPIVPC         C:\windows\System32\drivers\AcpiVpc.sys
13:38:53.0169 0x5d3c  ACPIVPC - ok
13:38:53.0309 0x5d3c  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:38:53.0372 0x5d3c  AdobeFlashPlayerUpdateSvc - ok
13:38:53.0403 0x5d3c  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
13:38:53.0575 0x5d3c  adp94xx - ok
13:38:53.0622 0x5d3c  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
13:38:53.0809 0x5d3c  adpahci - ok
13:38:53.0856 0x5d3c  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
13:38:53.0966 0x5d3c  adpu320 - ok
13:38:53.0997 0x5d3c  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:38:54.0184 0x5d3c  AeLookupSvc - ok
13:38:54.0247 0x5d3c  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\windows\system32\drivers\afd.sys
13:38:54.0387 0x5d3c  AFD - ok
13:38:54.0419 0x5d3c  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
13:38:54.0544 0x5d3c  agp440 - ok
13:38:54.0591 0x5d3c  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
13:38:54.0794 0x5d3c  ALG - ok
13:38:54.0825 0x5d3c  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
13:38:55.0028 0x5d3c  AllUserInstallAgent - ok
13:38:55.0075 0x5d3c  [ E019017558B28A707119F8545AD1A1C0, 7A080DB2BDD1AE7E849EE79BF42B737D78A4F6EA6D07F61D6E994D7A383E9551 ] ambakdrv        C:\windows\system32\ambakdrv.sys
13:38:55.0122 0x5d3c  ambakdrv - detected UnsignedFile.Multi.Generic ( 1 )
13:38:57.0747 0x5d3c  Detect skipped due to KSN trusted
13:38:57.0747 0x5d3c  ambakdrv - ok
13:38:57.0810 0x5d3c  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
13:38:58.0013 0x5d3c  AmdK8 - ok
13:38:58.0028 0x5d3c  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
13:38:58.0091 0x5d3c  AmdPPM - ok
13:38:58.0091 0x5d3c  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:38:58.0200 0x5d3c  amdsata - ok
13:38:58.0247 0x5d3c  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:38:58.0341 0x5d3c  amdsbs - ok
13:38:58.0372 0x5d3c  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:38:58.0497 0x5d3c  amdxata - ok
13:38:58.0528 0x5d3c  [ 46014EDFDC8AF8733E14947448D122C5, 8CE2BD29CF7230A624745334A76F5F8C2E5C01EEDB2B803F9468771BC9DCBC4D ] ammntdrv        C:\windows\system32\ammntdrv.sys
13:38:58.0560 0x5d3c  ammntdrv - detected UnsignedFile.Multi.Generic ( 1 )
13:39:01.0169 0x5d3c  Detect skipped due to KSN trusted
13:39:01.0169 0x5d3c  ammntdrv - ok
13:39:01.0263 0x5d3c  [ 7D676814DE129391D423F3D97F590414, F72ECCC2D80F6E2144B88D232E74DD17C7E9FEBB476A289759C7FF041C6E47B3 ] AmUStor         C:\windows\system32\drivers\AmUStor.SYS
13:39:01.0388 0x5d3c  AmUStor - ok
13:39:01.0419 0x5d3c  [ 7CD08E63219E00BB206077F5BA708677, E8F4031E5E524C60D5853B5DE3AC37E45F28B490665F0CD2016754EDCFA4B2F2 ] amwrtdrv        C:\windows\system32\amwrtdrv.sys
13:39:01.0482 0x5d3c  amwrtdrv - detected UnsignedFile.Multi.Generic ( 1 )
13:39:04.0198 0x5d3c  Detect skipped due to KSN trusted
13:39:04.0198 0x5d3c  amwrtdrv - ok
13:39:04.0261 0x5d3c  [ 1EAD67808EE5516E1E0830FD300CC1F2, 8A35D1216C7D0BC12341DC8D5DB79FE13AF54493757EEF300A712CE5917894F6 ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
13:39:04.0323 0x5d3c  ApfiltrService - ok
13:39:04.0370 0x5d3c  [ C65A3C67630A67A97AD26C21173BA61E, 9C66AF6FC15FEA0B0352540C037AD87B4113CE401C10B6A35DE98901E74152DC ] Apowersoft_AudioDevice C:\windows\system32\drivers\Apowersoft_AudioDevice.sys
13:39:04.0433 0x5d3c  Apowersoft_AudioDevice - ok
13:39:04.0480 0x5d3c  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
13:39:04.0745 0x5d3c  AppID - ok
13:39:04.0792 0x5d3c  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:39:04.0948 0x5d3c  AppIDSvc - ok
13:39:04.0980 0x5d3c  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
13:39:05.0105 0x5d3c  Appinfo - ok
13:39:05.0136 0x5d3c  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
13:39:05.0214 0x5d3c  arc - ok
13:39:05.0245 0x5d3c  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:39:05.0355 0x5d3c  arcsas - ok
13:39:05.0386 0x5d3c  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:39:05.0542 0x5d3c  AsyncMac - ok
13:39:05.0574 0x5d3c  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
13:39:05.0652 0x5d3c  atapi - ok
13:39:05.0683 0x5d3c  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
13:39:05.0855 0x5d3c  AudioEndpointBuilder - ok
13:39:05.0933 0x5d3c  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\windows\System32\Audiosrv.dll
13:39:06.0011 0x5d3c  Audiosrv - ok
13:39:06.0074 0x5d3c  [ AAE1DAE483DD57D0E267FCA42FCB5133, CB0A2DE350E975015C4601F66294B54DEFA9708082272DCB57E1BBB288ACE280 ] avc3            C:\windows\system32\DRIVERS\avc3.sys
13:39:06.0136 0x5d3c  avc3 - ok
13:39:06.0167 0x5d3c  [ 8183B715BD56561C27BEBB68B1192B7A, 19C65D0684D24956CDB3A3369AFFF4ECAC3FB7D2AA38ED41AD75AF3DDDFE882B ] avckf           C:\windows\system32\DRIVERS\avckf.sys
13:39:06.0230 0x5d3c  avckf - ok
13:39:06.0261 0x5d3c  [ 01E8B6C1EE4ACE6AC114124E0D7CFDC8, FF9FE07D45909E3AB43B3BA5DAC77EB26F6DC8441F96ACEDD297AA5271C8D135 ] avgtp           C:\windows\system32\drivers\avgtpx64.sys
13:39:06.0324 0x5d3c  avgtp - ok
13:39:06.0370 0x5d3c  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:39:06.0574 0x5d3c  AxInstSV - ok
13:39:06.0620 0x5d3c  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
13:39:06.0667 0x5d3c  b06bdrv - ok
13:39:06.0808 0x5d3c  [ 8FE4E53FE6275ADA7AA9E803FD3655E7, DF66E6E61F6C2F516E36F31FE34E8F7B79CE028FFFD7D27F71D6D713808768FD ] Backupper Service C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe
13:39:06.0855 0x5d3c  Backupper Service - ok
13:39:06.0886 0x5d3c  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
13:39:07.0074 0x5d3c  BasicDisplay - ok
13:39:07.0120 0x5d3c  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
13:39:07.0245 0x5d3c  BasicRender - ok
13:39:07.0324 0x5d3c  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\windows\System32\bdesvc.dll
13:39:07.0464 0x5d3c  BDESVC - ok
13:39:07.0574 0x5d3c  [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf         C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys
13:39:07.0652 0x5d3c  bdfwfpf - ok
13:39:07.0699 0x5d3c  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
13:39:07.0855 0x5d3c  Beep - ok
13:39:07.0933 0x5d3c  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\windows\System32\bfe.dll
13:39:08.0042 0x5d3c  BFE - ok
13:39:08.0105 0x5d3c  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\System32\qmgr.dll
13:39:08.0324 0x5d3c  BITS - ok
13:39:08.0417 0x5d3c  [ EBBFB0846A9E6EC2C8EB37D5159E4A32, CE04E2008F0DA9A51A67727B9C9C2B780DC04535A8C1042D63214F6D3256A8BF ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
13:39:08.0511 0x5d3c  Bluetooth Device Monitor - ok
13:39:08.0574 0x5d3c  [ 0CDC62421FAF23ECA85DDF6F6560F690, E74CD783FBBD6CBD55E8A2ADA315922C1ED8F78405448A56C34C0697816D82EC ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
13:39:08.0683 0x5d3c  Bluetooth OBEX Service - ok
13:39:08.0714 0x5d3c  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:39:08.0839 0x5d3c  bowser - ok
13:39:08.0871 0x5d3c  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
13:39:08.0980 0x5d3c  BrokerInfrastructure - ok
13:39:09.0011 0x5d3c  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
13:39:09.0136 0x5d3c  Browser - ok
13:39:09.0183 0x5d3c  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
13:39:09.0324 0x5d3c  BthAvrcpTg - ok
13:39:09.0386 0x5d3c  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
13:39:09.0496 0x5d3c  BthEnum - ok
13:39:09.0527 0x5d3c  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
13:39:09.0761 0x5d3c  BthHFEnum - ok
13:39:09.0792 0x5d3c  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
13:39:09.0964 0x5d3c  bthhfhid - ok
13:39:09.0996 0x5d3c  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
13:39:10.0121 0x5d3c  BthLEEnum - ok
13:39:10.0168 0x5d3c  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
13:39:10.0324 0x5d3c  BTHMODEM - ok
13:39:10.0371 0x5d3c  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
13:39:10.0605 0x5d3c  BthPan - ok
13:39:10.0699 0x5d3c  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
13:39:10.0808 0x5d3c  BTHPORT - ok
13:39:10.0839 0x5d3c  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
13:39:10.0918 0x5d3c  bthserv - ok
13:39:10.0964 0x5d3c  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
13:39:11.0074 0x5d3c  BTHUSB - ok
13:39:11.0121 0x5d3c  [ B9BAE822591494E7347D9E948C917751, 4D1DBB9D86B723A7A520878BDC1AA92B22984971297B7A9156B11222869FC252 ] btmaux          C:\windows\system32\DRIVERS\btmaux.sys
13:39:11.0152 0x5d3c  btmaux - ok
13:39:11.0214 0x5d3c  [ 8669DE4D76C48D8DC09B6034ABEBEB1A, 96BEF747846D2276B50A19C60CD71629ECCBB66BF6CA8CAE333773030FFB588C ] btmhsf          C:\windows\system32\DRIVERS\btmhsf.sys
13:39:11.0324 0x5d3c  btmhsf - ok
13:39:11.0386 0x5d3c  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NST       C:\windows\system32\drivers\NSTx64\7DE07030.00C\ccSetx64.sys
13:39:11.0433 0x5d3c  ccSet_NST - ok
13:39:11.0464 0x5d3c  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:39:11.0605 0x5d3c  cdfs - ok
13:39:11.0668 0x5d3c  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
13:39:11.0871 0x5d3c  cdrom - ok
13:39:11.0918 0x5d3c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
13:39:12.0058 0x5d3c  CertPropSvc - ok
13:39:12.0136 0x5d3c  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
13:39:12.0246 0x5d3c  circlass - ok
13:39:12.0371 0x5d3c  [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        C:\EEKAM\Run\cleanhlp64.sys
13:39:12.0449 0x5d3c  cleanhlp - ok
13:39:12.0480 0x5d3c  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\windows\system32\drivers\CLFS.sys
13:39:12.0574 0x5d3c  CLFS - ok
13:39:12.0636 0x5d3c  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
13:39:12.0730 0x5d3c  CmBatt - ok
13:39:12.0793 0x5d3c  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\windows\system32\Drivers\cng.sys
13:39:12.0855 0x5d3c  CNG - ok
13:39:12.0886 0x5d3c  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
13:39:12.0965 0x5d3c  CompositeBus - ok
13:39:12.0980 0x5d3c  COMSysApp - ok
13:39:12.0996 0x5d3c  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
13:39:13.0152 0x5d3c  condrv - ok
13:39:13.0261 0x5d3c  [ 3AB8D5A07C09FFBCAB55F2482434A2E0, 7E8EDD8FF76FFD52F614889750DE99DB34215480764BFF1C018126A253221D50 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
13:39:13.0308 0x5d3c  cphs - ok
13:39:13.0355 0x5d3c  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:39:13.0496 0x5d3c  CryptSvc - ok
13:39:13.0543 0x5d3c  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\windows\system32\drivers\dam.sys
13:39:13.0621 0x5d3c  dam - ok
13:39:13.0699 0x5d3c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:39:13.0902 0x5d3c  DcomLaunch - ok
13:39:13.0965 0x5d3c  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\windows\System32\defragsvc.dll
13:39:14.0152 0x5d3c  defragsvc - ok
13:39:14.0230 0x5d3c  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
13:39:14.0418 0x5d3c  DeviceAssociationService - ok
13:39:14.0465 0x5d3c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
13:39:14.0558 0x5d3c  DeviceInstall - ok
13:39:14.0621 0x5d3c  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
13:39:14.0746 0x5d3c  Dfsc - ok
13:39:14.0887 0x5d3c  [ D51B32BA3897F630D99713B74B40D6A2, 5EB136A8248E6FA1316CFA273D9DC8F9C8E8CCB9AC00AE23C1337FBF5F6FDBEC ] DfSdkS          C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\DfsdkS64.exe
13:39:14.0949 0x5d3c  DfSdkS - detected UnsignedFile.Multi.Generic ( 1 )
13:39:17.0574 0x5d3c  Detect skipped due to KSN trusted
13:39:17.0574 0x5d3c  DfSdkS - ok
13:39:17.0684 0x5d3c  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\windows\system32\dhcpcore.dll
13:39:17.0855 0x5d3c  Dhcp - ok
13:39:17.0980 0x5d3c  [ 05F99DFF3A8D705F9AA6B87224F7BEB1, DDE133A44A330A07A0EB961559C840BBFC9D9E0CCA27DE0B4284C76BCAD31EDE ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
13:39:18.0027 0x5d3c  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
13:39:20.0637 0x5d3c  Detect skipped due to KSN trusted
13:39:20.0637 0x5d3c  DirMngr - ok
13:39:20.0715 0x5d3c  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
13:39:20.0856 0x5d3c  discache - ok
13:39:20.0887 0x5d3c  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\windows\system32\drivers\disk.sys
13:39:20.0934 0x5d3c  disk - ok
13:39:20.0949 0x5d3c  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
13:39:21.0059 0x5d3c  dmvsc - ok
13:39:21.0106 0x5d3c  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:39:21.0199 0x5d3c  Dnscache - ok
13:39:21.0231 0x5d3c  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
13:39:21.0309 0x5d3c  dot3svc - ok
13:39:21.0356 0x5d3c  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
13:39:21.0449 0x5d3c  DPS - ok
13:39:21.0606 0x5d3c  [ 803569711F5976AD4A1469A091617946, 9FCFAE663992126B43EF9C729172A27D0B10CA758251D687430361D3A08BB4E2 ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
13:39:21.0762 0x5d3c  DragonUpdater - ok
13:39:21.0809 0x5d3c  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:39:21.0981 0x5d3c  drmkaud - ok
13:39:22.0028 0x5d3c  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
13:39:22.0199 0x5d3c  DsmSvc - ok
13:39:22.0293 0x5d3c  [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:39:22.0403 0x5d3c  DXGKrnl - ok
13:39:22.0449 0x5d3c  [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
13:39:22.0590 0x5d3c  e1iexpress - ok
13:39:22.0637 0x5d3c  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
13:39:22.0746 0x5d3c  Eaphost - ok
13:39:22.0903 0x5d3c  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\windows\system32\drivers\evbda.sys
13:39:23.0106 0x5d3c  ebdrv - ok
13:39:23.0153 0x5d3c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\windows\System32\lsass.exe
13:39:23.0246 0x5d3c  EFS - ok
13:39:23.0278 0x5d3c  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
13:39:23.0356 0x5d3c  EhStorClass - ok
13:39:23.0387 0x5d3c  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
