Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Websearch (Maxwebsearch) infection


  • This topic is locked This topic is locked
48 replies to this topic

#1 Metalbourne

Metalbourne

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 20 August 2014 - 01:22 PM

So my computer has been infected by maxwebsearch.com web search and has slowed down my internet so much and my computer that it's very hard to use. I've tried many things that I've read online and no matter what I do it's always there in the Internet Explorer main page. I've tried running Malwarebytes, Hitmanpro and others and no success. I've tried redirecting it in IE tools and no matter how many times  I try to make google my home page it still comes up. Please help.



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:12 AM

Posted 20 August 2014 - 02:03 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

Edited by deeprybka, 20 August 2014 - 02:03 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 Metalbourne

Metalbourne
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 20 August 2014 - 04:04 PM

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
( ) C:\Windows\System32\dleacoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe -update activex
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-02-17] (Google Inc.)
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-11] (SUPERAntiSpyware)
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...409d6c4515e9\InprocServer32: [Default-shell32] \\?\globalroot\Device\HarddiskVolume3\Users\David Ament\AppData\Local\Temp\spyhiyf\snpnbdt\wow.dll ATTENTION! ====> ZeroAccess?

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/webhp?sourceid=navclient&ie=UTF-8&gws_rd=ssl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {8CA6B4D8-CFDD-4299-8E48-B26304849C4B} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {2CC511B1-595B-4C95-BFDA-C1606900FE57} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US105&p={SearchTerms}
SearchScopes: HKCU - {2F9C8FC2-1C87-4118-A559-E790A2539C51} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {8CA6B4D8-CFDD-4299-8E48-B26304849C4B} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {E85D494E-AA80-4790-A7E8-6CB69FF5925C} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5B54751C-0EDB-4CAE-816C-65BCED3FF819} http://game.heroesandgenerals.com/retox.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll (Anvisoft)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-08-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-08-20]