13:39:23.0465 0x5d3c  EhStorTcgDrv - ok
13:39:23.0512 0x5d3c  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
13:39:23.0590 0x5d3c  ErrDev - ok
13:39:23.0676 0x5d3c  [ 8594436F43F31275A33C9D30B0816785, 4EEE9C1A0E869C0D6EE943BB408801A266F47E5F106B8D1E2C434ABE08AFD9AB ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
13:39:23.0751 0x5d3c  ESProtectionDriver - ok
13:39:23.0834 0x5d3c  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
13:39:23.0928 0x5d3c  EventSystem - ok
13:39:24.0084 0x5d3c  [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:39:24.0146 0x5d3c  EvtEng - ok
13:39:24.0193 0x5d3c  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
13:39:24.0303 0x5d3c  exfat - ok
13:39:24.0349 0x5d3c  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:39:24.0443 0x5d3c  fastfat - ok
13:39:24.0553 0x5d3c  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
13:39:24.0724 0x5d3c  Fax - ok
13:39:24.0787 0x5d3c  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
13:39:24.0849 0x5d3c  fdc - ok
13:39:24.0881 0x5d3c  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
13:39:24.0943 0x5d3c  fdPHost - ok
13:39:24.0974 0x5d3c  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
13:39:25.0053 0x5d3c  FDResPub - ok
13:39:25.0084 0x5d3c  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
13:39:25.0178 0x5d3c  fhsvc - ok
13:39:25.0224 0x5d3c  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:39:25.0318 0x5d3c  FileInfo - ok
13:39:25.0350 0x5d3c  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:39:25.0443 0x5d3c  Filetrace - ok
13:39:25.0475 0x5d3c  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
13:39:25.0537 0x5d3c  flpydisk - ok
13:39:25.0553 0x5d3c  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:39:25.0615 0x5d3c  FltMgr - ok
13:39:25.0693 0x5d3c  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\windows\system32\FntCache.dll
13:39:25.0881 0x5d3c  FontCache - ok
13:39:25.0975 0x5d3c  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:39:26.0037 0x5d3c  FontCache3.0.0.0 - ok
13:39:26.0084 0x5d3c  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:39:26.0146 0x5d3c  FsDepends - ok
13:39:26.0178 0x5d3c  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:39:26.0615 0x5d3c  Fs_Rec - ok
13:39:26.0678 0x5d3c  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:39:26.0740 0x5d3c  fvevol - ok
13:39:26.0756 0x5d3c  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
13:39:26.0818 0x5d3c  FxPPM - ok
13:39:26.0834 0x5d3c  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
13:39:26.0912 0x5d3c  gagp30kx - ok
13:39:26.0959 0x5d3c  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
13:39:27.0021 0x5d3c  gencounter - ok
13:39:27.0053 0x5d3c  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
13:39:27.0100 0x5d3c  GPIOClx0101 - ok
13:39:27.0193 0x5d3c  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
13:39:27.0334 0x5d3c  gpsvc - ok
13:39:27.0396 0x5d3c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:39:27.0443 0x5d3c  gupdate - ok
13:39:27.0459 0x5d3c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:39:27.0490 0x5d3c  gupdatem - ok
13:39:27.0537 0x5d3c  [ 408B664926675C270D911160F1631D6B, 6BF7E613B708E2E81916DE6C83256F969797B9D039C16A20003541D698055BC7 ] gzflt           C:\windows\system32\DRIVERS\gzflt.sys
13:39:27.0584 0x5d3c  gzflt - ok
13:39:27.0646 0x5d3c  [ B5CBEB9EB25A8230463037A647BC1469, 03643B05F9309ED4EF415CB6455D8B1FC39707745982C31AF0A42398C5A30B52 ] gzserv          C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
13:39:27.0678 0x5d3c  gzserv - ok
13:39:27.0740 0x5d3c  [ BDDBCFF870442B3C24C158CD53079132, 62314C296ACF1EF9EB38FB70B66B57D1BB9917C8536B39892272D172BC58A5C3 ] hcmon           C:\windows\system32\drivers\hcmon.sys
13:39:27.0818 0x5d3c  hcmon - ok
13:39:27.0865 0x5d3c  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:39:27.0943 0x5d3c  HdAudAddService - ok
13:39:27.0990 0x5d3c  [ 3865C4E388B31940C8BB9F73D9738E93, F078BD558291D54BDB2B26E158C68845E8DA76C5DB773449E92677517F9A120B ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
13:39:28.0131 0x5d3c  HDAudBus - ok
13:39:28.0193 0x5d3c  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
13:39:28.0303 0x5d3c  HidBatt - ok
13:39:28.0365 0x5d3c  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\windows\System32\drivers\hidbth.sys
13:39:28.0475 0x5d3c  HidBth - ok
13:39:28.0506 0x5d3c  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
13:39:28.0693 0x5d3c  hidi2c - ok
13:39:28.0740 0x5d3c  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
13:39:28.0881 0x5d3c  HidIr - ok
13:39:28.0912 0x5d3c  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\system32\hidserv.dll
13:39:29.0053 0x5d3c  hidserv - ok
13:39:29.0115 0x5d3c  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
13:39:29.0225 0x5d3c  HidUsb - ok
13:39:29.0272 0x5d3c  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:39:29.0381 0x5d3c  hkmsvc - ok
13:39:29.0412 0x5d3c  [ CF07C0A9D38A248D036DD9C47E4D0D6E, 6952DA6466DAE2E378F92934E1925887DD122A511BC5D6A0EF2194108E320126 ] hmpalert        C:\windows\system32\drivers\hmpalert.sys
13:39:29.0459 0x5d3c  hmpalert - ok
13:39:29.0568 0x5d3c  [ 2638395F6E61889D75C363A80A0E17F4, D61FD993DA6605F32E6CDAC889285EB67F1A112BB9A294838BB90FCBF5FA11C1 ] hmpalertsvc     C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
13:39:29.0678 0x5d3c  hmpalertsvc - ok
13:39:29.0709 0x5d3c  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:39:29.0818 0x5d3c  HomeGroupListener - ok
13:39:29.0881 0x5d3c  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:39:30.0006 0x5d3c  HomeGroupProvider - ok
13:39:30.0053 0x5d3c  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:39:30.0147 0x5d3c  HpSAMD - ok
13:39:30.0225 0x5d3c  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:39:30.0350 0x5d3c  HTTP - ok
13:39:30.0381 0x5d3c  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:39:30.0444 0x5d3c  hwpolicy - ok
13:39:30.0475 0x5d3c  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
13:39:30.0553 0x5d3c  hyperkbd - ok
13:39:30.0569 0x5d3c  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
13:39:30.0662 0x5d3c  HyperVideo - ok
13:39:30.0678 0x5d3c  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
13:39:30.0834 0x5d3c  i8042prt - ok
13:39:30.0944 0x5d3c  [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
13:39:31.0022 0x5d3c  iaStorA - ok
13:39:31.0069 0x5d3c  [ D5854F77CEEAFC5A8405F8ECCBEC09DF, 06D94EAF55787F807FB40E95011E90B0A719AC1A1529C2C110C1EABC5BE02C5B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:39:31.0115 0x5d3c  IAStorDataMgrSvc - ok
13:39:31.0162 0x5d3c  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:39:31.0256 0x5d3c  iaStorV - ok
13:39:31.0303 0x5d3c  [ 7274E304EACD1FE0A4F5047CE6B4DC61, 2FD0FBE52359080DCA9D7F94177680A304B0C5E0B701AD3F9E6F09E8E5D5D7D7 ] ibtfltcoex      C:\windows\system32\DRIVERS\iBtFltCoex.sys
13:39:31.0397 0x5d3c  ibtfltcoex - ok
13:39:31.0475 0x5d3c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
13:39:31.0522 0x5d3c  ICCS - ok
13:39:31.0678 0x5d3c  [ C2842ECA72FD97243DF41BDB42ADA7F7, FF4CC7A22FB020CB54FE9606CF04589F8D3B50ADF00A0D78D71DC704B32009D7 ] IceDragonUpdater C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
13:39:31.0819 0x5d3c  IceDragonUpdater - ok
13:39:32.0053 0x5d3c  [ 0245CD3AE14CACF6E2503C42019431D7, 87D2E1ACD3CC0B1C3F713EB5E0C6C510B386EC142AC7554B2043396305626C96 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
13:39:32.0381 0x5d3c  igfx - ok
13:39:32.0428 0x5d3c  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
13:39:32.0490 0x5d3c  iirsp - ok
13:39:32.0569 0x5d3c  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\windows\System32\ikeext.dll
13:39:32.0756 0x5d3c  IKEEXT - ok
13:39:32.0803 0x5d3c  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA, 46D1DC6A44E20339AD9195EE7CC719DC9BC99C78F8C74E730B671F0D78B9C683 ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
13:39:32.0850 0x5d3c  intaud_WaveExtensible - ok
13:39:32.0912 0x5d3c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
13:39:33.0084 0x5d3c  IntcDAud - ok
13:39:33.0178 0x5d3c  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:39:33.0241 0x5d3c  Intel® Capability Licensing Service Interface - ok
13:39:33.0303 0x5d3c  [ 5175C772BCD11C9B0471D30535F15F60, 1F3740ECE66A3F849445DE3A15648BCCC8CB349300C449F107FC762D2B792F0B ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
13:39:33.0366 0x5d3c  Intel® ME Service - ok
13:39:33.0444 0x5d3c  [ A7A4527CF1826767689FF06419440BDC, E7C71490C3EA65C5ED8D21290DF12CED346D41E910C0963DAE5308652B7D9414 ] Intel® Wireless Bluetooth® 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
13:39:33.0491 0x5d3c  Intel® Wireless Bluetooth® 4.0 Radio Management - ok
13:39:33.0553 0x5d3c  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
13:39:33.0631 0x5d3c  intelide - ok
13:39:33.0678 0x5d3c  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\windows\System32\drivers\intelppm.sys
13:39:33.0756 0x5d3c  intelppm - ok
13:39:33.0881 0x5d3c  [ A8DD685A6AFB748C9F487A139C9C367B, A92D2736C8CD99195A1EF4D0D9A3412BEE481ACF585944E3B5946B465361A3E7 ] IObitUnlocker   C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys
13:39:33.0944 0x5d3c  IObitUnlocker - ok
13:39:33.0975 0x5d3c  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:39:34.0053 0x5d3c  IpFilterDriver - ok
13:39:34.0131 0x5d3c  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:39:34.0241 0x5d3c  iphlpsvc - ok
13:39:34.0287 0x5d3c  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
13:39:34.0412 0x5d3c  IPMIDRV - ok
13:39:34.0459 0x5d3c  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:39:34.0569 0x5d3c  IPNAT - ok
13:39:34.0662 0x5d3c  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:39:34.0772 0x5d3c  IRENUM - ok
13:39:34.0803 0x5d3c  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:39:34.0850 0x5d3c  isapnp - ok
13:39:34.0897 0x5d3c  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
13:39:34.0944 0x5d3c  iScsiPrt - ok
13:39:35.0022 0x5d3c  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
13:39:35.0100 0x5d3c  iumsvc - ok
13:39:35.0147 0x5d3c  [ C59B9CE2855E667809F9E63C20FC44A5, 36C71CDAB84296E408F29588E1993B6E2016841435C6F2CABBB716A2E2947BA8 ] iwdbus          C:\windows\System32\drivers\iwdbus.sys
13:39:35.0178 0x5d3c  iwdbus - ok
13:39:35.0256 0x5d3c  [ B2AAF45E83CAFA49A34EB2F2D6D7609C, 1AE9FEE38D295F485165F2BA53F2D7CED5D9845D98F9EAC23ABF2244D3CB1D96 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
13:39:35.0334 0x5d3c  jhi_service - ok
13:39:35.0381 0x5d3c  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
13:39:35.0459 0x5d3c  kbdclass - ok
13:39:35.0506 0x5d3c  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
13:39:35.0569 0x5d3c  kbdhid - ok
13:39:35.0584 0x5d3c  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
13:39:35.0694 0x5d3c  kdnic - ok
13:39:35.0741 0x5d3c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\windows\system32\lsass.exe
13:39:35.0788 0x5d3c  KeyIso - ok
13:39:35.0850 0x5d3c  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:39:35.0913 0x5d3c  KSecDD - ok
13:39:35.0959 0x5d3c  [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:39:36.0006 0x5d3c  KSecPkg - ok
13:39:36.0053 0x5d3c  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
13:39:36.0178 0x5d3c  ksthunk - ok
13:39:36.0272 0x5d3c  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
13:39:36.0381 0x5d3c  KtmRm - ok
13:39:36.0459 0x5d3c  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\windows\system32\srvsvc.dll
13:39:36.0553 0x5d3c  LanmanServer - ok
13:39:36.0600 0x5d3c  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:39:36.0678 0x5d3c  LanmanWorkstation - ok
13:39:36.0756 0x5d3c  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\windows\system32\DRIVERS\LhdX64.sys
13:39:36.0788 0x5d3c  LHDmgr - ok
13:39:36.0928 0x5d3c  [ 9221BD3515C49AED30FA88152BFD7168, CD23280C8A1AE00EEEBFC74D403EDE0BF6CB03DDDC3CB971338A7C9FB76CD7F3 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
13:39:37.0053 0x5d3c  LiveUpdateSvc - ok
13:39:37.0084 0x5d3c  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:39:37.0147 0x5d3c  lltdio - ok
13:39:37.0209 0x5d3c  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:39:37.0335 0x5d3c  lltdsvc - ok
13:39:37.0366 0x5d3c  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
13:39:37.0506 0x5d3c  lmhosts - ok
13:39:37.0585 0x5d3c  [ 9CA9CB0E115418F90FFC67973462280A, E3B25C360A9F5A614206B6AD07E67B2AF71D667E3CDC56BAC11F4C5AD0BACAA6 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:39:37.0678 0x5d3c  LMS - ok
13:39:37.0741 0x5d3c  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:39:37.0819 0x5d3c  LSI_SAS - ok
13:39:37.0835 0x5d3c  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
13:39:37.0928 0x5d3c  LSI_SAS2 - ok
13:39:37.0991 0x5d3c  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
13:39:38.0038 0x5d3c  LSI_SCSI - ok
13:39:38.0069 0x5d3c  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
13:39:38.0131 0x5d3c  LSI_SSS - ok
13:39:38.0210 0x5d3c  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\windows\System32\lsm.dll
13:39:38.0350 0x5d3c  LSM - ok
13:39:38.0381 0x5d3c  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
13:39:38.0444 0x5d3c  luafv - ok
13:39:38.0460 0x5d3c  maagqb - ok
13:39:38.0538 0x5d3c  [ EDC302970439C91203FB3387E4F7C121, 2480374888E246FD7FAB771E9EBA44D8E3DF6656DF6D243C5A7536041C3C4399 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
13:39:38.0600 0x5d3c  MbaeSvc - ok
13:39:38.0663 0x5d3c  [ 1A243DAD23BB639D47F25AB9EC51FCAD, 596A9676F38730B520F36BDA964C555F31FD9CD1A45CD5280A534C6336E344AF ] mbamchameleon   C:\windows\system32\drivers\mbamchameleon.sys
13:39:38.0710 0x5d3c  mbamchameleon - ok
13:39:38.0772 0x5d3c  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
13:39:38.0866 0x5d3c  megasas - ok
13:39:38.0928 0x5d3c  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
13:39:39.0022 0x5d3c  MegaSR - ok
13:39:39.0069 0x5d3c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
13:39:39.0131 0x5d3c  MEIx64 - ok
13:39:39.0210 0x5d3c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\windows\system32\mmcss.dll
13:39:39.0303 0x5d3c  MMCSS - ok
13:39:39.0335 0x5d3c  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
13:39:39.0460 0x5d3c  Modem - ok
13:39:39.0538 0x5d3c  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
13:39:39.0647 0x5d3c  monitor - ok
13:39:39.0710 0x5d3c  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
13:39:39.0788 0x5d3c  mouclass - ok
13:39:39.0835 0x5d3c  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
13:39:39.0913 0x5d3c  mouhid - ok
13:39:39.0944 0x5d3c  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:39:40.0022 0x5d3c  mountmgr - ok
13:39:40.0085 0x5d3c  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:39:40.0163 0x5d3c  MozillaMaintenance - ok
13:39:40.0210 0x5d3c  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:39:40.0335 0x5d3c  mpsdrv - ok
13:39:40.0382 0x5d3c  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:39:40.0491 0x5d3c  MpsSvc - ok
13:39:40.0553 0x5d3c  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:39:40.0678 0x5d3c  MRxDAV - ok
13:39:40.0725 0x5d3c  [ 7A761AEE58658378BBA45D360F874CB0, 31972E63D93E07D92EF69571B7ED1E69B1358DCA5BEED62A9372F6411B4DFDB3 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:39:40.0897 0x5d3c  mrxsmb - ok
13:39:40.0975 0x5d3c  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:39:41.0100 0x5d3c  mrxsmb10 - ok
13:39:41.0163 0x5d3c  [ 697B78CE3925E4FBFC544232A5E9E2EB, 2D03425513572F6098BAAF82C0EDB49EBAB88438971D349CA1917DA0BDB76334 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:39:41.0225 0x5d3c  mrxsmb20 - ok
13:39:41.0272 0x5d3c  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
13:39:41.0350 0x5d3c  MsBridge - ok
13:39:41.0397 0x5d3c  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
13:39:41.0538 0x5d3c  MSDTC - ok
13:39:41.0647 0x5d3c  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:39:41.0757 0x5d3c  Msfs - ok
13:39:41.0819 0x5d3c  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
13:39:41.0882 0x5d3c  msgpiowin32 - ok
13:39:41.0928 0x5d3c  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:39:42.0007 0x5d3c  mshidkmdf - ok
13:39:42.0038 0x5d3c  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
13:39:42.0085 0x5d3c  mshidumdf - ok
13:39:42.0132 0x5d3c  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:39:42.0210 0x5d3c  msisadrv - ok
13:39:42.0304 0x5d3c  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:39:42.0397 0x5d3c  MSiSCSI - ok
13:39:42.0413 0x5d3c  msiserver - ok
13:39:42.0460 0x5d3c  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:39:42.0538 0x5d3c  MSKSSRV - ok
13:39:42.0585 0x5d3c  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
13:39:42.0663 0x5d3c  MsLldp - ok
13:39:42.0710 0x5d3c  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:39:42.0819 0x5d3c  MSPCLOCK - ok
13:39:42.0866 0x5d3c  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:39:42.0944 0x5d3c  MSPQM - ok
13:39:42.0991 0x5d3c  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:39:43.0054 0x5d3c  MsRPC - ok
13:39:43.0116 0x5d3c  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
13:39:43.0179 0x5d3c  mssmbios - ok
13:39:43.0210 0x5d3c  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:39:43.0257 0x5d3c  MSTEE - ok
13:39:43.0304 0x5d3c  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
13:39:43.0366 0x5d3c  MTConfig - ok
13:39:43.0382 0x5d3c  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
13:39:43.0429 0x5d3c  Mup - ok
13:39:43.0475 0x5d3c  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
13:39:43.0554 0x5d3c  mvumis - ok
13:39:43.0632 0x5d3c  [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:39:43.0679 0x5d3c  MyWiFiDHCPDNS - ok
13:39:43.0775 0x5d3c  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
13:39:43.0899 0x5d3c  napagent - ok
13:39:43.0946 0x5d3c  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:39:44.0040 0x5d3c  NativeWifiP - ok
13:39:44.0102 0x5d3c  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
13:39:44.0227 0x5d3c  NcaSvc - ok
13:39:44.0274 0x5d3c  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
13:39:44.0399 0x5d3c  NcdAutoSetup - ok
13:39:44.0493 0x5d3c  [ BD16B83B1E22495DFD30713ECAC1FC04, 590FBE391011DA1266F7B3AB2F2E10DBF15A427301737E790859AA394ECEF569 ] NCO             C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe
13:39:44.0556 0x5d3c  NCO - ok
13:39:44.0649 0x5d3c  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\windows\system32\drivers\ndis.sys
13:39:44.0728 0x5d3c  NDIS - ok
13:39:44.0790 0x5d3c  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:39:44.0868 0x5d3c  NdisCap - ok
13:39:44.0915 0x5d3c  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
13:39:45.0087 0x5d3c  NdisImPlatform - ok
13:39:45.0134 0x5d3c  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:39:45.0243 0x5d3c  NdisTapi - ok
13:39:45.0306 0x5d3c  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:39:45.0384 0x5d3c  Ndisuio - ok
13:39:45.0431 0x5d3c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:39:45.0524 0x5d3c  NdisWan - ok
13:39:45.0556 0x5d3c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
13:39:45.0603 0x5d3c  NDISWANLEGACY - ok
13:39:45.0665 0x5d3c  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:39:45.0759 0x5d3c  NDProxy - ok
13:39:45.0806 0x5d3c  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
13:39:45.0884 0x5d3c  Ndu - ok
13:39:45.0899 0x5d3c  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:39:45.0978 0x5d3c  NetBIOS - ok
13:39:46.0040 0x5d3c  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:39:46.0134 0x5d3c  NetBT - ok
13:39:46.0181 0x5d3c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\windows\system32\lsass.exe
13:39:46.0243 0x5d3c  Netlogon - ok
13:39:46.0321 0x5d3c  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
13:39:46.0446 0x5d3c  Netman - ok
13:39:46.0540 0x5d3c  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\windows\System32\netprofmsvc.dll
13:39:46.0649 0x5d3c  netprofm - ok
13:39:46.0759 0x5d3c  [ 9F929E74A8FB21B2B44B41C115F10B39, F7E0817690F06BFCC78ADC23BC3FE019DA3A54CDB8D23A586683153C1BA77BBB ] netr28ux        C:\windows\system32\DRIVERS\netr28ux.sys
13:39:47.0009 0x5d3c  netr28ux - ok
13:39:47.0118 0x5d3c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:39:47.0353 0x5d3c  NetTcpPortSharing - ok
13:39:47.0556 0x5d3c  [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64        C:\windows\system32\DRIVERS\NETwew00.sys
13:39:47.0728 0x5d3c  NETwNe64 - ok
13:39:48.0087 0x5d3c  [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64        C:\windows\system32\DRIVERS\NETwNs64.sys
13:39:48.0603 0x5d3c  NETwNs64 - ok
13:39:48.0665 0x5d3c  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
13:39:48.0790 0x5d3c  nfrd960 - ok
13:39:48.0853 0x5d3c  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:39:48.0978 0x5d3c  NlaSvc - ok
13:39:49.0040 0x5d3c  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:39:49.0181 0x5d3c  Npfs - ok
13:39:49.0259 0x5d3c  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
13:39:49.0368 0x5d3c  npsvctrig - ok
13:39:49.0447 0x5d3c  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
13:39:49.0556 0x5d3c  nsi - ok
13:39:49.0618 0x5d3c  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:39:49.0728 0x5d3c  nsiproxy - ok
13:39:49.0915 0x5d3c  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:39:50.0056 0x5d3c  Ntfs - ok
13:39:50.0087 0x5d3c  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
13:39:50.0165 0x5d3c  Null - ok
13:39:50.0618 0x5d3c  [ D2295591573059CE4B7E4102A3A54B9F, B9B3C8D4ADBD95087AE9794CB2E6B766D66F60F1071573140962B51E656F1938 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
13:39:51.0087 0x5d3c  nvlddmkm - ok
13:39:51.0134 0x5d3c  [ 195BEF5860E2C60883E9D77CCF620994, 63E3687B884B6A51030387E608E2015DE608F172878774CB6B73906B37C0C54A ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys
13:39:51.0212 0x5d3c  nvpciflt - ok
13:39:51.0306 0x5d3c  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:39:51.0478 0x5d3c  nvraid - ok
13:39:51.0540 0x5d3c  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:39:51.0650 0x5d3c  nvstor - ok
13:39:51.0759 0x5d3c  [ B77339C57E5674CEC85C322707C7FCBD, C5924E26F9FF91A8C142D522F22A8F7D842C9B100B9735DF414851D8A3B20E47 ] nvsvc           C:\windows\system32\nvvsvc.exe
13:39:51.0837 0x5d3c  nvsvc - ok
13:39:51.0978 0x5d3c  [ B1DCC4FF1A8959F33411CE8277F0A8EE, 8374E1E806C2F6C89301B91DBE8E80B6EB50E4BCF2F724C30EF1B0828F746B4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:39:52.0119 0x5d3c  nvUpdatusService - ok
13:39:52.0181 0x5d3c  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:39:52.0322 0x5d3c  nv_agp - ok
13:39:52.0400 0x5d3c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:39:52.0603 0x5d3c  p2pimsvc - ok
13:39:52.0681 0x5d3c  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
13:39:52.0822 0x5d3c  p2psvc - ok
13:39:52.0884 0x5d3c  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
13:39:52.0978 0x5d3c  Parport - ok
13:39:53.0025 0x5d3c  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:39:53.0072 0x5d3c  partmgr - ok
13:39:53.0134 0x5d3c  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:39:53.0259 0x5d3c  PcaSvc - ok
13:39:53.0337 0x5d3c  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
13:39:53.0462 0x5d3c  pci - ok
13:39:53.0509 0x5d3c  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
13:39:53.0634 0x5d3c  pciide - ok
13:39:53.0697 0x5d3c  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:39:53.0775 0x5d3c  pcmcia - ok
13:39:53.0822 0x5d3c  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
13:39:53.0915 0x5d3c  pcw - ok
13:39:53.0994 0x5d3c  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
13:39:54.0056 0x5d3c  pdc - ok
13:39:54.0134 0x5d3c  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:39:54.0275 0x5d3c  PEAUTH - ok
13:39:54.0416 0x5d3c  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:39:55.0056 0x5d3c  PerfHost - ok
13:39:55.0275 0x5d3c  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
13:39:55.0478 0x5d3c  pla - ok
13:39:55.0541 0x5d3c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:39:55.0603 0x5d3c  PlugPlay - ok
13:39:55.0650 0x5d3c  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:39:55.0728 0x5d3c  PNRPAutoReg - ok
13:39:55.0775 0x5d3c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:39:55.0837 0x5d3c  PNRPsvc - ok
13:39:55.0916 0x5d3c  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:39:56.0025 0x5d3c  PolicyAgent - ok
13:39:56.0103 0x5d3c  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\windows\system32\umpo.dll
13:39:56.0275 0x5d3c  Power - ok
13:39:56.0337 0x5d3c  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:39:56.0416 0x5d3c  PptpMiniport - ok
13:39:56.0603 0x5d3c  [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:39:56.0838 0x5d3c  PrintNotify - ok
13:39:56.0931 0x5d3c  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\windows\System32\drivers\processr.sys
13:39:57.0025 0x5d3c  Processor - ok
13:39:57.0088 0x5d3c  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\windows\system32\profsvc.dll
13:39:57.0181 0x5d3c  ProfSvc - ok
13:39:57.0228 0x5d3c  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:39:57.0338 0x5d3c  Psched - ok
13:39:57.0384 0x5d3c  [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD          C:\windows\system32\DRIVERS\PSKMAD.sys
13:39:57.0447 0x5d3c  PSKMAD - ok
13:39:57.0509 0x5d3c  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
13:39:57.0697 0x5d3c  QWAVE - ok
13:39:57.0759 0x5d3c  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:39:57.0900 0x5d3c  QWAVEdrv - ok
13:39:57.0963 0x5d3c  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:39:58.0088 0x5d3c  RasAcd - ok
13:39:58.0150 0x5d3c  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:39:58.0259 0x5d3c  RasAgileVpn - ok
13:39:58.0338 0x5d3c  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
13:39:58.0478 0x5d3c  RasAuto - ok
13:39:58.0556 0x5d3c  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:39:58.0650 0x5d3c  Rasl2tp - ok
13:39:58.0713 0x5d3c  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
13:39:58.0853 0x5d3c  RasMan - ok
13:39:58.0900 0x5d3c  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:39:58.0994 0x5d3c  RasPppoe - ok
13:39:59.0041 0x5d3c  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:39:59.0119 0x5d3c  RasSstp - ok
13:39:59.0197 0x5d3c  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:39:59.0322 0x5d3c  rdbss - ok
13:39:59.0416 0x5d3c  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
13:39:59.0541 0x5d3c  rdpbus - ok
13:39:59.0603 0x5d3c  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
13:39:59.0775 0x5d3c  RDPDR - ok
13:39:59.0900 0x5d3c  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
13:39:59.0963 0x5d3c  RdpVideoMiniport - ok
13:40:00.0025 0x5d3c  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:40:00.0150 0x5d3c  RDPWD - ok
13:40:00.0213 0x5d3c  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:40:00.0291 0x5d3c  rdyboost - ok
13:40:00.0416 0x5d3c  [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:40:00.0463 0x5d3c  RegSrvc - ok
13:40:00.0525 0x5d3c  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:40:00.0681 0x5d3c  RemoteAccess - ok
13:40:00.0775 0x5d3c  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:40:00.0916 0x5d3c  RemoteRegistry - ok
13:40:00.0994 0x5d3c  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
13:40:01.0056 0x5d3c  RFCOMM - ok
13:40:01.0103 0x5d3c  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:40:01.0244 0x5d3c  RpcEptMapper - ok
13:40:01.0306 0x5d3c  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
13:40:01.0416 0x5d3c  RpcLocator - ok
13:40:01.0510 0x5d3c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
13:40:01.0603 0x5d3c  RpcSs - ok