Chrome:
=======
CHR Extension: (Voyager Slideshow Theme Frame) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-03-12]
CHR Extension: (Docs) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14]
CHR Extension: (Google Drive) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-20]
CHR Extension: (YouTube) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (McAfee Security Scan+) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
CHR Extension: (Google Search) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (SiteAdvisor) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-12-13]
CHR Extension: (Google Wallet) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Gmail) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2014-04-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ASD2Svc; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe [1206504 2014-05-28] (Anvisoft)
S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [232944 2010-04-26] (CyberLink)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [513536 2010-11-20] (Microsoft Corporation) [File not signed]
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1054888 2009-07-01] ( )
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-09] ()
R2 RpcSs; C:\Windows\system32\rpcss.dll [513536 2010-11-20] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 asd2fsm; C:\Windows\System32\DRIVERS\asd2fsm.sys [48656 2014-05-28] (Anvisoft)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-08-20] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-15] (support.com, Inc)
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh664.sys [X]
S1 crhhhrfl; \??\C:\Windows\system32\drivers\crhhhrfl.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 18:13 - 2014-08-20 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-20 17:55 - 2014-08-20 17:55 - 00005350 _____ () C:\Windows\system32\.crusader
2014-08-20 17:52 - 2014-08-20 17:56 - 00042316 _____ () C:\Users\David Ament\Downloads\Addition.txt
2014-08-20 17:46 - 2014-08-20 18:13 - 00020886 _____ () C:\Users\David Ament\Downloads\FRST.txt
2014-08-20 17:45 - 2014-08-20 18:12 - 00000000 ____D () C:\FRST
2014-08-20 17:44 - 2014-08-20 17:44 - 02101760 _____ (Farbar) C:\Users\David Ament\Downloads\FRST64.exe
2014-08-20 17:43 - 2014-08-20 17:43 - 01093632 _____ (Farbar) C:\Users\David Ament\Downloads\FRST.exe
2014-08-20 15:23 - 2014-08-20 18:01 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-08-20 15:23 - 2014-08-20 15:23 - 11188736 _____ (SurfRight B.V.) C:\Users\David Ament\Downloads\HitmanPro_x64.exe
2014-08-19 18:41 - 2014-08-20 17:56 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-18 17:33 - 2014-08-18 17:35 - 00001834 _____ () C:\sc-cleaner.txt
2014-08-18 17:27 - 2014-08-18 17:27 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-18 14:56 - 2014-08-19 18:04 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-18 14:21 - 2014-08-19 08:15 - 00001666 _____ () C:\Users\David Ament\Desktop\Rkill.txt
2014-08-14 03:05 - 2014-08-14 03:06 - 00000000 ____D () C:\695a39784b1e405df55f
2014-08-13 22:36 - 2014-08-13 22:36 - 00019966 _____ () C:\Users\David Ament\Desktop\hs_err_pid8652.log
2014-08-13 14:57 - 2014-08-13 14:57 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-08-13 14:57 - 2014-08-13 14:57 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-08-13 14:57 - 2014-05-28 22:03 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-08-13 14:51 - 2014-08-13 14:51 - 00000215 _____ () C:\Users\David Ament\Desktop\Google.url
2014-08-13 13:04 - 2014-08-20 18:09 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-13 13:04 - 2014-08-20 13:04 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718.job
2014-08-13 13:04 - 2014-08-20 02:00 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492.job
2014-08-13 13:04 - 2014-08-13 13:05 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-13 13:04 - 2014-08-13 13:04 - 00003618 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492
2014-08-13 13:04 - 2014-08-13 13:04 - 00003544 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718
2014-08-13 13:04 - 2014-08-13 13:04 - 00001810 _____ () C:\Users\David Ament\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-13 13:04 - 2014-08-13 13:04 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\SUPERAntiSpyware.com
2014-08-13 13:04 - 2014-08-13 13:04 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-13 12:50 - 2014-08-13 12:50 - 00003180 _____ () C:\Windows\System32\Tasks\{00F7997F-B9FE-421F-A2EF-CC975E889B0A}
2014-08-11 16:27 - 2014-08-20 18:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 16:27 - 2014-08-11 16:27 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-11 16:27 - 2014-08-11 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-11 16:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-11 16:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-11 16:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-11 16:25 - 2014-08-11 16:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-10 15:44 - 2014-08-10 15:44 - 00024334 _____ () C:\Users\David Ament\Desktop\hs_err_pid8364.log
2014-08-10 15:44 - 2014-08-10 15:44 - 00003986 _____ () C:\Windows\System32\Tasks\{BACB8BBC-B3BD-E0A0-1FD8-9FF672EC6E0F}
2014-08-10 15:44 - 2014-08-10 15:44 - 00000000 _____ () C:\Windows\system32\rtttfap.dll
2014-08-10 14:43 - 2014-08-20 18:01 - 00000336 _____ () C:\Windows\setupact.log
2014-08-10 14:43 - 2014-08-10 14:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-10 14:42 - 2014-08-20 18:01 - 00076600 _____ () C:\Windows\PFRO.log
2014-08-07 17:56 - 2014-08-07 17:56 - 00005411 _____ () C:\Users\David Ament\.recently-used.xbel
2014-08-01 13:24 - 2014-08-01 13:24 - 00001158 _____ () C:\Users\David Ament\Desktop\Live PC Help.lnk
2014-08-01 13:21 - 2014-08-11 16:13 - 00003152 _____ () C:\Windows\System32\Tasks\Trojan Remover
2014-08-01 13:21 - 2014-08-01 13:21 - 00000000 ____D () C:\ProgramData\Loaris
2014-08-01 13:18 - 2014-08-01 19:28 - 00019800 _____ () C:\Windows\system32\roboot64.exe
2014-07-31 23:09 - 2014-07-31 23:09 - 00003332 _____ () C:\Windows\System32\Tasks\{ECBAA0EA-27B5-4FB4-BA9A-36BAF601CD5C}
2014-07-31 23:08 - 2014-07-31 23:08 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David Ament\Downloads\SpyHunter-Installer.exe
2014-07-31 22:50 - 2014-07-31 22:50 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-07-31 22:50 - 2014-07-31 22:50 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 18:13 - 2014-08-20 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-20 18:13 - 2014-08-20 17:46 - 00020886 _____ () C:\Users\David Ament\Downloads\FRST.txt
2014-08-20 18:13 - 2012-08-20 09:13 - 00001846 _____ () C:\Users\Public\Desktop\McAfee Security Center.lnk
2014-08-20 18:12 - 2014-08-20 17:45 - 00000000 ____D () C:\FRST
2014-08-20 18:09 - 2014-08-13 13:04 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-20 18:09 - 2014-03-15 19:31 - 01233126 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 18:09 - 2011-02-07 17:11 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-08-20 18:09 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 18:09 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-20 18:08 - 2014-08-11 16:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 18:08 - 2011-02-17 23:03 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-20 18:08 - 2011-02-07 17:34 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-08-20 18:08 - 2011-02-07 17:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-08-20 18:01 - 2014-08-20 15:23 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-08-20 18:01 - 2014-08-10 14:43 - 00000336 _____ () C:\Windows\setupact.log
2014-08-20 18:01 - 2014-08-10 14:42 - 00076600 _____ () C:\Windows\PFRO.log
2014-08-20 18:01 - 2012-08-20 09:12 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-08-20 18:01 - 2012-04-12 11:18 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-20 18:01 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-20 17:56 - 2014-08-20 17:52 - 00042316 _____ () C:\Users\David Ament\Downloads\Addition.txt
2014-08-20 17:56 - 2014-08-19 18:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-20 17:55 - 2014-08-20 17:55 - 00005350 _____ () C:\Windows\system32\.crusader
2014-08-20 17:55 - 2011-02-17 23:03 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-20 17:44 - 2014-08-20 17:44 - 02101760 _____ (Farbar) C:\Users\David Ament\Downloads\FRST64.exe
2014-08-20 17:43 - 2014-08-20 17:43 - 01093632 _____ (Farbar) C:\Users\David Ament\Downloads\FRST.exe
2014-08-20 17:34 - 2014-03-13 21:00 - 00000069 _____ () C:\Windows\system32\sjlon.fnz
2014-08-20 17:01 - 2012-06-02 12:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 15:23 - 2014-08-20 15:23 - 11188736 _____ (SurfRight B.V.) C:\Users\David Ament\Downloads\HitmanPro_x64.exe
2014-08-20 15:20 - 2011-02-15 18:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-20 13:04 - 2014-08-13 13:04 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718.job
2014-08-20 02:00 - 2014-08-13 13:04 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492.job
2014-08-20 01:27 - 2011-11-17 21:36 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F8226E66-0565-4BAB-9684-01BE1185E237}
2014-08-19 19:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-19 19:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-19 19:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-08-19 18:11 - 2011-02-15 18:18 - 00000000 ____D () C:\Users\David Ament
2014-08-19 18:04 - 2014-08-18 14:56 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-19 08:15 - 2014-08-18 14:21 - 00001666 _____ () C:\Users\David Ament\Desktop\Rkill.txt
2014-08-18 17:35 - 2014-08-18 17:33 - 00001834 _____ () C:\sc-cleaner.txt
2014-08-18 17:27 - 2014-08-18 17:27 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-14 03:06 - 2014-08-14 03:05 - 00000000 ____D () C:\695a39784b1e405df55f
2014-08-14 03:06 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:05 - 2013-05-29 15:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 22:57 - 2013-12-14 19:50 - 00002563 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-13 22:36 - 2014-08-13 22:36 - 00019966 _____ () C:\Users\David Ament\Desktop\hs_err_pid8652.log
2014-08-13 18:31 - 2012-02-19 22:42 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\SoftGrid Client
2014-08-13 15:30 - 2012-06-28 15:32 - 00159709 _____ () C:\Users\David Ament\Documents\Suze_Guest_Worksheet_v22.xlsx
2014-08-13 14:57 - 2014-08-13 14:57 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-08-13 14:57 - 2014-08-13 14:57 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-08-13 14:51 - 2014-08-13 14:51 - 00000215 _____ () C:\Users\David Ament\Desktop\Google.url
2014-08-13 13:05 - 2014-08-13 13:04 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-13 13:04 - 2014-08-13 13:04 - 00003618 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492
2014-08-13 13:04 - 2014-08-13 13:04 - 00003544 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718
2014-08-13 13:04 - 2014-08-13 13:04 - 00001810 _____ () C:\Users\David Ament\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-13 13:04 - 2014-08-13 13:04 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\SUPERAntiSpyware.com
2014-08-13 13:04 - 2014-08-13 13:04 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-13 12:50 - 2014-08-13 12:50 - 00003180 _____ () C:\Windows\System32\Tasks\{00F7997F-B9FE-421F-A2EF-CC975E889B0A}
2014-08-13 12:47 - 2014-03-15 06:32 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-08-13 02:26 - 2011-02-15 18:19 - 00074856 _____ () C:\Users\David Ament\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-11 16:27 - 2014-08-11 16:27 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-11 16:27 - 2014-08-11 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-11 16:27 - 2014-08-11 16:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-11 16:13 - 2014-08-01 13:21 - 00003152 _____ () C:\Windows\System32\Tasks\Trojan Remover
2014-08-10 15:44 - 2014-08-10 15:44 - 00024334 _____ () C:\Users\David Ament\Desktop\hs_err_pid8364.log
2014-08-10 15:44 - 2014-08-10 15:44 - 00003986 _____ () C:\Windows\System32\Tasks\{BACB8BBC-B3BD-E0A0-1FD8-9FF672EC6E0F}
2014-08-10 15:44 - 2014-08-10 15:44 - 00000000 _____ () C:\Windows\system32\rtttfap.dll
2014-08-10 15:44 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-10 14:43 - 2014-08-10 14:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-10 13:15 - 2014-01-15 14:35 - 00000000 ____D () C:\Users\David Ament\AppData\Local\Windows Live
2014-08-07 17:57 - 2013-08-09 17:47 - 00000000 ____D () C:\ProgramData\WarThunder
2014-08-07 17:57 - 2011-02-15 22:34 - 00000000 ____D () C:\Users\David Ament\.gimp-2.6
2014-08-07 17:56 - 2014-08-07 17:56 - 00005411 _____ () C:\Users\David Ament\.recently-used.xbel
2014-08-07 17:56 - 2011-02-22 22:15 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\gtk-2.0
2014-08-07 08:57 - 2013-08-09 17:47 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-08-01 19:28 - 2014-08-01 13:18 - 00019800 _____ () C:\Windows\system32\roboot64.exe
2014-08-01 13:24 - 2014-08-01 13:24 - 00001158 _____ () C:\Users\David Ament\Desktop\Live PC Help.lnk
2014-08-01 13:21 - 2014-08-01 13:21 - 00000000 ____D () C:\ProgramData\Loaris
2014-08-01 13:12 - 2013-03-13 22:58 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-01 13:12 - 2013-03-13 22:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-31 23:43 - 2011-04-30 09:39 - 00000000 ____D () C:\Users\David Ament\AppData\Local\ArmA 2 OA
2014-07-31 23:09 - 2014-07-31 23:09 - 00003332 _____ () C:\Windows\System32\Tasks\{ECBAA0EA-27B5-4FB4-BA9A-36BAF601CD5C}
2014-07-31 23:08 - 2014-07-31 23:08 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David Ament\Downloads\SpyHunter-Installer.exe
2014-07-31 22:50 - 2014-07-31 22:50 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-07-31 22:50 - 2014-07-31 22:50 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-07-31 22:46 - 2011-12-07 14:26 - 00000000 ____D () C:\Users\David Ament\AppData\Local\Deployment
2014-07-25 00:24 - 2012-08-20 09:12 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-07-24 22:45 - 2013-06-26 10:48 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\Malwarebytes
2014-07-24 22:45 - 2013-06-26 10:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 22:45 - 2013-06-26 10:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-24 18:39 - 2011-04-26 19:47 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\TS3Client
2014-07-24 14:57 - 2013-07-24 21:39 - 00000000 ____D () C:\Program Files (x86)\Heroes & Generals

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll
[2011-06-27 17:47] - [2010-11-20 09:27] - 0513536 ____N (Microsoft Corporation) FE4D00D545027A5ABFA62E098145E3D0