13:40:01.0666 0x5d3c  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:40:01.0760 0x5d3c  rspndr - ok
13:40:01.0822 0x5d3c  [ C4BE01C55656888152F57CC7E35A2BE6, 4404B6AC0DDBA06FA57EE6B900E0CD854CFACE555F56331E9EC74A5D7F683E1B ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
13:40:01.0900 0x5d3c  RTL8168 - ok
13:40:01.0963 0x5d3c  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
13:40:02.0041 0x5d3c  s3cap - ok
13:40:02.0088 0x5d3c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\windows\system32\lsass.exe
13:40:02.0135 0x5d3c  SamSs - ok
13:40:02.0244 0x5d3c  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:40:02.0322 0x5d3c  sbp2port - ok
13:40:02.0400 0x5d3c  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:40:02.0494 0x5d3c  SCardSvr - ok
13:40:02.0557 0x5d3c  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:40:02.0666 0x5d3c  scfilter - ok
13:40:02.0807 0x5d3c  [ 03F58B3FA4B5329F21F770B1EF8D984A, 32976E64E4960E5996E3CA2F8BA9374E01201C461DE52AF0FA14BA75C784AC25 ] Schedule        C:\windows\system32\schedsvc.dll
13:40:03.0010 0x5d3c  Schedule - ok
13:40:03.0072 0x5d3c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
13:40:03.0135 0x5d3c  SCPolicySvc - ok
13:40:03.0197 0x5d3c  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\windows\System32\drivers\sdbus.sys
13:40:03.0275 0x5d3c  sdbus - ok
13:40:03.0369 0x5d3c  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:40:03.0525 0x5d3c  SDRSVC - ok
13:40:03.0603 0x5d3c  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\windows\System32\drivers\sdstor.sys
13:40:03.0682 0x5d3c  sdstor - ok
13:40:03.0747 0x5d3c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:40:03.0863 0x5d3c  secdrv - ok
13:40:03.0944 0x5d3c  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
13:40:04.0038 0x5d3c  seclogon - ok
13:40:04.0085 0x5d3c  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\System32\sens.dll
13:40:04.0241 0x5d3c  SENS - ok
13:40:04.0304 0x5d3c  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:40:04.0475 0x5d3c  SensrSvc - ok
13:40:04.0554 0x5d3c  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
13:40:04.0647 0x5d3c  SerCx - ok
13:40:04.0710 0x5d3c  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
13:40:04.0804 0x5d3c  Serenum - ok
13:40:04.0850 0x5d3c  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
13:40:04.0991 0x5d3c  Serial - ok
13:40:05.0054 0x5d3c  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
13:40:05.0163 0x5d3c  sermouse - ok
13:40:05.0350 0x5d3c  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
13:40:05.0491 0x5d3c  SessionEnv - ok
13:40:05.0554 0x5d3c  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
13:40:05.0632 0x5d3c  sfloppy - ok
13:40:05.0725 0x5d3c  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:40:05.0835 0x5d3c  SharedAccess - ok
13:40:05.0913 0x5d3c  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:40:06.0132 0x5d3c  ShellHWDetection - ok
13:40:06.0194 0x5d3c  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:40:06.0304 0x5d3c  SiSRaid2 - ok
13:40:06.0397 0x5d3c  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:40:06.0569 0x5d3c  SiSRaid4 - ok
13:40:06.0710 0x5d3c  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:40:06.0788 0x5d3c  SkypeUpdate - ok
13:40:06.0929 0x5d3c  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:40:07.0022 0x5d3c  SNMPTRAP - ok
13:40:07.0179 0x5d3c  [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
13:40:07.0257 0x5d3c  Sony PC Companion - ok
13:40:07.0366 0x5d3c  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\windows\system32\drivers\spaceport.sys
13:40:07.0429 0x5d3c  spaceport - ok
13:40:07.0491 0x5d3c  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
13:40:07.0601 0x5d3c  SpbCx - ok
13:40:07.0710 0x5d3c  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
13:40:07.0913 0x5d3c  Spooler - ok
13:40:08.0179 0x5d3c  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\windows\system32\sppsvc.exe
13:40:08.0507 0x5d3c  sppsvc - ok
13:40:08.0569 0x5d3c  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
13:40:08.0694 0x5d3c  srv - ok
13:40:08.0788 0x5d3c  [ 8504ADDE9C146C6295B16D13A0007560, 715E3752AE4A276FA8DAFA3B52B699C45D97E747CB25FE4AE307241D206319B7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:40:08.0897 0x5d3c  srv2 - ok
13:40:09.0007 0x5d3c  [ BB0F9E19C5CE4DC765B263E2A5561DE1, F7DBC96E049625E4312D8F588FCF2B4AC6318C04D04758982FE9B51DABEC2DAE ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:40:09.0116 0x5d3c  srvnet - ok
13:40:09.0179 0x5d3c  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:40:09.0319 0x5d3c  SSDPSRV - ok
13:40:09.0382 0x5d3c  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:40:09.0523 0x5d3c  SstpSvc - ok
13:40:09.0648 0x5d3c  [ 02A660D3AF9056EB49674323253B1F6B, 5EF09BEB685FBFE31CBA3EF3C8F01FBC237D2EE01D2C552BD9D5B0258A0C5589 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
13:40:09.0694 0x5d3c  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
13:40:12.0320 0x5d3c  Detect skipped due to KSN trusted
13:40:12.0320 0x5d3c  STacSV - ok
13:40:12.0460 0x5d3c  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:40:12.0538 0x5d3c  stexstor - ok
13:40:12.0616 0x5d3c  [ 6841C97882D372C4ACEA62D419ECCCA1, 85690DD262FFCD733B7E442C1DCF84702AE6029A9F5CA1FCA82A6BE7FF4C5FDE ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
13:40:12.0710 0x5d3c  STHDA - ok
13:40:12.0820 0x5d3c  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
13:40:12.0976 0x5d3c  stisvc - ok
13:40:13.0070 0x5d3c  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
13:40:13.0163 0x5d3c  storahci - ok
13:40:13.0226 0x5d3c  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
13:40:13.0320 0x5d3c  storflt - ok
13:40:13.0413 0x5d3c  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
13:40:13.0632 0x5d3c  StorSvc - ok
13:40:13.0726 0x5d3c  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
13:40:13.0788 0x5d3c  storvsc - ok
13:40:13.0851 0x5d3c  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
13:40:13.0992 0x5d3c  svsvc - ok
13:40:14.0054 0x5d3c  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
13:40:14.0163 0x5d3c  swenum - ok
13:40:14.0242 0x5d3c  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
13:40:14.0351 0x5d3c  swprv - ok
13:40:14.0476 0x5d3c  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\windows\system32\sysmain.dll
13:40:14.0648 0x5d3c  SysMain - ok
13:40:14.0757 0x5d3c  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
13:40:14.0835 0x5d3c  SystemEventsBroker - ok
13:40:14.0898 0x5d3c  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
13:40:15.0070 0x5d3c  TabletInputService - ok
13:40:15.0148 0x5d3c  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
13:40:15.0288 0x5d3c  TapiSrv - ok
13:40:15.0429 0x5d3c  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:40:15.0585 0x5d3c  Tcpip - ok
13:40:15.0695 0x5d3c  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:40:15.0804 0x5d3c  TCPIP6 - ok
13:40:15.0913 0x5d3c  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:40:16.0039 0x5d3c  tcpipreg - ok
13:40:16.0148 0x5d3c  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:40:16.0242 0x5d3c  tdx - ok
13:40:16.0585 0x5d3c  [ 3438EFDC30F7A41D3598ED60BBF6CF2A, 342B8E78DF6B4BA641C5CCB5B1343B363B770681F0794A809728789E3BE56E46 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
13:40:16.0898 0x5d3c  TeamViewer9 - ok
13:40:16.0976 0x5d3c  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\windows\system32\DRIVERS\teamviewervpn.sys
13:40:17.0007 0x5d3c  teamviewervpn - ok
13:40:17.0054 0x5d3c  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
13:40:17.0179 0x5d3c  terminpt - ok
13:40:17.0335 0x5d3c  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\windows\System32\termsrv.dll
13:40:17.0523 0x5d3c  TermService - ok
13:40:17.0585 0x5d3c  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
13:40:17.0742 0x5d3c  Themes - ok
13:40:17.0820 0x5d3c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\windows\system32\mmcss.dll
13:40:17.0867 0x5d3c  THREADORDER - ok
13:40:17.0945 0x5d3c  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
13:40:18.0007 0x5d3c  TimeBroker - ok
13:40:18.0085 0x5d3c  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\windows\system32\drivers\tpm.sys
13:40:18.0132 0x5d3c  TPM - ok
13:40:18.0210 0x5d3c  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
13:40:18.0335 0x5d3c  TrkWks - ok
13:40:18.0398 0x5d3c  [ 132C0E39AF0312E6B9611E2E1B344D41, 8B26EB55C5E0721498FF28A2865697FF761D237626A920608B5A80360BBD1285 ] trufos          C:\windows\system32\DRIVERS\trufos.sys
13:40:18.0460 0x5d3c  trufos - ok
13:40:18.0585 0x5d3c  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:40:18.0742 0x5d3c  TrustedInstaller - ok
13:40:18.0851 0x5d3c  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:40:18.0992 0x5d3c  TsUsbFlt - ok
13:40:19.0054 0x5d3c  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
13:40:19.0164 0x5d3c  TsUsbGD - ok
13:40:19.0257 0x5d3c  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:40:19.0367 0x5d3c  tunnel - ok
13:40:19.0461 0x5d3c  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
13:40:19.0523 0x5d3c  uagp35 - ok
13:40:19.0586 0x5d3c  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
13:40:19.0679 0x5d3c  UASPStor - ok
13:40:19.0773 0x5d3c  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
13:40:19.0820 0x5d3c  UCX01000 - ok
13:40:19.0914 0x5d3c  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:40:20.0070 0x5d3c  udfs - ok
13:40:20.0211 0x5d3c  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:40:20.0289 0x5d3c  UI0Detect - ok
13:40:20.0351 0x5d3c  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:40:20.0445 0x5d3c  uliagpkx - ok
13:40:20.0492 0x5d3c  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
13:40:20.0601 0x5d3c  umbus - ok
13:40:20.0664 0x5d3c  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
13:40:20.0742 0x5d3c  UmPass - ok
13:40:20.0820 0x5d3c  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
13:40:20.0929 0x5d3c  UmRdpService - ok
13:40:21.0054 0x5d3c  [ AD59A8FE7484559B1F3D6E063DA7E9CF, 07CA7E1770483B9AC7EA667A3F4A1904CE1A1914B5644747B3939C08ABAF8B04 ] Unchecky        C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
13:40:21.0117 0x5d3c  Unchecky - ok
13:40:21.0258 0x5d3c  [ 6EE394F8BFDC59D51E1C347246867004, DDD2A7CF321A4EF0BA2F87EDA61E477CBC8A63D99D52CDBFA71CA28140DA780D ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:40:21.0320 0x5d3c  UNS - ok
13:40:21.0398 0x5d3c  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
13:40:21.0570 0x5d3c  upnphost - ok
13:40:21.0664 0x5d3c  [ C5C45CE1C5B3CC9D5A9826F76709D7A4, 60DD04D7898E4D3AF1565C56664952FF2AE1799AAA3991D9544DB4AFD9F2D506 ] usb3Hub         C:\windows\System32\drivers\usb3Hub.sys
13:40:21.0711 0x5d3c  usb3Hub - ok
13:40:21.0789 0x5d3c  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
13:40:21.0867 0x5d3c  usbccgp - ok
13:40:21.0929 0x5d3c  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
13:40:22.0070 0x5d3c  usbcir - ok
13:40:22.0117 0x5d3c  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
13:40:22.0195 0x5d3c  usbehci - ok
13:40:22.0273 0x5d3c  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
13:40:22.0336 0x5d3c  usbhub - ok
13:40:22.0398 0x5d3c  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
13:40:22.0476 0x5d3c  USBHUB3 - ok
13:40:22.0539 0x5d3c  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
13:40:22.0711 0x5d3c  usbohci - ok
13:40:22.0789 0x5d3c  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
13:40:22.0851 0x5d3c  usbprint - ok
13:40:22.0914 0x5d3c  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
13:40:22.0976 0x5d3c  USBSTOR - ok
13:40:23.0039 0x5d3c  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
13:40:23.0086 0x5d3c  usbuhci - ok
13:40:23.0148 0x5d3c  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
13:40:23.0304 0x5d3c  usbvideo - ok
13:40:23.0383 0x5d3c  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
13:40:23.0429 0x5d3c  USBXHCI - ok
13:40:23.0476 0x5d3c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\windows\system32\lsass.exe
13:40:23.0523 0x5d3c  VaultSvc - ok
13:40:23.0601 0x5d3c  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:40:23.0680 0x5d3c  vdrvroot - ok
13:40:23.0780 0x5d3c  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\windows\System32\vds.exe
13:40:23.0932 0x5d3c  vds - ok
13:40:23.0995 0x5d3c  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
13:40:24.0088 0x5d3c  VerifierExt - ok
13:40:24.0167 0x5d3c  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
13:40:24.0245 0x5d3c  vhdmp - ok
13:40:24.0307 0x5d3c  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
13:40:24.0370 0x5d3c  viaide - ok
13:40:24.0463 0x5d3c  [ D1ABC88F0A9A0A06658AF978B763C9EF, 92D73A12CE08B7D9DA78A089523A8A9FAC615C093074C2B9B8CCD2E3BEC8C29D ] vm331avs        C:\windows\System32\Drivers\vm331avs.sys
13:40:24.0573 0x5d3c  vm331avs - ok
13:40:24.0682 0x5d3c  [ 2562943B90AFA9829097FB4274276D1D, EE003EF7A3EC49CFEF2EED841482721D7A89368967BFC44CE8DD9D3BDAF0572F ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
13:40:24.0729 0x5d3c  VMAuthdService - ok
13:40:24.0792 0x5d3c  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
13:40:24.0885 0x5d3c  vmbus - ok
13:40:24.0948 0x5d3c  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
13:40:25.0073 0x5d3c  VMBusHID - ok
13:40:25.0167 0x5d3c  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\windows\system32\drivers\vmci.sys
13:40:25.0198 0x5d3c  vmci - ok
13:40:25.0276 0x5d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
13:40:25.0354 0x5d3c  vmicheartbeat - ok
13:40:25.0401 0x5d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
13:40:25.0463 0x5d3c  vmickvpexchange - ok
13:40:25.0510 0x5d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
13:40:25.0573 0x5d3c  vmicrdv - ok
13:40:25.0620 0x5d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
13:40:25.0682 0x5d3c  vmicshutdown - ok
13:40:25.0745 0x5d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
13:40:25.0807 0x5d3c  vmictimesync - ok
13:40:25.0854 0x5d3c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
13:40:25.0901 0x5d3c  vmicvss - ok
13:40:25.0979 0x5d3c  [ 4F19996D0765835797EC7B5F35D12240, FD4D222A373C3DF2B9FC7877C0EC050BF71A6C700FB52984E44FD25E49755A11 ] vmkbd           C:\windows\system32\drivers\VMkbd.sys
13:40:26.0026 0x5d3c  vmkbd - ok
13:40:26.0120 0x5d3c  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\windows\system32\DRIVERS\vmnetadapter.sys
13:40:26.0151 0x5d3c  VMnetAdapter - ok
13:40:26.0213 0x5d3c  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\windows\system32\DRIVERS\vmnetbridge.sys
13:40:26.0276 0x5d3c  VMnetBridge - ok
13:40:26.0323 0x5d3c  VMnetDHCP - ok
13:40:26.0385 0x5d3c  [ F550680013FEA869820CB8320FAA2352, AA98DB7E71737DD8574ADB2DD9531C1DD46BABE99F89ED87D681D6C21BFA0D1C ] VMnetuserif     C:\windows\system32\drivers\vmnetuserif.sys
13:40:26.0417 0x5d3c  VMnetuserif - ok
13:40:26.0542 0x5d3c  [ 41FAE6618768DC93D98DDAF3F8282D3E, 95995542026CC111B8FFAA01AC9E55B2F942A9108F5F00502A35339C13BBF20D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
13:40:26.0620 0x5d3c  VMUSBArbService - ok
13:40:26.0698 0x5d3c  VMware NAT Service - ok
13:40:26.0745 0x5d3c  [ 227E4EA654B4D52C2AAA8B1DCD5C45DE, 7D9A675A6481D288846D7F22AE15EC62DF31C9385C83D875586EE371CC9C3410 ] vmx86           C:\windows\system32\drivers\vmx86.sys
13:40:26.0807 0x5d3c  vmx86 - ok
13:40:26.0870 0x5d3c  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:40:26.0964 0x5d3c  volmgr - ok
13:40:27.0042 0x5d3c  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:40:27.0167 0x5d3c  volmgrx - ok
13:40:27.0260 0x5d3c  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:40:27.0323 0x5d3c  volsnap - ok
13:40:27.0385 0x5d3c  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
13:40:27.0510 0x5d3c  vpci - ok
13:40:27.0589 0x5d3c  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:40:27.0667 0x5d3c  vsmraid - ok
13:40:27.0729 0x5d3c  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\windows\system32\drivers\vsock.sys
13:40:27.0760 0x5d3c  vsock - ok
13:40:27.0901 0x5d3c  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\windows\system32\vssvc.exe
13:40:28.0042 0x5d3c  VSS - ok
13:40:28.0120 0x5d3c  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
13:40:28.0260 0x5d3c  VSTXRAID - ok
13:40:28.0339 0x5d3c  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
13:40:28.0479 0x5d3c  vwifibus - ok
13:40:28.0557 0x5d3c  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:40:28.0682 0x5d3c  vwififlt - ok
13:40:28.0776 0x5d3c  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
13:40:28.0917 0x5d3c  vwifimp - ok
13:40:29.0026 0x5d3c  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
13:40:29.0104 0x5d3c  W32Time - ok
13:40:29.0167 0x5d3c  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
13:40:29.0229 0x5d3c  WacomPen - ok
13:40:29.0323 0x5d3c  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
13:40:29.0448 0x5d3c  Wanarp - ok
13:40:29.0511 0x5d3c  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:40:29.0557 0x5d3c  Wanarpv6 - ok
13:40:29.0682 0x5d3c  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
13:40:29.0886 0x5d3c  wbengine - ok
13:40:29.0964 0x5d3c  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:40:30.0089 0x5d3c  WbioSrvc - ok
13:40:30.0182 0x5d3c  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
13:40:30.0292 0x5d3c  Wcmsvc - ok
13:40:30.0370 0x5d3c  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:40:30.0464 0x5d3c  wcncsvc - ok
13:40:30.0526 0x5d3c  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:40:30.0745 0x5d3c  WcsPlugInService - ok
13:40:30.0839 0x5d3c  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
13:40:30.0948 0x5d3c  Wd - ok
13:40:31.0026 0x5d3c  [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
13:40:31.0073 0x5d3c  WdBoot - ok
13:40:31.0182 0x5d3c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:40:31.0245 0x5d3c  Wdf01000 - ok
13:40:31.0308 0x5d3c  [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
13:40:31.0354 0x5d3c  WdFilter - ok
13:40:31.0417 0x5d3c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:40:31.0558 0x5d3c  WdiServiceHost - ok
13:40:31.0636 0x5d3c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:40:31.0683 0x5d3c  WdiSystemHost - ok
13:40:31.0776 0x5d3c  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\windows\System32\webclnt.dll
13:40:31.0886 0x5d3c  WebClient - ok
13:40:31.0948 0x5d3c  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:40:32.0042 0x5d3c  Wecsvc - ok
13:40:32.0089 0x5d3c  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:40:32.0229 0x5d3c  wercplsupport - ok
13:40:32.0292 0x5d3c  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
13:40:32.0448 0x5d3c  WerSvc - ok
13:40:32.0542 0x5d3c  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
13:40:32.0589 0x5d3c  WFPLWFS - ok
13:40:32.0667 0x5d3c  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
13:40:32.0808 0x5d3c  WiaRpc - ok
13:40:32.0870 0x5d3c  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:40:32.0948 0x5d3c  WIMMount - ok
13:40:33.0011 0x5d3c  WinDefend - ok
13:40:33.0183 0x5d3c  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
13:40:33.0339 0x5d3c  WinHttpAutoProxySvc - ok
13:40:33.0448 0x5d3c  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:40:33.0526 0x5d3c  Winmgmt - ok
13:40:33.0698 0x5d3c  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\windows\system32\WsmSvc.dll
13:40:33.0917 0x5d3c  WinRM - ok
13:40:34.0120 0x5d3c  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:40:34.0214 0x5d3c  WinUsb - ok
13:40:34.0355 0x5d3c  [ A7C993F86BE5AF035DE06DF9160D7008, 9890293AD584C846C5F2444BEF8E6130C6EE450EFF0387FCECDE056CD7D0C02C ] WiseBootAssistant C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
13:40:34.0433 0x5d3c  WiseBootAssistant - ok
13:40:34.0495 0x5d3c  WiseHDInfo - ok
13:40:34.0636 0x5d3c  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\windows\System32\wlansvc.dll
13:40:34.0792 0x5d3c  WlanSvc - ok
13:40:34.0917 0x5d3c  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
13:40:35.0089 0x5d3c  wlidsvc - ok
13:40:35.0167 0x5d3c  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
13:40:35.0230 0x5d3c  WmiAcpi - ok
13:40:35.0355 0x5d3c  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:40:35.0433 0x5d3c  wmiApSrv - ok
13:40:35.0495 0x5d3c  WMPNetworkSvc - ok
13:40:35.0605 0x5d3c  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
13:40:35.0776 0x5d3c  wpcfltr - ok
13:40:35.0870 0x5d3c  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:40:35.0980 0x5d3c  WPCSvc - ok
13:40:36.0089 0x5d3c  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:40:36.0230 0x5d3c  WPDBusEnum - ok
13:40:36.0308 0x5d3c  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
13:40:36.0448 0x5d3c  WpdUpFltr - ok
13:40:36.0527 0x5d3c  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:40:36.0589 0x5d3c  ws2ifsl - ok
13:40:36.0667 0x5d3c  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\windows\System32\wscsvc.dll
13:40:36.0730 0x5d3c  wscsvc - ok
13:40:36.0777 0x5d3c  WSearch - ok
13:40:36.0995 0x5d3c  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\windows\System32\WSService.dll
13:40:37.0136 0x5d3c  WSService - ok
13:40:37.0230 0x5d3c  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
13:40:37.0277 0x5d3c  wsvd - ok
13:40:37.0433 0x5d3c  [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv        C:\windows\system32\wuaueng.dll
13:40:37.0683 0x5d3c  wuauserv - ok
13:40:37.0745 0x5d3c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:40:37.0855 0x5d3c  WudfPf - ok
13:40:37.0917 0x5d3c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
13:40:37.0995 0x5d3c  WUDFRd - ok
13:40:38.0073 0x5d3c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:40:38.0183 0x5d3c  wudfsvc - ok
13:40:38.0230 0x5d3c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
13:40:38.0292 0x5d3c  WUDFWpdFs - ok
13:40:38.0339 0x5d3c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
13:40:38.0402 0x5d3c  WUDFWpdMtp - ok
13:40:38.0480 0x5d3c  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\windows\System32\wwansvc.dll
13:40:38.0589 0x5d3c  WwanSvc - ok
13:40:38.0667 0x5d3c  [ 93BFBB02C88EF306C8FB82213E07B845, F9E91A80B11997188446A83E6A1A66A503D3B58D8808AB7E869EE1550F1EA44F ] XHCIPort        C:\windows\System32\drivers\XHCIPort.sys
13:40:38.0714 0x5d3c  XHCIPort - ok
13:40:38.0995 0x5d3c  [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
13:40:39.0199 0x5d3c  ZeroConfigService - ok
13:40:39.0745 0x5d3c  ================ Scan global ===============================
13:40:39.0855 0x5d3c  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
13:40:39.0886 0x5d3c  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
13:40:39.0917 0x5d3c  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
13:40:39.0964 0x5d3c  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
13:40:39.0995 0x5d3c  [ Global ] - ok
13:40:39.0995 0x5d3c  ================ Scan MBR ==================================
13:40:39.0995 0x5d3c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:40:40.0183 0x5d3c  \Device\Harddisk0\DR0 - ok
13:40:40.0183 0x5d3c  ================ Scan VBR ==================================
13:40:40.0199 0x5d3c  [ F500129BF4DC92B43BC9A40128577F67 ] \Device\Harddisk0\DR0\Partition1
13:40:40.0214 0x5d3c  \Device\Harddisk0\DR0\Partition1 - ok
13:40:40.0230 0x5d3c  [ C2E1ADD180F16E43FDD3335DAF7325D5 ] \Device\Harddisk0\DR0\Partition2
13:40:40.0245 0x5d3c  \Device\Harddisk0\DR0\Partition2 - ok
13:40:40.0261 0x5d3c  [ 5D021626C0B2C666FB2BE2C2A4F8F5B4 ] \Device\Harddisk0\DR0\Partition3
13:40:40.0277 0x5d3c  \Device\Harddisk0\DR0\Partition3 - ok
13:40:40.0292 0x5d3c  [ 5F2B13B0C8A64415CFA8EFA192DDCB6D ] \Device\Harddisk0\DR0\Partition4
13:40:40.0292 0x5d3c  \Device\Harddisk0\DR0\Partition4 - ok
13:40:40.0308 0x5d3c  [ AC30DF8EED224C87BC7F0C652597B8AB ] \Device\Harddisk0\DR0\Partition5
13:40:40.0308 0x5d3c  \Device\Harddisk0\DR0\Partition5 - ok
13:40:40.0355 0x5d3c  [ 511C82759EF397F503DBE146F760F6C8 ] \Device\Harddisk0\DR0\Partition6
13:40:40.0371 0x5d3c  \Device\Harddisk0\DR0\Partition6 - ok
13:40:40.0386 0x5d3c  [ DB7D9CF67BFA56D5D617FDD0E27BFCDF ] \Device\Harddisk0\DR0\Partition7
13:40:40.0402 0x5d3c  \Device\Harddisk0\DR0\Partition7 - ok
13:40:40.0417 0x5d3c  ================ Scan generic autorun ======================
13:40:40.0464 0x5d3c  [ 3293EDFFDDD6428AF31277F8CE6E39A2, EA73444CE66447A407166126744FB45C8BCBA102505EF63588AA08AA5BB584B0 ] C:\windows\system32\igfxtray.exe
13:40:40.0511 0x5d3c  IgfxTray - ok
13:40:40.0511 0x5d3c  [ 25BB22FF0CB62BBD56EB3141FDB6DC57, A8E600A81BB7285F0DAC511FADE5F648424FAF6C8159CF5D2D1C303EFF9E32F7 ] C:\windows\system32\hkcmd.exe
13:40:40.0574 0x5d3c  HotKeysCmds - ok
13:40:40.0589 0x5d3c  [ DB3C847EAB293E36131DB5E56FCEE95B, 79C863133857870FD16447ABA58D158099018D68653C11765345988D7E33F2E0 ] C:\windows\system32\igfxpers.exe
13:40:40.0667 0x5d3c  Persistence - ok
13:40:40.0730 0x5d3c  [ D94BCD3B86F5220BEFC277B395EEE845, 61D3DE5621CE855F8EA5BF2308D0DFFB3B517BF7187AEE1FEF6785C5880E7D49 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
13:40:40.0792 0x5d3c  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
13:40:43.0402 0x5d3c  Detect skipped due to KSN trusted
13:40:43.0402 0x5d3c  IAStorIcon - ok
13:40:43.0527 0x5d3c  [ EE4B8B1ACDA0AB5A1D798EE5B4F0522D, B3DC9C6AF5A2CEBADF6EA73C9F1764568C768B60E2425E3A530B313A2B408AE9 ] C:\Program Files\Apoint2K\Apoint.exe
13:40:43.0589 0x5d3c  Apoint - ok
13:40:43.0589 0x5d3c  SysTrayApp - ok
13:40:44.0190 0x5d3c  [ DF99547E3CD8C828202546ED9C4D7D25, 83013EEE760004E812CD63662843D1F3972AFBF83B4739935FC746F470FA7188 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
13:40:44.0878 0x5d3c  Energy Management - ok
13:40:44.0925 0x5d3c  [ D41309D7717CC5D62C2E0C5EB6B127B3, 50F46F762320C9B2560AA356B31EB564651F92BDA2DBCE34E3E349A65E347FAC ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
13:40:44.0971 0x5d3c  EnergyUtility - ok
13:40:45.0034 0x5d3c  [ 713B823A60C321CACBA33B33D49E8684, 67051761E9DA34DF75D715FB1FC13EEFFD62C589D004CCC3780E57891BEF12F9 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE
13:40:45.0112 0x5d3c  331BigDog - ok
13:40:45.0190 0x5d3c  [ C2513AEB3F326B8811E2A37C9A7F930B, E3D9C0BB1A31367E7E3E0ED71F04068DF09F57CA293293B24D841331A1F9ADCB ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
13:40:45.0253 0x5d3c  YouCam Tray - ok
13:40:45.0300 0x5d3c  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
13:40:45.0362 0x5d3c  Intel AppUp(SM) center - ok
13:40:45.0487 0x5d3c  [ 3EAD58B69E5DD11B80B4B4BD4B3392A8, 50B8F807663A26476CFC85EC2C08E7F6795EBF1DF8CA85DCBDE95A8C68F55840 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
13:40:45.0628 0x5d3c  Malwarebytes Anti-Exploit - ok
13:40:45.0847 0x5d3c  [ D4DA562ECCAD277099C4CB2AE88ED785, 206FC981B9553DA321D3FE0FA144E69A949CDF314DB5933466796543DD47806E ] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe
13:40:46.0081 0x5d3c  AshSnap - ok
13:40:46.0081 0x5d3c  Waiting for KSN requests completion. In queue: 147
13:40:47.0097 0x5d3c  Waiting for KSN requests completion. In queue: 147
13:40:48.0112 0x5d3c  Waiting for KSN requests completion. In queue: 147
13:40:49.0378 0x5d3c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
13:40:49.0394 0x5d3c  AV detected via SS2: Bitdefender Antivirus Free Edition, C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe ( 1.0.21.1099 ), 0x41000 ( enabled : updated )
13:40:49.0519 0x5d3c  Win FW state via NFP2: enabled
13:40:52.0331 0x5d3c  ============================================================
13:40:52.0331 0x5d3c  Scan finished
13:40:52.0331 0x5d3c  ============================================================
13:40:52.0347 0x2a50  Detected object count: 0
13:40:52.0347 0x2a50  Actual detected object count: 0
_________________________________________________________________________________________________________