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-17 02:00

==================== End Of Log ============================



#4 Metalbourne

Metalbourne
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 20 August 2014 - 04:05 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by David Ament at 2014-08-20 18:15:11
Running from C:\Users\David Ament\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AceFTP 3 Freeware (HKLM-x32\...\AceFTP 3 Freeware) (Version: 3.80.3 - )
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
applicationupdater (HKCU\...\SOE-C:/Users/David Ament/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
ARMA 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
ATI Catalyst Install Manager (HKLM\...\{AE57C044-8912-A181-A0E4-BC2DAB3A092A}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}) (Version: 2.3.0.0 - ATI Technologies Inc.)
Battlefield 2 (HKLM-x32\...\Steam App 24860) (Version:  - DICE)
Battleground Europe (HKLM-x32\...\Battleground Europe) (Version:  - Playnet Inc.)
BattlEye for Iron Front Uninstall (HKLM-x32\...\BattlEye for Iron Front) (Version:  - )
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blitzkrieg Mod (HKLM-x32\...\Blitzkrieg) (Version: 4.00 - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0113.2208.39662 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help English (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help English (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help French (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help German (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
ccc-utility64 (Version: 2010.0113.2208.39662 - ATI) Hidden
ccc-utility64 (Version: 2011.0126.1749.31909 - ATI) Hidden
CoffeeCup HTML Editor (HKCU\...\CoffeeCup HTML Editor) (Version:  - )
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - )
Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version:  - Relic)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.0.2829 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.0.2829 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darkest Hour Dedicated Server (HKLM-x32\...\Steam App 1290) (Version:  - )
Darkest Hour: Europe '44-'45 (HKLM-x32\...\Steam App 1280) (Version:  - Darkest Hour Team)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3E8A1ADF-B72C-47FE-85F6-F7A73C487F6C}) (Version: 1.3.31.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.19 - ArcSoft)
Dell Stage (HKLM-x32\...\{C9815885-6775-46D8-8B67-30214ECF83C3}) (Version: 1.3.37.0 - Fingertapps)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.0.1011 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.0.1011 - CyberLink Corp.) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DVD Catalyst 4.2.5.4 (HKLM-x32\...\DVD Catalyst) (Version: 4.2.5.4 - Tools4Movies)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
gamelauncher-ps2-live (HKCU\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2) (Version:  - Sony Online Entertainment)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
iMapBuilder Interactive Flash Map Builder v5.25 (Developer Vers (HKLM-x32\...\imapbuilder_webunion_is1) (Version:  - WebUnion Media Ltd.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
Iron Front : Liberation 1944 (HKLM-x32\...\Steam App 91330) (Version:  - )
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}) (Version: 10.6.0.40 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.260 - Oracle)
Java™ 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Learning Lodge Navigator (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
MechWarrior Online (HKCU\...\{4f004f4a-1930-4b55-83e6-61660211787f}) (Version: 1.1.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.1.1.0 - Piranha Games Inc.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MWO Public Test (HKLM-x32\...\{e00527d4-bc61-4940-b47c-346c42bab462}) (Version: 1.4.2.0 - Piranha Games Inc.)
MWO Public Test (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
NASCAR The Game: 2013 (HKLM-x32\...\Steam App 225220) (Version:  - Eutechnyx)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
PDF Creator (HKLM\...\PDF Creator) (Version:  - )
PhotoShowExpress (x32 Version: 2.0.028 - Sonic Solutions) Hidden
PlanetSide 2 (HKCU\...\soe-PlanetSide 2) (Version: 1.0.3.181 - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - )
RaceRoom The Game 2 (HKLM-x32\...\RaceRoom The Game 2_is1) (Version:  - SimBin)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6050 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire)
Red Orchestra 2: Heroes of Stalingrad Beta (HKLM-x32\...\Steam App 104320) (Version:  - )
Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version:  - Tripwire Interactive)
RedOrchestra SDK Beta (HKLM-x32\...\Steam App 1220) (Version:  - Tripwire Interactive)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.6 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.311 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skins (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.12 - TeamSpeak Systems GmbH)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.7 - Flagship Industries, Inc.)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
War Thunder Launcher 1.0.1.267 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2013 Gaijin Entertainment Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks v.0.6.7 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813NA}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1747913207-2130401621-3639241008-1001_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> \\?\globalroot\Device\HarddiskVolume3\Users\David Ament\AppData\Local\Temp\spyhiyf\snpnbdt\wow.dll N (the data entry has 6 more characters).

==================== Restore Points  =========================

16-08-2014 07:00:34 Windows Update
17-08-2014 07:00:39 Windows Update
18-08-2014 07:00:44 Windows Update
20-08-2014 00:44:21 Checkpoint by HitmanPro
20-08-2014 07:00:33 Windows Update
20-08-2014 21:45:22 Checkpoint by HitmanPro
20-08-2014 21:53:48 Checkpoint by HitmanPro

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2E9D5FE4-33FA-4F34-9061-3D2ADAD98E70} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager
Task: {2FE0A090-5674-46BD-90A9-6EB870A811C0} - System32\Tasks\Dell Stage Updater => C:\Program Files (x86)\Dell Stage\Dell Stage\StageUpdater.exe [2010-10-29] (Caphyon LTD)
Task: {3AB51723-7C80-4B78-A304-15503536644B} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {59048C68-8D69-4268-8DEE-2199A8A98400} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-05-07] (PC-Doctor, Inc.)
Task: {633A582C-B0AF-48AB-9752-7EDF7CAF54A3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-05-07] (PC-Doctor, Inc.)
Task: {68C85C73-C1EC-478D-827E-D88564494609} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {7DF084D6-6687-4873-A539-F4FD925D24A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17] (Google Inc.)
Task: {85CC39B7-631A-4C7A-AE9A-637CB70B635B} - System32\Tasks\MusicStage Updater => C:\Program Files (x86)\Dell Stage\MusicStage\updater.exe [2010-10-29] (Caphyon LTD)
Task: {97B73BB2-2DB9-49BC-BB87-735B324C3CD1} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe
Task: {ACB5133B-8518-4C60-9C36-472CC579966C} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {B0D95AB5-776E-4571-B026-B69A893267D4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {B9152296-E4F0-4A1D-B946-182307E32772} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D22B6C02-37F9-4469-9678-CAB6924C73DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-17] (Google Inc.)
Task: {D8E8D8BC-35B7-475A-AE86-62C84D379217} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {DB01573A-18D8-4BDC-9FF2-398AE2F01EA2} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {EB122B12-F36B-4717-B7AB-E3D4175F8DAD} - System32\Tasks\{BACB8BBC-B3BD-E0A0-1FD8-9FF672EC6E0F} => C:\Windows\system32\etohsak.dll/s "C:\Windows\system32\etohsak.dll"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2012-09-12 12:13 - 2011-10-04 22:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2011-05-02 11:14 - 2009-06-19 09:01 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
2011-09-08 22:33 - 2012-09-09 14:32 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-02-07 17:11 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-29 22:04 - 2014-04-29 22:04 - 00088080 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\libglog.dll
2014-05-27 03:02 - 2014-05-27 03:02 - 01039080 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Engine.dll
2014-04-29 22:04 - 2014-04-29 22:04 - 00038928 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\fuzzy.dll
2014-04-29 22:04 - 2014-04-29 22:04 - 00093712 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\zlibwapi.dll
2014-05-27 03:02 - 2014-05-27 03:02 - 00135400 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ExtractImpl.dll
2014-05-27 03:02 - 2014-05-27 03:02 - 00437480 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\InnoExtractDll.dll
2014-05-27 03:02 - 2014-05-27 03:02 - 00030440 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\UnpackImpl.dll
2014-05-27 03:02 - 2014-05-27 03:02 - 00259816 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\pyunpacker.dll
2014-05-27 03:02 - 2014-05-27 03:02 - 00041704 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\fsmlib.dll
2014-05-27 03:02 - 2014-05-27 03:02 - 00500968 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\http_hook.dll
2014-04-29 21:27 - 2014-04-29 21:27 - 00649744 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
2014-02-12 04:36 - 2014-02-12 04:36 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2011-02-07 17:06 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000364,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000189ED80.72).  hr = 0x80070005, Access is denied.
.

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000b20,(null),0,REG_BINARY,000000000DBCDEC0.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {53474a66-d75a-46ad-aacc-cd1fa4ebca4c}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000b20,(null),0,REG_BINARY,000000000DBCDEC0.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {53474a66-d75a-46ad-aacc-cd1fa4ebca4c}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000314,(null),0,REG_BINARY,0000000004DEE410.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ca1b644f-42f3-4fa8-9a0b-88ed865cc0a1}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000a14,(null),0,REG_BINARY,000000000436DF40.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {b35f9508-a82d-4447-bdc8-12209d4d79b7}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001c0,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,00000000021FEED0.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Name: Registry Writer
   Writer Instance ID: {f2d8e569-3fab-46b8-910b-7f2fcfd6e258}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001fc,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,0000000002D1E950.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {a31396a6-c959-4b53-b346-ff4aeb69417b}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000314,(null),0,REG_BINARY,0000000004DEE410.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ca1b644f-42f3-4fa8-9a0b-88ed865cc0a1}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000a14,(null),0,REG_BINARY,000000000436DF40.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {b35f9508-a82d-4447-bdc8-12209d4d79b7}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001cc,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,0000000002FBF4A0.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {d4119080-d675-4bf9-b345-93c8e70d79c8}

System errors:
=============
Error: (08/20/2014 06:09:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (08/20/2014 06:02:13 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (08/20/2014 06:02:12 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (08/20/2014 06:02:12 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (08/20/2014 06:02:06 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (08/20/2014 06:02:05 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (08/20/2014 06:01:21 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (08/20/2014 06:01:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0.