Rkill 2.6.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html
 
Program started at: 08/01/2014 01:44:38 PM in x64 mode.
Windows Version: Windows 8 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1 localhost
  0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
  0.0.0.0 media.opencandy.com
  0.0.0.0 cdn.opencandy.com
  0.0.0.0 tracking.opencandy.com
  0.0.0.0 api.opencandy.com
  0.0.0.0 installer.betterinstaller.com
  0.0.0.0 installer.filebulldog.com
  0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
  0.0.0.0 inno.bisrv.com
  0.0.0.0 nsis.bisrv.com
  0.0.0.0 cdn.file2desktop.com
  0.0.0.0 cdn.goateastcach.us
  0.0.0.0 cdn.guttastatdk.us
  0.0.0.0 cdn.inskinmedia.com
  0.0.0.0 cdn.insta.oibundles2.com
  0.0.0.0 cdn.insta.playbryte.com
  0.0.0.0 cdn.llogetfastcach.us
  0.0.0.0 cdn.montiera.com
  0.0.0.0 cdn.msdwnld.com
 
  20 out of 34 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 08/01/2014 01:46:29 PM
Execution time: 0 hours(s), 1 minute(s), and 50 seconds(s)
_________________________________________________________________________________________________________

RogueKiller V9.2.3.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
 
Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Αριστειδης [Admin rights]
Mode : Scan -- Date : 08/01/2014  14:07:24
 
¤¤¤ Bad processes : 56 ¤¤¤
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
 
¤¤¤ Registry Entries : 8 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D2A863B1-769E-424B-8E9B-E69294CBC345} | DhcpNameServer : 192.168.1.1 0.0.0.0  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{D2A863B1-769E-424B-8E9B-E69294CBC345} | DhcpNameServer : 192.168.1.1 0.0.0.0  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3926861680-3198799385-1142916869-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3926861680-3198799385-1142916869-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3926861680-3198799385-1142916869-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3926861680-3198799385-1142916869-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> FOUND
 
¤¤¤ Scheduled tasks : 6 ¤¤¤
[Suspicious.Path] \\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} -- C:\ProgramData\cisDED.exe (--PostUninstall {15198508-521A-4D69-8E5B-B94A6CCFF805}) -> FOUND
[Suspicious.Path] \Lenovo\Lenovo-13825 -- C:\ProgramData\Lenovo-13825.vbs -> FOUND
[Suspicious.Path] \Lenovo\Lenovo-13881 -- C:\ProgramData\Lenovo-13881.vbs -> FOUND
[Suspicious.Path] \Lenovo\sysrun-24984 -- C:\Users\FB70~1\AppData\Local\Temp\sysrun-24984.cmd -> FOUND
[Suspicious.Path] \Lenovo\sysrun-25539 -- C:\Users\FB70~1\AppData\Local\Temp\sysrun-25539.cmd -> FOUND
[Suspicious.Path] \Lenovo\sysrun-26530 -- C:\Users\FB70~1\AppData\Local\Temp\sysrun-26530.cmd -> FOUND
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ HOSTS File : 34 ¤¤¤
[C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 media.opencandy.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.opencandy.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 tracking.opencandy.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 api.opencandy.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 installer.betterinstaller.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 installer.filebulldog.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 inno.bisrv.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 nsis.bisrv.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.file2desktop.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.goateastcach.us
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.guttastatdk.us
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.inskinmedia.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.oibundles2.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.insta.playbryte.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.llogetfastcach.us
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.montiera.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.msdwnld.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.mypcbackup.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.ppdownload.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.riceateastcach.us
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.shyapotato.us
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.solimba.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.tuto4pc.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.appround.biz
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bigspeedpro.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bispd.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.bisrv.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.cdndp.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.download.sweetpacks.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.dpdownload.com
[C:\windows\System32\drivers\etc\hosts] 0.0.0.0 cdn.visualbee.net
 
¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST500LT012-9WS142 +++++
--- User ---
[MBR] bee1c8f7a24f1624c5cac1b7b64418dc
[BSP] 1c0984fc9ac95a717585460ca833193d : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK
 
 
============================================
RKreport_DEL_06232014_222126.log - RKreport_DEL_07172014_234203.log - RKreport_DEL_07202014_162229.log - RKreport_DEL_07262014_175946.log
RKreport_SCN_06232014_215217.log - RKreport_SCN_06232014_222017.log - RKreport_SCN_06232014_222554.log - RKreport_SCN_07172014_234025.log
RKreport_SCN_07202014_161802.log - RKreport_SCN_07262014_175649.log
_________________________________________________________________________________________________________

Edited by boopme, 01 August 2014 - 02:37 PM.


BC AdBot (Login to Remove)

 


#2 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 01 August 2014 - 07:40 AM

Also i want to add that in comodo's killswitch i don't see malicious processes.

Please contact me soon.Help will be appreciated.Thanks.



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 06 August 2014 - 07:35 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/542959 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 06 August 2014 - 11:23 AM

Hi.I am running Microsoft Windows 8 64 bit.My problem is that i have done a lot of scans with Emsisoft Anti-Malware,Malwarebytes Anti-Malware,AdwCleaner,HitmanPro,TDSSKiller and other scanners and none of them finds something malicious.But when I execute the RogueKiller from http://www.adlice.com/,the pre-scan every time finds and terminates malicious processes.But i have look at my processes and i have scan with some of the best scanners as i say and they don't find anything.So it is RogueKiller's false positive when in pre-scan terminates malicious processes(56) or i am infected and the other scanners didn't detect anything?????

When i bought my laptop it had not a Windows CD/DVD so i haven't any CD/DVD.

Thanks.

Soon in my next post i will paste the DDS log.



#5 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 06 August 2014 - 11:48 AM

Hello again.I have the logs from DDS.There are two logs.The one is "dds" and the other is "attach".I have posted the "dds" log.If you want and the other log tell me and i will attach it.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.17028
Run by Αριστειδης at 19:29:54 on 2014-08-06
Microsoft Windows 8  6.2.9200.0.1253.30.1032.18.3975.1906 [GMT 3:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
C:\windows\SysWOW64\vmnat.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\DfsdkS64.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\windows\System32\LogonUI.exe
C:\windows\System32\dwm.exe
C:\windows\system32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\taskhostex.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe
C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\windows\Explorer.EXE
C:\windows\system32\igfxEM.exe
C:\windows\system32\igfxHK.exe
C:\windows\system32\igfxTray.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\CCE\KillSwitch.exe
C:\windows\Explorer.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\windows\System32\msdtc.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Users\Αριστειδης\Desktop\dds.com
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.gr/
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\CoIEPlg.dll
BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
BHO: DVDVideoSoft IE Extension: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\CoIEPlg.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
uRun: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe
mRun: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
StartupFolder: C:\Users\FB70~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{D2A863B1-769E-424B-8E9B-E69294CBC345} : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{D2A863B1-769E-424B-8E9B-E69294CBC345}\546796 : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{D2A863B1-769E-424B-8E9B-E69294CBC345}\84F4C40214C4550275C414E4 : DHCPNameServer = 192.168.2.1
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.3.12\CoIEPlg.dll
x64-BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
x64-BHO: DVDVideoSoft IE Extension: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files (x86)\IDT\WDM\sttray64.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [Classic Start Menu] "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
Hosts: 0.0.0.0 media.opencandy.com
Hosts: 0.0.0.0 cdn.opencandy.com
Hosts: 0.0.0.0 tracking.opencandy.com
Hosts: 0.0.0.0 api.opencandy.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Αριστειδης\AppData\Roaming\Mozilla\Firefox\Profiles\dd9m7lve.default\
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-08-06 16:29:57 -------- d-----w- C:\Users\?±ώ?Ϊίώϊύ?\AppData\Local\Microsoft
2014-08-05 22:38:30 -------- d-----w- C:\TreeSizeFree
2014-08-05 18:02:21 -------- d-----w- C:\Program Files (x86)\WinMHR
2014-08-05 17:53:11 -------- d-----w- C:\Program Files\Reason
2014-08-04 20:03:20 -------- d-----w- C:\TCPView
2014-08-04 10:14:42 -------- d-----w- C:\NETADAPTER-REPAIR
2014-08-01 18:39:59 144 ----a-w- C:\windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-08-01 18:26:18 -------- d-sh--w- C:\Users\Αριστειδης\IntelGraphicsProfiles
2014-08-01 18:26:09 451 ----a-w- C:\windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-08-01 18:20:37 71168 ----a-w- C:\windows\System32\drivers\hdaudbus.sys
2014-08-01 18:19:03 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2014-08-01 18:17:32 -------- d-----w- C:\windows\SysWow64\NV
2014-08-01 18:17:32 -------- d-----w- C:\windows\System32\NV
2014-08-01 17:59:37 94552 ----a-w- C:\windows\System32\drivers\mountmgr.sys
2014-08-01 17:59:37 328024 ----a-w- C:\windows\System32\drivers\Classpnp.sys
2014-08-01 17:46:53 -------- d-----w- C:\Program Files\Classic Shell
2014-07-30 19:56:16 -------- d-----w- C:\SpybotPortable
2014-07-30 16:30:32 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\gnupg
2014-07-30 16:30:32 -------- d-----w- C:\ProgramData\GNU
2014-07-30 16:30:30 -------- d-----w- C:\Program Files (x86)\GNU
2014-07-29 20:16:53 305 ----a-w- C:\cleaner.bat
2014-07-29 19:07:22 261056 ----a-w- C:\windows\System32\drivers\avchv.sys
2014-07-29 11:11:17 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\Abine
2014-07-26 22:02:16 35112 ----a-w- C:\windows\System32\drivers\teamviewervpn.sys
2014-07-26 22:02:14 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-07-26 11:47:40 -------- d-----w- C:\Security Check
2014-07-26 11:46:32 -------- d-----w- C:\OTL
2014-07-25 15:52:39 162392 ----a-r- C:\windows\System32\drivers\NSTx64\7DE07030.00C\ccSetx64.sys
2014-07-25 15:52:32 -------- d-----w- C:\windows\System32\drivers\NSTx64\7DE07030.00C
2014-07-25 15:52:32 -------- d-----w- C:\windows\System32\drivers\NSTx64
2014-07-25 15:52:31 -------- d-----w- C:\Program Files (x86)\Norton Identity Safe
2014-07-25 15:52:16 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2014-07-25 14:53:40 -------- d-----w- C:\Encryption Software
2014-07-23 15:06:52 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-07-22 20:42:43 48392 ----a-w- C:\windows\SysWow64\certsentry.dll
2014-07-22 17:44:41 -------- d-----w- C:\Tor Browser
2014-07-22 17:03:33 2573392 ----a-w- C:\Users\Αριστειδης\TrueCrypt-7.2.exe
2014-07-22 12:20:05 -------- d-----w- C:\ProgramData\Sophos
2014-07-22 12:19:54 73728 ----a-r- C:\Users\Αριστειδης\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-07-22 12:19:54 73728 ----a-r- C:\Users\Αριστειδης\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-07-22 12:19:54 73728 ----a-r- C:\Users\Αριστειδης\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2014-07-22 12:19:48 -------- d-----w- C:\Program Files (x86)\Sophos
2014-07-21 21:56:59 -------- d-----w- C:\McAfee
2014-07-20 18:19:40 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\Thunderbird
2014-07-20 17:39:22 47632 ----a-w- C:\windows\System32\drivers\PSKMAD.sys
2014-07-20 17:39:20 -------- d-----w- C:\windows\SysWow64\DASBOOT
2014-07-20 17:39:06 -------- d-----w- C:\Program Files (x86)\Panda Security
2014-07-20 13:58:19 -------- d-----w- C:\NPE
2014-07-19 22:29:13 -------- d-----w- C:\Quarantine
2014-07-19 22:28:52 -------- d-----w- C:\Program Files (x86)\stinger
2014-07-17 20:33:27 30312 ----a-w- C:\windows\System32\drivers\TrueSight.sys
2014-07-17 12:40:04 -------- d-----w- C:\AdwCleaner
2014-07-16 15:56:28 -------- d-----w- C:\Program Files (x86)\ESET
2014-07-16 13:02:06 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\Yamicsoft
2014-07-16 12:45:57 -------- d-----w- C:\Program Files (x86)\RecImg Manager
2014-07-15 16:03:43 -------- d-----w- C:\Backups
2014-07-15 14:43:42 -------- d-----w- C:\Bleeping Computer
2014-07-15 13:52:59 -------- d-----w- C:\Program Files (x86)\Tweaking.com
2014-07-14 18:30:16 -------- d-----w- C:\thisisu
2014-07-14 18:28:04 -------- d-----w- C:\Adlice Software
2014-07-14 18:21:37 -------- d-----w- C:\Xplode
2014-07-12 21:20:33 -------- d-----w- C:\Kaspersky
2014-07-12 14:20:23 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\SlimCleaner
2014-07-12 12:16:14 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\wurst
2014-07-12 11:46:15 34304 ----a-w- C:\windows\System32\DfSdkBt.exe
2014-07-10 17:08:09 4216840 ----a-w- C:\Program Files (x86)\Common Files\vcredist_2008_sp1_x86.exe
2014-07-10 12:54:00 -------- d-----w- C:\Program Files (x86)\Auslogics
2014-07-10 12:28:57 -------- d-----w- C:\Program Files (x86)\SlimDrivers
2014-07-10 12:04:43 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\Wise Uninstaller
2014-07-09 23:31:16 703968 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-07-09 23:31:16 105440 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 23:27:54 -------- d-s---w- C:\windows\System32\CompatTel
2014-07-09 22:49:01 -------- d-----w- C:\ProgramData\Auslogics
2014-07-09 21:54:59 92672 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll
2014-07-09 21:53:47 596480 ----a-w- C:\windows\System32\qedit.dll
2014-07-09 21:53:47 576512 ----a-w- C:\windows\System32\drivers\afd.sys
2014-07-09 21:53:47 497152 ----a-w- C:\windows\SysWow64\qedit.dll
2014-07-09 21:35:45 -------- d-----w- C:\Program Files (x86)\SlimCleaner
2014-07-08 18:30:38 34080 ----a-w- C:\windows\System32\SmartDefragBootTime.exe
2014-07-08 18:29:24 128288 ----a-w- C:\windows\System32\IObitSmartDefragExtension.dll
2014-07-08 14:34:55 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\Ashampoo
2014-07-08 14:32:48 -------- d-----w- C:\Program Files (x86)\Ashampoo
2014-07-07 16:51:34 -------- d-----w- C:\Program Files\Start Menu X
2014-07-07 16:50:43 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\StartMenuX
2014-07-07 16:50:43 -------- d-----w- C:\ProgramData\StartMenuX
.
==================== Find3M  ====================
.
2014-08-03 14:09:28 1024 ---ha-w- C:\SYSTAG.BIN
2014-08-02 09:58:17 122584 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-07-22 20:42:43 57096 ----a-w- C:\windows\System32\certsentry.dll
2014-07-22 17:03:33 2573392 ----a-w- C:\Users\Αριστειδης\TrueCrypt-7.2.exe
2014-07-19 15:14:39 92888 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-06-30 22:42:56 394240 ----a-w- C:\windows\System32\devinv.dll
2014-06-30 22:42:48 87552 ----a-w- C:\windows\System32\aepic.dll
2014-06-30 22:42:48 702464 ----a-w- C:\windows\System32\aepdu.dll
2014-06-28 03:35:04 556544 ----a-w- C:\windows\System32\aeinv.dll
2014-06-19 17:49:25 100882 ----a-w- C:\ProgramData\1403200139.bdinstall.bin
2014-06-19 17:47:17 191312 ----a-w- C:\ProgramData\1403199917.bdinstall.bin
2014-06-19 11:26:42 32605 ----a-w- C:\ProgramData\1403177177.bdinstall.bin
2014-06-19 11:24:16 50000 ----a-w- C:\ProgramData\1403177018.bdinstall.bin
2014-06-19 02:12:11 2239488 ----a-w- C:\windows\System32\wininet.dll
2014-06-19 02:12:02 915968 ----a-w- C:\windows\System32\uxtheme.dll
2014-06-19 02:12:02 53760 ----a-w- C:\windows\System32\UXInit.dll
2014-06-19 02:10:33 3959296 ----a-w- C:\windows\System32\jscript9.dll
2014-06-19 02:10:28 67072 ----a-w- C:\windows\System32\iesetup.dll
2014-06-19 02:10:28 136704 ----a-w- C:\windows\System32\iesysprep.dll
2014-06-19 02:09:55 1508864 ----a-w- C:\windows\System32\inetcpl.cpl
2014-06-19 00:53:52 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
2014-06-19 00:53:42 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2014-06-19 00:52:46 2863616 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-06-19 00:52:42 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-06-19 00:52:42 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2014-06-19 00:52:19 1440768 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-06-19 00:33:44 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2014-06-19 00:30:35 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-06-18 22:05:00 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2014-06-17 23:27:37 1440256 ----a-w- C:\windows\SysWow64\osk.exe
2014-06-17 23:24:48 1557504 ----a-w- C:\windows\System32\osk.exe
2014-06-12 15:23:08 359128 ----a-w- C:\windows\SysWow64\vmnetdhcp.exe
2014-06-12 15:23:04 64728 ----a-w- C:\windows\System32\drivers\vmx86.sys
2014-06-12 15:22:50 31448 ----a-w- C:\windows\System32\drivers\vmnetuserif.sys
2014-06-12 15:22:40 437976 ----a-w- C:\windows\SysWow64\vmnat.exe
2014-06-12 15:22:32 931032 ----a-w- C:\windows\System32\vnetlib64.dll
2014-06-12 15:22:02 80464 ----a-w- C:\windows\System32\vmnetbridge.dll
2014-06-12 15:22:02 49232 ----a-w- C:\windows\System32\vnetinst.dll
2014-06-12 15:22:02 46160 ----a-w- C:\windows\System32\drivers\vmnetbridge.sys
2014-06-12 15:22:02 24656 ----a-w- C:\windows\System32\drivers\vmnet.sys
2014-06-12 15:22:02 20560 ----a-w- C:\windows\System32\drivers\vmnetadapter.sys
2014-06-12 15:21:58 33496 ----a-w- C:\windows\System32\drivers\VMkbd.sys
2014-06-12 12:33:28 79064 ----a-w- C:\windows\System32\drivers\ccsw.sys
2014-06-11 04:18:14 4038144 ----a-w- C:\windows\System32\win32k.sys
2014-06-04 19:38:33 203297 ----a-w- C:\ProgramData\1401910625.bdinstall.bin
2014-06-04 19:35:01 46467 ----a-w- C:\ProgramData\1401910463.bdinstall.bin
2014-06-04 19:28:18 45323 ----a-w- C:\ProgramData\1401910053.bdinstall.bin
2014-06-02 22:33:45 265216 ----a-w- C:\windows\System32\InkEd.dll
2014-05-29 23:31:26 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2014-05-29 23:03:04 588288 ----a-w- C:\windows\System32\SHCore.dll
2014-05-29 23:02:28 439808 ----a-w- C:\windows\System32\lsm.dll
2014-05-29 23:02:27 1281536 ----a-w- C:\windows\System32\lsasrv.dll
2014-05-17 08:31:48 93144 ----a-w- C:\windows\System32\drivers\hmpalert.sys
2014-05-17 08:31:48 548424 ----a-w- C:\windows\System32\hmpalert.dll
2014-05-17 08:31:48 477008 ----a-w- C:\windows\SysWow64\hmpalert.dll
2014-05-12 04:26:14 64216 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-05-12 04:25:56 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-05-09 12:22:11 50464 ----a-w- C:\windows\System32\drivers\avgtpx64.sys
2014-05-08 17:05:52 1060864 ----a-w- C:\windows\SysWow64\mfc71.dll
.
============= FINISH: 19:31:29.90 ===============
I f you want and the other log tell me to post it.
Contact soon.
Thanks !!   :)


#6 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 08 August 2014 - 05:54 PM

Hi again.I will not be available from the 9 of until the 15 of August if i tell it right because of holidays.You can close this topic and i will tell to a moderator to re-opend this when i will be available or keep it open and when i am available i will post.

See you soon  :) !!



#7 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 11 August 2014 - 07:40 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

 

Mod Edit:  Reopened topic per PM request - Hamluis.


Edited by hamluis, 14 August 2014 - 02:43 PM.


#8 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 17 August 2014 - 02:00 PM

As Moderator Hamluis said,i will write again my problem with more details again now because my topic was locked and now ti is re-opened.

I have do a lot of scans with lots of scanners included Emsisoft,Malwarebytes,TDSSKiller,Comodo,Bitdefender,HitmanPro and none of them scanners finds something suspicious and  i don't see anything suspicious on Comodo's killswitch or on the Comodo's autoruns analyzer which are utilities from Comodo Cleaning Essentials.But when i execute the RogueKiller,every time i execute it the pre-scan terminates some processes.Every time terminates a different number of processes and according to details these processes are hidden from view.In safe mode the RogueKiller's pre-scan don't find any process to terminate.Also i have not detect suspicious activities on my compute.I think my computer is running normally.So my computer is infected and all the other top scanners don't detect anything or my computer is clean and RogueKiller terminates good processes because they behave like malicious so it is a false positive ????????????

Please.I need this computer clean soon if it is infected,help will be appreciated.

Thanks :)



#9 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 17 August 2014 - 02:09 PM

I do a new dds scan to make sure that the results are the latest.

 