Error: (08/20/2014 06:00:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfevtp service.

Error: (08/20/2014 05:59:39 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Microsoft Office Sessions:
=========================
Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000364,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000189ED80.72)0x80070005, Access is denied.

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000b20,(null),0,REG_BINARY,000000000DBCDEC0.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {53474a66-d75a-46ad-aacc-cd1fa4ebca4c}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000b20,(null),0,REG_BINARY,000000000DBCDEC0.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {53474a66-d75a-46ad-aacc-cd1fa4ebca4c}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000314,(null),0,REG_BINARY,0000000004DEE410.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ca1b644f-42f3-4fa8-9a0b-88ed865cc0a1}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000a14,(null),0,REG_BINARY,000000000436DF40.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {b35f9508-a82d-4447-bdc8-12209d4d79b7}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001c0,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,00000000021FEED0.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Name: Registry Writer
   Writer Instance ID: {f2d8e569-3fab-46b8-910b-7f2fcfd6e258}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001fc,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,0000000002D1E950.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {a31396a6-c959-4b53-b346-ff4aeb69417b}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000314,(null),0,REG_BINARY,0000000004DEE410.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ca1b644f-42f3-4fa8-9a0b-88ed865cc0a1}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000a14,(null),0,REG_BINARY,000000000436DF40.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {b35f9508-a82d-4447-bdc8-12209d4d79b7}

Error: (08/20/2014 05:57:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001cc,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,0000000002FBF4A0.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {d4119080-d675-4bf9-b345-93c8e70d79c8}

CodeIntegrity Errors:
===================================
  Date: 2013-07-24 14:35:07.505
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:07.372
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:07.246
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:07.121
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:05.686
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:05.563
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:05.439
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:05.316
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:03.308
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-24 14:35:03.184
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\DAVIDA~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 930 @ 2.80GHz
Percentage of memory in use: 30%
Total physical RAM: 9206.93 MB
Available physical RAM: 6373.16 MB
Total Pagefile: 23014.11 MB
Available Pagefile: 20247.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1384.96 GB) (Free:930.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 77E3ED41)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1385 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=10 MB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 4

==================== End Of Log ============================

 



#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:12 AM

Posted 21 August 2014 - 03:38 PM

Hi,

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

......

 

please post the complete log file (FRST.txt, including the header lines). :) Thank you!


Edited by deeprybka, 21 August 2014 - 03:39 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 Metalbourne

Metalbourne
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 21 August 2014 - 05:32 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by David Ament (administrator) on DAVIDAMENT-PC on 21-08-2014 17:56:42
Running from C:\Users\David Ament\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe
( ) C:\Windows\System32\dleacoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe -update activex
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-02-17] (Google Inc.)
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-11] (SUPERAntiSpyware)
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe -runBRS
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1747913207-2130401621-3639241008-1001\...409d6c4515e9\InprocServer32: [Default-shell32] \\?\globalroot\Device\HarddiskVolume3\Users\David Ament\AppData\Local\Temp\spyhiyf\snpnbdt\wow.dll ATTENTION! ====> ZeroAccess?

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {8CA6B4D8-CFDD-4299-8E48-B26304849C4B} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_34_ie&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBtA0Azy0FyCtAyBtC0EtAtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtCyEtCzy0BtCtGzz0AyBtDtGyB0A0DyDtGzzyC0F0CtGtAyEzyyEyBtCtCzz0B0B0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0Dzz0F0E0DzzyCtG0A0CtCtAtGyE0D0AtAtG0A0BtD0EtGtD0Dzz0CyDzytDyC0E0EyEtC2Q&cr=934991670&ir=
SearchScopes: HKCU - {2CC511B1-595B-4C95-BFDA-C1606900FE57} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US105&p={SearchTerms}
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {2F9C8FC2-1C87-4118-A559-E790A2539C51} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {8CA6B4D8-CFDD-4299-8E48-B26304849C4B} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_34_ie&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBtA0Azy0FyCtAyBtC0EtAtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtCyEtCzy0BtCtGzz0AyBtDtGyB0A0DyDtGzzyC0F0CtGtAyEzyyEyBtCtCzz0B0B0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0Dzz0F0E0DzzyCtG0A0CtCtAtGyE0D0AtAtG0A0BtD0EtGtD0Dzz0CyDzytDyC0E0EyEtC2Q&cr=934991670&ir=
SearchScopes: HKCU - {E85D494E-AA80-4790-A7E8-6CB69FF5925C} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5B54751C-0EDB-4CAE-816C-65BCED3FF819} http://game.heroesandgenerals.com/retox.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll (Reto-Moto ApS)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll (Anvisoft)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-08-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-08-20]

Chrome:
=======
CHR HomePage: hxxp://astromenda.com/?f=1&a=ast_ir_14_34_ie&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBtA0Azy0FyCtAyBtC0EtAtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtCyEtCzy0BtCtGzz0AyBtDtGyB0A0DyDtGzzyC0F0CtGtAyEzyyEyBtCtCzz0B0B0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0Dzz0F0E0DzzyCtG0A0CtCtAtGyE0D0AtAtG0A0BtD0EtGtD0Dzz0CyDzytDyC0E0EyEtC2Q&cr=934991670&ir=
CHR StartupUrls: "hxxp://astromenda.com/?f=7&a=ast_ir_14_34_ie&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtBtA0Azy0FyCtAyBtC0EtAtN0D0Tzu0SzyyCyEtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0EtCyEtCzy0BtCtGzz0AyBtDtGyB0A0DyDtGzzyC0F0CtGtAyEzyyEyBtCtCzz0B0B0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0Dzz0F0E0DzzyCtG0A0CtCtAtGyE0D0AtAtG0A0BtD0EtGtD0Dzz0CyDzytDyC0E0EyEtC2Q&cr=934991670&ir="
CHR DefaultSearchKeyword: mcafee
CHR DefaultSearchProvider: McAfee
CHR DefaultSearchURL: https://search.yahoo.com/search?fr=mcafee&type=A211US105&p={searchTerms}
CHR Extension: (Voyager Slideshow Theme Frame) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-03-12]
CHR Extension: (Docs) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14]
CHR Extension: (Google Drive) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-20]
CHR Extension: (YouTube) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14]
CHR Extension: (McAfee Security Scan+) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
CHR Extension: (Google Search) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14]
CHR Extension: (SiteAdvisor) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-12-13]
CHR Extension: (Google Wallet) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Gmail) - C:\Users\David Ament\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2014-04-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ASD2Svc; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe [1206504 2014-05-28] (Anvisoft)
S2 CLKMSVC10_9EC60124; c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [232944 2010-04-26] (CyberLink)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [513536 2010-11-20] (Microsoft Corporation) [File not signed]
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1054888 2009-07-01] ( )
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-06-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-09] ()
R2 RpcSs; C:\Windows\system32\rpcss.dll [513536 2010-11-20] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 asd2fsm; C:\Windows\System32\DRIVERS\asd2fsm.sys [48656 2014-05-28] (Anvisoft)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-08-20] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-06-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-15] (support.com, Inc)
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh664.sys [X]
S1 crhhhrfl; \??\C:\Windows\system32\drivers\crhhhrfl.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 17:51 - 2014-08-21 17:51 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 17:50 - 2014-08-21 17:50 - 00000000 ____D () C:\Users\David Ament\AppData\Local\StormFall
2014-08-21 17:50 - 2014-08-21 17:50 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-21 17:49 - 2014-08-21 17:48 - 00007267 _____ () C:\Users\David Ament\Downloads\grand-theft-auto-online [1].exe
2014-08-21 17:48 - 2014-08-21 17:48 - 00739872 _____ ( ) C:\Users\David Ament\Downloads\grand-theft-auto-online.exe
2014-08-21 16:18 - 2014-08-21 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-21 11:06 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-21 11:06 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-21 11:06 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-21 11:06 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-21 11:06 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-21 11:06 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-21 11:06 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-21 11:06 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-21 11:06 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-21 11:06 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-21 11:06 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-21 11:06 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-21 11:06 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-21 11:06 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-21 11:06 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-21 11:06 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-21 11:06 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-21 11:06 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-21 11:06 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-21 11:06 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-21 11:06 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-21 11:06 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-21 11:06 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-21 11:06 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-21 11:06 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-21 11:06 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-21 11:06 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-21 11:06 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-21 11:06 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-21 11:06 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-21 11:06 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-21 11:06 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-21 11:06 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-21 11:06 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-21 11:06 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-21 11:06 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-21 11:06 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-21 11:06 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-21 11:06 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-21 11:06 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-21 11:06 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-21 11:06 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-21 11:06 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-21 11:06 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-21 11:06 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-21 11:06 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-21 11:06 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-21 11:06 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-21 11:06 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-21 11:06 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-21 11:06 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-21 11:06 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-21 11:06 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-21 11:06 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-21 11:06 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-21 11:06 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-21 11:06 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-21 11:06 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-21 11:06 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-21 11:06 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-21 11:06 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-21 11:06 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-21 11:06 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-21 11:06 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-21 11:06 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-21 11:06 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-21 11:06 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-21 11:06 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-21 11:04 - 2014-08-06 22:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-21 11:04 - 2014-08-06 22:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-21 11:04 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-21 11:04 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-21 03:02 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-21 03:02 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-21 03:02 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-21 03:02 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-21 03:02 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-21 03:02 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-21 03:01 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-21 03:01 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-20 17:55 - 2014-08-20 17:55 - 00005350 _____ () C:\Windows\system32\.crusader
2014-08-20 17:52 - 2014-08-20 18:16 - 00044999 _____ () C:\Users\David Ament\Downloads\Addition.txt
2014-08-20 17:46 - 2014-08-21 17:57 - 00023684 _____ () C:\Users\David Ament\Downloads\FRST.txt
2014-08-20 17:45 - 2014-08-21 17:56 - 00000000 ____D () C:\FRST
2014-08-20 17:44 - 2014-08-20 17:44 - 02101760 _____ (Farbar) C:\Users\David Ament\Downloads\FRST64.exe
2014-08-20 17:43 - 2014-08-20 17:43 - 01093632 _____ (Farbar) C:\Users\David Ament\Downloads\FRST.exe
2014-08-20 15:23 - 2014-08-20 18:01 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-08-20 15:23 - 2014-08-20 15:23 - 11188736 _____ (SurfRight B.V.) C:\Users\David Ament\Downloads\HitmanPro_x64.exe
2014-08-19 18:41 - 2014-08-20 17:56 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-18 17:33 - 2014-08-18 17:35 - 00001834 _____ () C:\sc-cleaner.txt
2014-08-18 17:27 - 2014-08-18 17:27 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-18 14:56 - 2014-08-19 18:04 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-18 14:21 - 2014-08-19 08:15 - 00001666 _____ () C:\Users\David Ament\Desktop\Rkill.txt
2014-08-14 03:05 - 2014-08-14 03:06 - 00000000 ____D () C:\695a39784b1e405df55f
2014-08-13 14:57 - 2014-08-13 14:57 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-08-13 14:57 - 2014-08-13 14:57 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-08-13 14:57 - 2014-05-28 22:03 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-08-13 14:51 - 2014-08-13 14:51 - 00000215 _____ () C:\Users\David Ament\Desktop\Google.url
2014-08-13 13:04 - 2014-08-21 16:44 - 00001854 _____ () C:\Users\David Ament\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-13 13:04 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-13 13:04 - 2014-08-21 05:04 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718.job
2014-08-13 13:04 - 2014-08-21 02:01 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492.job
2014-08-13 13:04 - 2014-08-13 13:05 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-13 13:04 - 2014-08-13 13:04 - 00003618 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492
2014-08-13 13:04 - 2014-08-13 13:04 - 00003544 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718
2014-08-13 13:04 - 2014-08-13 13:04 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\SUPERAntiSpyware.com
2014-08-13 13:04 - 2014-08-13 13:04 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-13 12:50 - 2014-08-13 12:50 - 00003180 _____ () C:\Windows\System32\Tasks\{00F7997F-B9FE-421F-A2EF-CC975E889B0A}
2014-08-11 16:27 - 2014-08-21 16:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 16:27 - 2014-08-11 16:27 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-11 16:27 - 2014-08-11 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-11 16:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-11 16:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-11 16:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-11 16:25 - 2014-08-11 16:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-10 15:44 - 2014-08-10 15:44 - 00024334 _____ () C:\Users\David Ament\Desktop\hs_err_pid8364.log
2014-08-10 15:44 - 2014-08-10 15:44 - 00003986 _____ () C:\Windows\System32\Tasks\{BACB8BBC-B3BD-E0A0-1FD8-9FF672EC6E0F}
2014-08-10 15:44 - 2014-08-10 15:44 - 00000000 _____ () C:\Windows\system32\rtttfap.dll
2014-08-10 14:43 - 2014-08-21 16:04 - 00000448 _____ () C:\Windows\setupact.log
2014-08-10 14:43 - 2014-08-10 14:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-10 14:42 - 2014-08-20 18:01 - 00076600 _____ () C:\Windows\PFRO.log
2014-08-07 17:56 - 2014-08-07 17:56 - 00005411 _____ () C:\Users\David Ament\.recently-used.xbel
2014-08-01 13:24 - 2014-08-01 13:24 - 00001158 _____ () C:\Users\David Ament\Desktop\Live PC Help.lnk
2014-08-01 13:21 - 2014-08-11 16:13 - 00003152 _____ () C:\Windows\System32\Tasks\Trojan Remover
2014-08-01 13:21 - 2014-08-01 13:21 - 00000000 ____D () C:\ProgramData\Loaris
2014-08-01 13:18 - 2014-08-01 19:28 - 00019800 _____ () C:\Windows\system32\roboot64.exe
2014-07-31 23:09 - 2014-07-31 23:09 - 00003332 _____ () C:\Windows\System32\Tasks\{ECBAA0EA-27B5-4FB4-BA9A-36BAF601CD5C}
2014-07-31 23:08 - 2014-07-31 23:08 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David Ament\Downloads\SpyHunter-Installer.exe
2014-07-31 22:50 - 2014-07-31 22:50 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-07-31 22:50 - 2014-07-31 22:50 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 18:34 - 2011-11-17 21:36 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F8226E66-0565-4BAB-9684-01BE1185E237}