__________________________________________________________________________________________________________________________________DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.17054
Run by Αριστειδης at 22:01:55 on 2014-08-17
Microsoft Windows 8  6.2.9200.0.1253.30.1032.18.3975.2497 [GMT 3:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
C:\windows\SysWOW64\vmnat.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
C:\windows\system32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\taskhostex.exe
C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe
C:\windows\Explorer.EXE
C:\windows\system32\igfxEM.exe
C:\windows\system32\igfxHK.exe
C:\windows\system32\igfxTray.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Users\Αριστειδης\Desktop\Security Toolbox\dds.com
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.gr/
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\CoIEPlg.dll
BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\CoIEPlg.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
uRun: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe
mRun: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
StartupFolder: C:\Users\FB70~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{D2A863B1-769E-424B-8E9B-E69294CBC345} : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{D2A863B1-769E-424B-8E9B-E69294CBC345}\546796 : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{D2A863B1-769E-424B-8E9B-E69294CBC345}\84F4C40214C4550275C414E4 : DHCPNameServer = 192.168.2.1
AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.3.12\CoIEPlg.dll
x64-BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files (x86)\IDT\WDM\sttray64.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [Classic Start Menu] "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
Hosts: 0.0.0.0 media.opencandy.com
Hosts: 0.0.0.0 cdn.opencandy.com
Hosts: 0.0.0.0 tracking.opencandy.com
Hosts: 0.0.0.0 api.opencandy.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Αριστειδης\AppData\Roaming\Mozilla\Firefox\Profiles\dd9m7lve.default\
.
============= SERVICES / DRIVERS ===============
.
R0 ambakdrv;ambakdrv;C:\windows\System32\ambakdrv.sys [2014-6-8 30648]
R0 avc3;avc3;C:\windows\System32\Drivers\avc3.sys [2014-6-4 718840]
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-2-1 652784]
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2013-12-14 39008]
R0 nvpciflt;nvpciflt;C:\windows\System32\Drivers\nvpciflt.sys [2013-12-26 32544]
R0 vsock;vSockets Driver;C:\windows\System32\Drivers\vsock.sys [2014-7-5 73296]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\EEKAM\Run\a2ddax64.sys [2014-6-5 26176]
R1 avgtp;avgtp;C:\windows\System32\Drivers\avgtpx64.sys [2014-4-21 50464]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2014-6-4 121928]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\windows\System32\Drivers\NSTx64\7DE07030.00C\ccSetx64.sys [2014-7-25 162392]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [2014-6-8 63928]
R1 gzflt;gzflt;C:\windows\System32\Drivers\gzflt.sys [2014-6-4 148696]
R2 ammntdrv;ammntdrv;C:\windows\System32\ammntdrv.sys [2014-6-8 151480]
R2 amwrtdrv;amwrtdrv;C:\windows\System32\amwrtdrv.sys [2014-6-8 17848]
R2 Backupper Service;AOMEI Backupper Scheduler Service;C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe [2014-6-8 29912]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-8-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-8-26 1157496]
R2 DirMngr;DirMngr;C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [2013-10-7 218112]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-5-21 2135232]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2014-6-4 69368]
R2 hmpalert;HitmanPro.Alert Support Driver;C:\windows\System32\Drivers\hmpalert.sys [2014-5-17 93144]
R2 hmpalertsvc;HitmanPro.Alert Service;C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2014-5-17 1876816]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-2-1 15344]
R2 IceDragonUpdater;COMODO IceDragon Update Service;C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2013-12-19 1821384]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;C:\windows\System32\igfxCUIService.exe [2014-5-21 314696]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-20 634632]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-12-14 128896]
R2 Intel® Wireless Bluetooth® 4.0 Radio Management;Intel® Wireless Bluetooth® 4.0 Radio Management;C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-9-18 157128]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-12-14 165760]
R2 MbaeSvc;Malwarebytes Anti-Exploit Service;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [2014-6-8 347448]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\NST.exe [2014-7-25 130104]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-7-27 5037888]
R2 Unchecky;Unchecky;C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [2014-4-29 107624]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-12-14 364416]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2014-2-27 906432]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-8-28 3378416]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 AmUStor;AM USB Stroage Driver;C:\windows\System32\Drivers\AmUStor.sys [2012-10-3 95232]
R3 avckf;avckf;C:\windows\System32\Drivers\avckf.sys [2014-6-4 593144]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2013-7-22 140600]
R3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2013-9-5 1390904]
R3 ibtfltcoex;ibtfltcoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2013-4-23 69088]
R3 IntcDAud;Ήχος οθόνης Intel®;C:\windows\System32\Drivers\IntcDAud.sys [2013-5-31 342528]
R3 iwdbus;IWD Bus Enumerator;C:\windows\System32\Drivers\iwdbus.sys [2013-1-29 25568]
R3 NETwNe64;Πρόγραμμα οδήγησης προσαρμογέα Intel® Wireless WiFi Link 5000 Series για Windows 8 64 Bit;C:\windows\System32\Drivers\NETwew00.sys [2013-10-8 3345376]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2013-12-14 772680]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\windows\System32\Drivers\teamviewervpn.sys [2014-7-27 35112]
R3 usb3Hub;Intel UoIP Bus;C:\windows\System32\Drivers\usb3Hub.sys [2013-1-29 48024]
R3 vm331avs;Digital Camera 1;C:\windows\System32\Drivers\vm331avs.sys [2013-12-14 1045248]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
R3 XHCIPort;Intel UoIP Host Controller;C:\windows\System32\Drivers\xHCIPort.sys [2013-1-29 194456]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-5-22 2175264]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\windows\System32\Drivers\Apowersoft_AudioDevice.sys [2014-4-16 31920]
S3 cleanhlp;cleanhlp;C:\EEKAM\Run\cleanhlp64.sys [2014-6-5 57024]
S3 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\DfSdkS64.exe [2014-7-12 544768]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-12-14 169752]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\windows\System32\Drivers\intelaud.sys [2013-1-29 35296]
S3 iumsvc;Intel® Update Manager;C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-2-28 174368]
S3 mbamchameleon;mbamchameleon;C:\windows\System32\Drivers\mbamchameleon.sys [2014-6-18 92888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-8-28 273136]
S3 PSKMAD;PSKMAD;C:\windows\System32\Drivers\PSKMAD.sys [2014-7-20 47632]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2014-4-9 155824]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2013-12-14 102376]
S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2014-7-9 36944]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-08-15 22:33:19 35480 ----a-w- C:\windows\SysWow64\TsWpfWrp.exe
2014-08-15 22:33:19 35480 ----a-w- C:\windows\System32\TsWpfWrp.exe
2014-08-15 22:31:58 702976 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2014-08-15 18:18:27 262312 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10244.bin
2014-08-14 21:30:25 -------- d-----w- C:\Program Files (x86)\Glary Utilities
2014-08-08 21:03:04 -------- d-----w- C:\Program Files (x86)\FileASSASSIN
2014-08-08 14:21:17 261056 ----a-w- C:\windows\System32\drivers\avchv.sys
2014-08-07 21:19:29 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\DiskDefrag
2014-08-06 16:49:18 -------- d-----w- C:\DDS
2014-08-06 16:29:57 -------- d-----w- C:\Users\?±ώ?Ϊίώϊύ?\AppData\Local\Microsoft
2014-08-05 22:38:30 -------- d-----w- C:\TreeSizeFree
2014-08-05 18:02:21 -------- d-----w- C:\Program Files (x86)\WinMHR
2014-08-05 17:53:11 -------- d-----w- C:\Program Files\Reason
2014-08-04 20:03:20 -------- d-----w- C:\TCPView
2014-08-04 10:14:42 -------- d-----w- C:\NETADAPTER-REPAIR
2014-08-01 18:39:59 144 ----a-w- C:\windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-08-01 18:26:18 -------- d-sh--w- C:\Users\Αριστειδης\IntelGraphicsProfiles
2014-08-01 18:26:09 451 ----a-w- C:\windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-08-01 18:20:37 71168 ----a-w- C:\windows\System32\drivers\hdaudbus.sys
2014-08-01 18:19:03 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2014-08-01 18:17:32 -------- d-----w- C:\windows\SysWow64\NV
2014-08-01 18:17:32 -------- d-----w- C:\windows\System32\NV
2014-08-01 17:59:37 94552 ----a-w- C:\windows\System32\drivers\mountmgr.sys
2014-08-01 17:59:37 328024 ----a-w- C:\windows\System32\drivers\Classpnp.sys
2014-08-01 17:46:53 -------- d-----w- C:\Program Files\Classic Shell
2014-07-30 19:56:16 -------- d-----w- C:\SpybotPortable
2014-07-30 16:30:32 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\gnupg
2014-07-30 16:30:32 -------- d-----w- C:\ProgramData\GNU
2014-07-30 16:30:30 -------- d-----w- C:\Program Files (x86)\GNU
2014-07-29 20:16:53 305 ----a-w- C:\cleaner.bat
2014-07-29 11:11:17 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\Abine
2014-07-26 22:02:16 35112 ----a-w- C:\windows\System32\drivers\teamviewervpn.sys
2014-07-26 22:02:14 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-07-26 11:47:40 -------- d-----w- C:\Security Check
2014-07-26 11:46:32 -------- d-----w- C:\OTL
2014-07-25 15:52:39 162392 ----a-r- C:\windows\System32\drivers\NSTx64\7DE07030.00C\ccSetx64.sys
2014-07-25 15:52:32 -------- d-----w- C:\windows\System32\drivers\NSTx64\7DE07030.00C
2014-07-25 15:52:32 -------- d-----w- C:\windows\System32\drivers\NSTx64
2014-07-25 15:52:31 -------- d-----w- C:\Program Files (x86)\Norton Identity Safe
2014-07-25 15:52:16 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2014-07-25 14:53:40 -------- d-----w- C:\Encryption Software
2014-07-23 15:06:52 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-07-22 20:42:43 48392 ----a-w- C:\windows\SysWow64\certsentry.dll
2014-07-22 17:44:41 -------- d-----w- C:\Tor Browser
2014-07-22 12:20:05 -------- d-----w- C:\ProgramData\Sophos
2014-07-22 12:19:54 73728 ----a-r- C:\Users\Αριστειδης\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-07-22 12:19:54 73728 ----a-r- C:\Users\Αριστειδης\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-07-22 12:19:54 73728 ----a-r- C:\Users\Αριστειδης\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2014-07-22 12:19:48 -------- d-----w- C:\Program Files (x86)\Sophos
2014-07-21 21:56:59 -------- d-----w- C:\McAfee
2014-07-20 18:19:40 -------- d-----w- C:\Users\Αριστειδης\AppData\Roaming\Thunderbird
2014-07-20 17:39:22 47632 ----a-w- C:\windows\System32\drivers\PSKMAD.sys
2014-07-20 17:39:20 -------- d-----w- C:\windows\SysWow64\DASBOOT
2014-07-20 17:39:06 -------- d-----w- C:\Program Files (x86)\Panda Security
2014-07-20 13:58:19 -------- d-----w- C:\NPE
2014-07-19 22:29:13 -------- d-----w- C:\Quarantine
2014-07-19 22:28:52 -------- d-----w- C:\Program Files (x86)\stinger
.
==================== Find3M  ====================
.
2014-08-17 17:28:32 30312 ----a-w- C:\windows\System32\drivers\TrueSight.sys
2014-08-07 06:33:36 712192 ----a-w- C:\windows\System32\aepdu.dll
2014-08-07 03:09:52 556544 ----a-w- C:\windows\System32\aeinv.dll
2014-08-03 14:09:28 1024 ---ha-w- C:\SYSTAG.BIN
2014-08-02 09:58:17 122584 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-08-02 00:15:04 704480 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-08-02 00:15:04 105440 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-24 12:10:54 2240000 ----a-w- C:\windows\System32\wininet.dll
2014-07-24 12:10:46 915968 ----a-w- C:\windows\System32\uxtheme.dll
2014-07-24 12:10:46 53760 ----a-w- C:\windows\System32\UXInit.dll
2014-07-24 12:09:37 3959296 ----a-w- C:\windows\System32\jscript9.dll
2014-07-24 12:09:33 67072 ----a-w- C:\windows\System32\iesetup.dll
2014-07-24 12:09:33 136704 ----a-w- C:\windows\System32\iesysprep.dll
2014-07-24 12:09:00 1508864 ----a-w- C:\windows\System32\inetcpl.cpl
2014-07-24 10:52:27 1766400 ----a-w- C:\windows\SysWow64\wininet.dll
2014-07-24 10:52:20 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2014-07-24 10:51:27 2861568 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-07-24 10:51:22 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-07-24 10:51:22 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2014-07-24 10:51:02 1440768 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-07-24 10:33:52 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2014-07-24 10:29:20 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-07-24 08:03:01 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2014-07-22 20:42:43 57096 ----a-w- C:\windows\System32\certsentry.dll
2014-07-19 15:14:39 92888 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-06-30 22:42:56 394240 ----a-w- C:\windows\System32\devinv.dll
2014-06-30 22:42:48 87552 ----a-w- C:\windows\System32\aepic.dll
2014-06-19 23:35:37 1312768 ----a-w- C:\windows\System32\rpcrt4.dll
2014-06-19 22:24:17 694272 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2014-06-19 17:49:25 100882 ----a-w- C:\ProgramData\1403200139.bdinstall.bin
2014-06-19 17:47:17 191312 ----a-w- C:\ProgramData\1403199917.bdinstall.bin
2014-06-19 11:26:42 32605 ----a-w- C:\ProgramData\1403177177.bdinstall.bin
2014-06-19 11:24:16 50000 ----a-w- C:\ProgramData\1403177018.bdinstall.bin
2014-06-17 23:27:37 1440256 ----a-w- C:\windows\SysWow64\osk.exe
2014-06-17 23:24:48 1557504 ----a-w- C:\windows\System32\osk.exe
2014-06-13 01:57:00 1453400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2014-06-13 01:55:08 199680 ----a-w- C:\windows\System32\cdd.dll
2014-06-12 15:23:08 359128 ----a-w- C:\windows\SysWow64\vmnetdhcp.exe
2014-06-12 15:23:04 64728 ----a-w- C:\windows\System32\drivers\vmx86.sys
2014-06-12 15:22:50 31448 ----a-w- C:\windows\System32\drivers\vmnetuserif.sys
2014-06-12 15:22:40 437976 ----a-w- C:\windows\SysWow64\vmnat.exe
2014-06-12 15:22:32 931032 ----a-w- C:\windows\System32\vnetlib64.dll
2014-06-12 15:22:02 80464 ----a-w- C:\windows\System32\vmnetbridge.dll
2014-06-12 15:22:02 49232 ----a-w- C:\windows\System32\vnetinst.dll
2014-06-12 15:22:02 46160 ----a-w- C:\windows\System32\drivers\vmnetbridge.sys
2014-06-12 15:22:02 24656 ----a-w- C:\windows\System32\drivers\vmnet.sys
2014-06-12 15:22:02 20560 ----a-w- C:\windows\System32\drivers\vmnetadapter.sys
2014-06-12 15:21:58 33496 ----a-w- C:\windows\System32\drivers\VMkbd.sys
2014-06-12 12:33:28 79064 ----a-w- C:\windows\System32\drivers\ccsw.sys
2014-06-11 04:18:14 4038144 ----a-w- C:\windows\System32\win32k.sys
2014-06-06 14:06:38 596480 ----a-w- C:\windows\System32\qedit.dll
2014-06-06 10:17:56 497152 ----a-w- C:\windows\SysWow64\qedit.dll
2014-06-05 17:56:51 112984 ----a-w- C:\windows\System32\consent.exe
2014-06-05 17:30:38 10116608 ----a-w- C:\windows\System32\twinui.dll
2014-06-05 17:29:42 393216 ----a-w- C:\windows\System32\msihnd.dll
2014-06-05 17:29:42 2885632 ----a-w- C:\windows\System32\msi.dll
2014-06-05 17:28:30 2306560 ----a-w- C:\windows\System32\authui.dll
2014-06-05 17:28:25 2146304 ----a-w- C:\windows\System32\actxprxy.dll
2014-06-05 13:12:09 8857600 ----a-w- C:\windows\SysWow64\twinui.dll
2014-06-05 13:11:28 295424 ----a-w- C:\windows\SysWow64\msihnd.dll
2014-06-05 13:11:27 2416128 ----a-w- C:\windows\SysWow64\msi.dll
2014-06-05 13:10:41 2037760 ----a-w- C:\windows\SysWow64\authui.dll
2014-06-05 13:10:36 754176 ----a-w- C:\windows\SysWow64\actxprxy.dll
2014-06-04 19:38:33 203297 ----a-w- C:\ProgramData\1401910625.bdinstall.bin
2014-06-04 19:35:01 46467 ----a-w- C:\ProgramData\1401910463.bdinstall.bin
2014-06-04 19:28:18 45323 ----a-w- C:\ProgramData\1401910053.bdinstall.bin
2014-06-04 12:17:14 34080 ----a-w- C:\windows\System32\SmartDefragBootTime.exe
2014-06-04 12:17:12 128288 ----a-w- C:\windows\System32\IObitSmartDefragExtension.dll
2014-06-02 22:33:45 265216 ----a-w- C:\windows\System32\InkEd.dll
2014-05-29 23:31:26 452608 ----a-w- C:\windows\SysWow64\SHCore.dll
2014-05-29 23:03:04 588288 ----a-w- C:\windows\System32\SHCore.dll
2014-05-29 23:02:28 439808 ----a-w- C:\windows\System32\lsm.dll
2014-05-29 23:02:27 1281536 ----a-w- C:\windows\System32\lsasrv.dll
2014-05-29 22:24:46 576512 ----a-w- C:\windows\System32\drivers\afd.sys
2014-05-19 23:45:49 86528 ----a-w- C:\windows\SysWow64\wudriver.dll
2014-05-19 23:24:17 253440 ----a-w- C:\windows\System32\WUSettingsProvider.dll
2014-05-19 23:24:17 1623040 ----a-w- C:\windows\System32\wucltux.dll
2014-05-19 23:24:17 100352 ----a-w- C:\windows\System32\wudriver.dll
2014-05-19 23:24:09 176640 ----a-w- C:\windows\System32\storewuauth.dll
2013-02-18 15:46:26 4216840 ----a-w- C:\Program Files (x86)\Common Files\vcredist_2008_sp1_x86.exe
.
============= FINISH: 22:02:55.08 ===============
 
If attach.txt is needed tell me to attach it and please if it is easy explain how to attach it.
Thanks.


#10 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 18 August 2014 - 01:06 PM

Also i have run RKill and it doesn't find something malicious to terminate.

Thanks.



#11 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 22 August 2014 - 05:40 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#12 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 22 August 2014 - 05:45 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#13 Guest_ArisMFighter_*

Guest_ArisMFighter_*

  • Guests
  • OFFLINE
  •  

Posted 23 August 2014 - 06:11 AM

Why???

I  have done everything the bot said and i was waiting for someone to help and instead of this the bot will close the topic..what's going on??


Edited by ArisMFighter, 23 August 2014 - 06:17 AM.


#14 nasdaq

nasdaq

  • Malware Response Team
  • 40,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada

Posted 23 August 2014 - 08:10 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the  Scan  button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  •  
    IMPORTANT
     
    • If you click the Clean button all items listed in the report will be removed.
     
    If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
     
    • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the  Scan  button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
  • ===
     
    Download the  version of this tool for your operating system.
    and save it to a folder on your computer's Desktop.
    Double-click to run it. When the tool opens click Yes to disclaimer.
    Press Scan button.
    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
    ===
     
    Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
    To attach a file select the "More Reply Option" and follow the instructions.
     
    How is the computer running?
    Wait for further instructions.


    #15 Guest_ArisMFighter_*

    Guest_ArisMFighter_*

    • Guests
    • OFFLINE
    •  

    Posted 23 August 2014 - 03:10 PM

    Hello nasqad.I ran AdwCleaner.I select the "clean" option and AdwCleaner tried to reboot my computer,but  there was a problem during the reboot and i rebooted manually but no problem because AdwCleaner showed the report when i booted my computer.I hope it isn't a problem that i ran the old version AdwCleaner.

     

                                                    AdwCleaner Report

    ________________________________________________________________________________________________________________________________

    # AdwCleaner v3.216 - Report created 23/08/2014 at 22:49:52
    # Updated 17/07/2014 by Xplode
    # Operating System : Windows 8  (64 bits)
    # Username : Αριστειδης - LENOVOS500ARISG
    # Running from : C:\Xplode\adwcleaner_3.216.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
     
    ***** [ Files / Folders ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v10.0.9200.17054
     
     
    -\\ Mozilla Firefox v31.0 (x86 en-US)
     
    [ File : C:\Users\Αριστειδης\AppData\Roaming\Mozilla\Firefox\Profiles\dd9m7lve.default\prefs.js ]
     
     
    [ File : C:\Users\Αριστειδης\AppData\Roaming\Mozilla\Firefox\Profiles\mo4mv8pn.default\prefs.js ]
     
     
    -\\ Google Chrome v36.0.1985.143
     
    [ File : C:\Users\Αριστειδης\AppData\Local\Google\Chrome\User Data\Default\preferences ]
     
     
    *************************
     
    AdwCleaner[R0].txt - [1089 octets] - [29/07/2014 23:30:31]
    AdwCleaner[R1].txt - [1150 octets] - [30/07/2014 00:39:05]
    AdwCleaner[R2].txt - [1210 octets] - [30/07/2014 23:24:48]
    AdwCleaner[R3].txt - [2138 octets] - [06/08/2014 22:39:15]
    AdwCleaner[R4].txt - [2198 octets] - [06/08/2014 22:51:49]
    AdwCleaner[R5].txt - [1437 octets] - [14/08/2014 22:09:35]
    AdwCleaner[R6].txt - [1473 octets] - [14/08/2014 22:47:56]
    AdwCleaner[R7].txt - [1533 octets] - [14/08/2014 23:11:04]
    AdwCleaner[R8].txt - [312 octets] - [21/08/2014 14:03:40]
    AdwCleaner[R9].txt - [1652 octets] - [23/08/2014 22:45:06]
    AdwCleaner[S0].txt - [2279 octets] - [06/08/2014 22:56:18]
    AdwCleaner[S1].txt - [1455 octets] - [14/08/2014 22:13:59]
    AdwCleaner[S2].txt - [1573 octets] - [23/08/2014 22:49:52]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1633 octets] ##########
    ________________________________________________________________________________________________________________
    My next post is in the page 2.Thanks.

    Edited by ArisMFighter, 23 August 2014 - 03:54 PM.





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users