2014-08-21 18:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-21 18:16 - 2014-03-15 19:31 - 01586764 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 17:57 - 2014-08-20 17:46 - 00023684 _____ () C:\Users\David Ament\Downloads\FRST.txt
2014-08-21 17:56 - 2014-08-20 17:45 - 00000000 ____D () C:\FRST
2014-08-21 17:55 - 2011-02-17 23:03 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 17:51 - 2014-08-21 17:51 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 17:50 - 2014-08-21 17:50 - 00000000 ____D () C:\Users\David Ament\AppData\Local\StormFall
2014-08-21 17:50 - 2014-08-21 17:50 - 00000000 ____D () C:\Program Files (x86)\WSE_Astromenda
2014-08-21 17:48 - 2014-08-21 17:49 - 00007267 _____ () C:\Users\David Ament\Downloads\grand-theft-auto-online [1].exe
2014-08-21 17:48 - 2014-08-21 17:48 - 00739872 _____ ( ) C:\Users\David Ament\Downloads\grand-theft-auto-online.exe
2014-08-21 17:39 - 2011-02-15 18:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-21 17:01 - 2012-06-02 12:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 16:50 - 2014-08-11 16:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 16:44 - 2014-08-13 13:04 - 00001854 _____ () C:\Users\David Ament\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-21 16:26 - 2013-08-09 17:47 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-08-21 16:18 - 2014-08-21 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-08-21 16:18 - 2012-08-20 09:13 - 00001846 _____ () C:\Users\Public\Desktop\McAfee Security Center.lnk
2014-08-21 16:11 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 16:11 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 16:10 - 2014-08-13 13:04 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-21 16:10 - 2011-02-07 17:34 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-08-21 16:10 - 2011-02-07 17:34 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-08-21 16:10 - 2011-02-07 17:11 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-08-21 16:09 - 2011-02-17 23:03 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 16:05 - 2012-04-12 11:18 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-21 16:05 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 16:04 - 2014-08-10 14:43 - 00000448 _____ () C:\Windows\setupact.log
2014-08-21 16:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-21 11:29 - 2014-06-02 03:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-21 05:04 - 2014-08-13 13:04 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718.job
2014-08-21 02:01 - 2014-08-13 13:04 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492.job
2014-08-20 18:16 - 2014-08-20 17:52 - 00044999 _____ () C:\Users\David Ament\Downloads\Addition.txt
2014-08-20 18:01 - 2014-08-20 15:23 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-08-20 18:01 - 2014-08-10 14:42 - 00076600 _____ () C:\Windows\PFRO.log
2014-08-20 18:01 - 2012-08-20 09:12 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-08-20 17:56 - 2014-08-19 18:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-20 17:55 - 2014-08-20 17:55 - 00005350 _____ () C:\Windows\system32\.crusader
2014-08-20 17:44 - 2014-08-20 17:44 - 02101760 _____ (Farbar) C:\Users\David Ament\Downloads\FRST64.exe
2014-08-20 17:43 - 2014-08-20 17:43 - 01093632 _____ (Farbar) C:\Users\David Ament\Downloads\FRST.exe
2014-08-20 17:34 - 2014-03-13 21:00 - 00000069 _____ () C:\Windows\system32\sjlon.fnz
2014-08-20 15:23 - 2014-08-20 15:23 - 11188736 _____ (SurfRight B.V.) C:\Users\David Ament\Downloads\HitmanPro_x64.exe
2014-08-19 19:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-19 19:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-08-19 18:11 - 2011-02-15 18:18 - 00000000 ____D () C:\Users\David Ament
2014-08-19 18:04 - 2014-08-18 14:56 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-19 08:15 - 2014-08-18 14:21 - 00001666 _____ () C:\Users\David Ament\Desktop\Rkill.txt
2014-08-18 17:35 - 2014-08-18 17:33 - 00001834 _____ () C:\sc-cleaner.txt
2014-08-18 17:27 - 2014-08-18 17:27 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-14 03:06 - 2014-08-14 03:05 - 00000000 ____D () C:\695a39784b1e405df55f
2014-08-14 03:06 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:05 - 2013-05-29 15:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 22:57 - 2013-12-14 19:50 - 00002563 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-13 18:31 - 2012-02-19 22:42 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\SoftGrid Client
2014-08-13 15:30 - 2012-06-28 15:32 - 00159709 _____ () C:\Users\David Ament\Documents\Suze_Guest_Worksheet_v22.xlsx
2014-08-13 14:57 - 2014-08-13 14:57 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-08-13 14:57 - 2014-08-13 14:57 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-08-13 14:51 - 2014-08-13 14:51 - 00000215 _____ () C:\Users\David Ament\Desktop\Google.url
2014-08-13 13:05 - 2014-08-13 13:04 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-13 13:04 - 2014-08-13 13:04 - 00003618 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1834ea85-b89f-4b52-96e7-6b8c24d53492
2014-08-13 13:04 - 2014-08-13 13:04 - 00003544 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 2dcf47b5-9261-4e26-937b-c3966d0cc718
2014-08-13 13:04 - 2014-08-13 13:04 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\SUPERAntiSpyware.com
2014-08-13 13:04 - 2014-08-13 13:04 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-13 12:50 - 2014-08-13 12:50 - 00003180 _____ () C:\Windows\System32\Tasks\{00F7997F-B9FE-421F-A2EF-CC975E889B0A}
2014-08-13 12:47 - 2014-03-15 06:32 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-08-13 02:26 - 2011-02-15 18:19 - 00074856 _____ () C:\Users\David Ament\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-11 16:27 - 2014-08-11 16:27 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-11 16:27 - 2014-08-11 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-11 16:27 - 2014-08-11 16:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-11 16:13 - 2014-08-01 13:21 - 00003152 _____ () C:\Windows\System32\Tasks\Trojan Remover
2014-08-10 15:44 - 2014-08-10 15:44 - 00024334 _____ () C:\Users\David Ament\Desktop\hs_err_pid8364.log
2014-08-10 15:44 - 2014-08-10 15:44 - 00003986 _____ () C:\Windows\System32\Tasks\{BACB8BBC-B3BD-E0A0-1FD8-9FF672EC6E0F}
2014-08-10 15:44 - 2014-08-10 15:44 - 00000000 _____ () C:\Windows\system32\rtttfap.dll
2014-08-10 15:44 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-10 14:43 - 2014-08-10 14:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-10 13:15 - 2014-01-15 14:35 - 00000000 ____D () C:\Users\David Ament\AppData\Local\Windows Live
2014-08-07 17:57 - 2013-08-09 17:47 - 00000000 ____D () C:\ProgramData\WarThunder
2014-08-07 17:57 - 2011-02-15 22:34 - 00000000 ____D () C:\Users\David Ament\.gimp-2.6
2014-08-07 17:56 - 2014-08-07 17:56 - 00005411 _____ () C:\Users\David Ament\.recently-used.xbel
2014-08-07 17:56 - 2011-02-22 22:15 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\gtk-2.0
2014-08-06 22:06 - 2014-08-21 11:04 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 22:01 - 2014-08-21 11:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-01 19:28 - 2014-08-01 13:18 - 00019800 _____ () C:\Windows\system32\roboot64.exe
2014-08-01 13:24 - 2014-08-01 13:24 - 00001158 _____ () C:\Users\David Ament\Desktop\Live PC Help.lnk
2014-08-01 13:21 - 2014-08-01 13:21 - 00000000 ____D () C:\ProgramData\Loaris
2014-08-01 13:12 - 2013-03-13 22:58 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-01 13:12 - 2013-03-13 22:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-31 23:43 - 2011-04-30 09:39 - 00000000 ____D () C:\Users\David Ament\AppData\Local\ArmA 2 OA
2014-07-31 23:09 - 2014-07-31 23:09 - 00003332 _____ () C:\Windows\System32\Tasks\{ECBAA0EA-27B5-4FB4-BA9A-36BAF601CD5C}
2014-07-31 23:08 - 2014-07-31 23:08 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\David Ament\Downloads\SpyHunter-Installer.exe
2014-07-31 22:50 - 2014-07-31 22:50 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-07-31 22:50 - 2014-07-31 22:50 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-07-31 22:46 - 2011-12-07 14:26 - 00000000 ____D () C:\Users\David Ament\AppData\Local\Deployment
2014-07-31 19:41 - 2014-08-21 11:06 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 19:16 - 2014-08-21 11:06 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-25 10:52 - 2014-08-21 11:06 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 10:02 - 2014-08-21 11:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 10:01 - 2014-08-21 11:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 09:51 - 2014-08-21 11:06 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 09:30 - 2014-08-21 11:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 09:28 - 2014-08-21 11:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 09:28 - 2014-08-21 11:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 09:25 - 2014-08-21 11:06 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 09:25 - 2014-08-21 11:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 09:11 - 2014-08-21 11:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 09:10 - 2014-08-21 11:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 09:04 - 2014-08-21 11:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 09:03 - 2014-08-21 11:06 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 09:00 - 2014-08-21 11:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 09:00 - 2014-08-21 11:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 08:59 - 2014-08-21 11:06 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 08:47 - 2014-08-21 11:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 08:40 - 2014-08-21 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 08:34 - 2014-08-21 11:06 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 08:34 - 2014-08-21 11:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 08:33 - 2014-08-21 11:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 08:30 - 2014-08-21 11:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 08:28 - 2014-08-21 11:06 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 08:28 - 2014-08-21 11:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 08:21 - 2014-08-21 11:06 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 08:19 - 2014-08-21 11:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 08:18 - 2014-08-21 11:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 08:17 - 2014-08-21 11:06 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 08:17 - 2014-08-21 11:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 08:12 - 2014-08-21 11:06 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 08:10 - 2014-08-21 11:06 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 08:10 - 2014-08-21 11:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 08:08 - 2014-08-21 11:06 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 08:06 - 2014-08-21 11:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 07:52 - 2014-08-21 11:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 07:47 - 2014-08-21 11:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 07:43 - 2014-08-21 11:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 07:42 - 2014-08-21 11:06 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 07:39 - 2014-08-21 11:06 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 07:39 - 2014-08-21 11:06 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 07:36 - 2014-08-21 11:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 07:34 - 2014-08-21 11:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 07:29 - 2014-08-21 11:06 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 07:23 - 2014-08-21 11:06 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 07:13 - 2014-08-21 11:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 07:07 - 2014-08-21 11:06 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 07:07 - 2014-08-21 11:06 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 07:03 - 2014-08-21 11:06 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 06:52 - 2014-08-21 11:06 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 06:26 - 2014-08-21 11:06 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 06:17 - 2014-08-21 11:06 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 06:09 - 2014-08-21 11:06 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 06:05 - 2014-08-21 11:06 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 06:00 - 2014-08-21 11:06 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-25 00:24 - 2012-08-20 09:12 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-07-24 22:45 - 2013-06-26 10:48 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\Malwarebytes
2014-07-24 22:45 - 2013-06-26 10:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-24 22:45 - 2013-06-26 10:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-24 18:39 - 2011-04-26 19:47 - 00000000 ____D () C:\Users\David Ament\AppData\Roaming\TS3Client
2014-07-24 14:57 - 2013-07-24 21:39 - 00000000 ____D () C:\Program Files (x86)\Heroes & Generals

Some content of TEMP:
====================
C:\Users\David Ament\AppData\Local\Temp\ICReinstall_grand-theft-auto-online.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll
[2011-06-27 17:47] - [2010-11-20 09:27] - 0513536 ____N (Microsoft Corporation) FE4D00D545027A5ABFA62E098145E3D0

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-17 02:00

==================== End Of Log ============================



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:12 AM

Posted 23 August 2014 - 09:43 AM

Hi,

warning.gif Critical warning - there's a Backdoor present!

Unfortunately your machine seems to be compromised by a Backdoor Trojan. This type of infection allows hackers to remotely control your computer, steal critical system information and download and execute files.

If your computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums from a CLEAN COMPUTER.

Next steps to remove the malware are:


Step 1

frst.pngfrstsearch.png
  • Start FRST with Administrator privileges.
  • Write the following text into the Search textbox:
rpcss.dll
  • Click on the Search Files button.
  • When finished, a log file (Search.txt) pops up and is saved to the same location the tool was run from.
  • Please copy and paste its contents in your next reply.
Step 2

Please Download TDSStdsskiller.pngiller and save it to your Desktop.
  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters.
  • Make sure that all available options (except "Loaded modules") are checked and click OK.
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 Metalbourne

Metalbourne
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 25 August 2014 - 02:50 PM

15:39:31.0084 0x13ec TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

15:39:39.0929 0x13ec ============================================================

15:39:39.0929 0x13ec Current date / time: 2014/08/25 15:39:39.0929

15:39:39.0929 0x13ec SystemInfo:

15:39:39.0929 0x13ec

15:39:39.0929 0x13ec OS Version: 6.1.7601 ServicePack: 1.0

15:39:39.0929 0x13ec Product type: Workstation

15:39:39.0929 0x13ec ComputerName: DAVIDAMENT-PC

15:39:39.0929 0x13ec UserName: David Ament

15:39:39.0929 0x13ec Windows directory: C:\Windows

15:39:39.0929 0x13ec System windows directory: C:\Windows

15:39:39.0929 0x13ec Running under WOW64

15:39:39.0929 0x13ec Processor architecture: Intel x64

15:39:39.0929 0x13ec Number of processors: 8

15:39:39.0929 0x13ec Page size: 0x1000

15:39:39.0929 0x13ec Boot type: Normal boot

15:39:39.0929 0x13ec ============================================================

15:39:48.0883 0x13ec KLMD registered as C:\Windows\system32\drivers\33457641.sys

15:39:50.0599 0x13ec System UUID: {BA75B89D-18C7-D343-0302-08E4D93A74D4}

15:39:51.0566 0x13ec Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:39:51.0582 0x13ec ============================================================

15:39:51.0582 0x13ec \Device\Harddisk0\DR0:

15:39:51.0582 0x13ec MBR partitions:

15:39:51.0582 0x13ec \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x187F000

15:39:51.0582 0x13ec \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1893000, BlocksNum 0xAD1ED330

15:39:51.0582 0x13ec ============================================================

15:39:51.0660 0x13ec C: <-> \Device\Harddisk0\DR0\Partition2

15:39:51.0660 0x13ec ============================================================

15:39:51.0660 0x13ec Initialize success

15:39:51.0660 0x13ec ============================================================

15:39:56.0106 0x1bd8 ============================================================

15:39:56.0106 0x1bd8 Scan started

15:39:56.0106 0x1bd8 Mode: Manual;

15:39:56.0106 0x1bd8 ============================================================

15:39:56.0106 0x1bd8 KSN ping started

15:40:10.0006 0x1bd8 KSN ping finished: true

15:40:20.0411 0x1bd8 ================ Scan system memory ========================

15:40:20.0411 0x1bd8 System memory - ok

15:40:20.0411 0x1bd8 ================ Scan services =============================

15:40:20.0598 0x1bd8 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

15:40:20.0598 0x1bd8 !SASCORE - ok

15:40:21.0144 0x1bd8 0013871408714285mcinstcleanup - ok

15:40:22.0579 0x1bd8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

15:40:22.0595 0x1bd8 1394ohci - ok

15:40:22.0642 0x1bd8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys

15:40:22.0657 0x1bd8 ACPI - ok

15:40:22.0720 0x1bd8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

15:40:22.0720 0x1bd8 AcpiPmi - ok

15:40:23.0983 0x1bd8 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:40:23.0999 0x1bd8 AdobeFlashPlayerUpdateSvc - ok

15:40:24.0358 0x1bd8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

15:40:24.0405 0x1bd8 adp94xx - ok

15:40:24.0639 0x1bd8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

15:40:24.0670 0x1bd8 adpahci - ok

15:40:24.0935 0x1bd8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

15:40:24.0935 0x1bd8 adpu320 - ok

15:40:25.0060 0x1bd8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

15:40:25.0060 0x1bd8 AeLookupSvc - ok

15:40:25.0247 0x1bd8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys

15:40:25.0263 0x1bd8 AFD - ok

15:40:25.0512 0x1bd8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys

15:40:25.0528 0x1bd8 agp440 - ok

15:40:25.0543 0x1bd8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe

15:40:25.0543 0x1bd8 ALG - ok

15:40:25.0668 0x1bd8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys

15:40:25.0668 0x1bd8 aliide - ok

15:40:25.0746 0x1bd8 [ 5EBA5E837D6635AEA999BAE47E186C6F, F185EAB171B8298ABCAE61B8265F57580AE8A2F424D5BD51E56C6AB482D26FCE ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

15:40:25.0746 0x1bd8 AMD External Events Utility - ok

15:40:25.0855 0x1bd8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys

15:40:25.0855 0x1bd8 amdide - ok

15:40:25.0887 0x1bd8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

15:40:25.0918 0x1bd8 AmdK8 - ok

15:40:27.0431 0x1bd8 [ DCC8177244FE79C61C4E73C65E63922A, 1AF6FB52FD7499F1E1C0530C9A75BDC62A2D2EEBC138496DA28E941454708E1E ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

15:40:27.0571 0x1bd8 amdkmdag - ok

15:40:27.0727 0x1bd8 [ 7FE67D107329DC2CF89136A8E19BCEB7, B8048BF857E52CB5CACC1503F6246F12302DC43FA7B814EE169D2EAD3294C8D1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

15:40:27.0774 0x1bd8 amdkmdap - ok

15:40:27.0852 0x1bd8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

15:40:27.0852 0x1bd8 AmdPPM - ok

15:40:28.0055 0x1bd8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys

15:40:28.0055 0x1bd8 amdsata - ok

15:40:28.0305 0x1bd8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

15:40:28.0320 0x1bd8 amdsbs - ok

15:40:28.0507 0x1bd8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys

15:40:28.0523 0x1bd8 amdxata - ok

15:40:28.0819 0x1bd8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys

15:40:28.0835 0x1bd8 AppID - ok

15:40:28.0851 0x1bd8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll

15:40:28.0866 0x1bd8 AppIDSvc - ok

15:40:28.0929 0x1bd8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll

15:40:28.0929 0x1bd8 Appinfo - ok

15:40:29.0319 0x1bd8 [ 7EF47644B74EBE721CC32211D3C35E76, 1381908E70567AAE5A8C96C4B7BF8E68748F64DE3243FD0FA8CC0E72DEEDA9A7 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:40:29.0319 0x1bd8 Apple Mobile Device - ok

15:40:29.0412 0x1bd8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys

15:40:29.0412 0x1bd8 arc - ok

15:40:29.0490 0x1bd8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

15:40:29.0553 0x1bd8 arcsas - ok

15:40:29.0740 0x1bd8 [ 72DDC83A57224D1547FE56E85331A5AD, E6223C9652E7B5F7793C70DCE707CF79E4ECBD2DF4B3524E49E93CCC87BBFC52 ] asd2fsm C:\Windows\system32\DRIVERS\asd2fsm.sys

15:40:29.0740 0x1bd8 asd2fsm - ok

15:40:30.0754 0x1bd8 [ 861840092584593BE3FC1EA7F13F39DE, DC9E5B7E193EB6E0B134669A7F9708F237285B89743FA8FFC5F582FD048A7260 ] ASD2Svc C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe

15:40:30.0785 0x1bd8 ASD2Svc - ok

15:40:31.0425 0x1bd8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

15:40:31.0425 0x1bd8 aspnet_state - ok

15:40:31.0440 0x1bd8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

15:40:31.0456 0x1bd8 AsyncMac - ok

15:40:31.0503 0x1bd8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys

15:40:31.0503 0x1bd8 atapi - ok

15:40:31.0596 0x1bd8 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

15:40:31.0612 0x1bd8 AtiHDAudioService - ok

15:40:31.0721 0x1bd8 [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

15:40:31.0721 0x1bd8 AtiHdmiService - ok

15:40:31.0861 0x1bd8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

15:40:31.0877 0x1bd8 AudioEndpointBuilder - ok

15:40:32.0064 0x1bd8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll

15:40:32.0095 0x1bd8 AudioSrv - ok

15:40:32.0454 0x1bd8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll

15:40:32.0454 0x1bd8 AxInstSV - ok

15:40:32.0595 0x1bd8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

15:40:32.0626 0x1bd8 b06bdrv - ok

15:40:32.0657 0x1bd8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

15:40:32.0657 0x1bd8 b57nd60a - ok

15:40:32.0907 0x1bd8 [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe

15:40:32.0907 0x1bd8 BBSvc - ok

15:40:33.0016 0x1bd8 [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe

15:40:33.0016 0x1bd8 BBUpdate - ok

15:40:33.0047 0x1bd8 BCMH43XX - ok

15:40:33.0125 0x1bd8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll

15:40:33.0141 0x1bd8 BDESVC - ok

15:40:33.0156 0x1bd8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys

15:40:33.0156 0x1bd8 Beep - ok

15:40:33.0343 0x1bd8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll

15:40:33.0343 0x1bd8 BFE - ok

15:40:33.0484 0x1bd8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll

15:40:33.0499 0x1bd8 BITS - ok

15:40:33.0531 0x1bd8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

15:40:33.0531 0x1bd8 blbdrive - ok

15:40:33.0796 0x1bd8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

15:40:33.0796 0x1bd8 bowser - ok

15:40:33.0811 0x1bd8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:40:33.0827 0x1bd8 BrFiltLo - ok

15:40:33.0889 0x1bd8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:40:33.0889 0x1bd8 BrFiltUp - ok

15:40:33.0983 0x1bd8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll

15:40:33.0983 0x1bd8 Browser - ok

15:40:34.0092 0x1bd8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys

15:40:34.0155 0x1bd8 Brserid - ok

15:40:34.0373 0x1bd8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

15:40:34.0373 0x1bd8 BrSerWdm - ok

15:40:34.0420 0x1bd8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

15:40:34.0420 0x1bd8 BrUsbMdm - ok

15:40:34.0435 0x1bd8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

15:40:34.0451 0x1bd8 BrUsbSer - ok

15:40:34.0513 0x1bd8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

15:40:34.0513 0x1bd8 BTHMODEM - ok

15:40:34.0623 0x1bd8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll

15:40:34.0623 0x1bd8 bthserv - ok

15:40:34.0669 0x1bd8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

15:40:34.0669 0x1bd8 cdfs - ok

15:40:34.0810 0x1bd8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys

15:40:34.0810 0x1bd8 cdrom - ok

15:40:34.0872 0x1bd8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll

15:40:34.0888 0x1bd8 CertPropSvc - ok

15:40:35.0169 0x1bd8 [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids C:\Windows\system32\drivers\cfwids.sys

15:40:35.0169 0x1bd8 cfwids - ok

15:40:35.0262 0x1bd8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys

15:40:35.0262 0x1bd8 circlass - ok

15:40:35.0340 0x1bd8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys

15:40:35.0371 0x1bd8 CLFS - ok

15:40:35.0496 0x1bd8 [ FDFF50AF8A708A23B7DE1D69C285A2AE, D3DD5553711FD5290FF0DFF7C2069D68E12EDCA3A3732A237C52602B59AA27AD ] CLKMSVC10_9EC60124 c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe

15:40:35.0559 0x1bd8 CLKMSVC10_9EC60124 - ok

15:40:35.0699 0x1bd8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:40:35.0715 0x1bd8 clr_optimization_v2.0.50727_32 - ok

15:40:35.0808 0x1bd8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:40:35.0808 0x1bd8 clr_optimization_v2.0.50727_64 - ok

15:40:36.0058 0x1bd8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:40:36.0073 0x1bd8 clr_optimization_v4.0.30319_32 - ok

15:40:36.0479 0x1bd8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:40:36.0479 0x1bd8 clr_optimization_v4.0.30319_64 - ok

15:40:36.0510 0x1bd8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

15:40:36.0526 0x1bd8 CmBatt - ok

15:40:36.0619 0x1bd8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys

15:40:36.0619 0x1bd8 cmdide - ok

15:40:36.0775 0x1bd8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys

15:40:36.0791 0x1bd8 CNG - ok

15:40:36.0822 0x1bd8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

15:40:36.0822 0x1bd8 Compbatt - ok

15:40:36.0931 0x1bd8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

15:40:36.0931 0x1bd8 CompositeBus - ok

15:40:36.0947 0x1bd8 COMSysApp - ok

15:40:36.0994 0x1bd8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

15:40:37.0009 0x1bd8 crcdisk - ok

15:40:37.0041 0x1bd8 crhhhrfl - ok

15:40:37.0134 0x1bd8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll

15:40:37.0134 0x1bd8 CryptSvc - ok

15:40:37.0524 0x1bd8 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

15:40:37.0540 0x1bd8 cvhsvc - ok

15:40:37.0602 0x1bd8 [ FE4D00D545027A5ABFA62E098145E3D0, 090E82E9F617213FA005BFA67D589399649AB46CB3B3986A7D6547CD5F7A6CD4 ] DcomLaunch C:\Windows\system32\rpcss.dll

15:40:37.0602 0x1bd8 DcomLaunch - ok

15:40:37.0633 0x1bd8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll

15:40:37.0649 0x1bd8 defragsvc - ok

15:40:37.0727 0x1bd8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys

15:40:37.0727 0x1bd8 DfsC - ok

15:40:37.0867 0x1bd8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll

15:40:37.0867 0x1bd8 Dhcp - ok

15:40:37.0899 0x1bd8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys

15:40:37.0899 0x1bd8 discache - ok

15:40:37.0945 0x1bd8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys

15:40:37.0945 0x1bd8 Disk - ok

15:40:37.0977 0x1bd8 dlea_device - ok

15:40:38.0320 0x1bd8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll

15:40:38.0320 0x1bd8 Dnscache - ok

15:40:39.0147 0x1bd8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll

15:40:39.0147 0x1bd8 dot3svc - ok

15:40:39.0427 0x1bd8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll

15:40:39.0427 0x1bd8 DPS - ok

15:40:39.0490 0x1bd8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

15:40:39.0505 0x1bd8 drmkaud - ok

15:40:39.0677 0x1bd8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

15:40:39.0693 0x1bd8 DXGKrnl - ok

15:40:39.0739 0x1bd8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll

15:40:39.0739 0x1bd8 EapHost - ok

15:40:40.0098 0x1bd8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

15:40:40.0426 0x1bd8 ebdrv - ok

15:40:40.0629 0x1bd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe

15:40:40.0629 0x1bd8 EFS - ok

15:40:41.0034 0x1bd8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

15:40:41.0112 0x1bd8 ehRecvr - ok

15:40:41.0143 0x1bd8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe

15:40:41.0143 0x1bd8 ehSched - ok

15:40:41.0237 0x1bd8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

15:40:41.0299 0x1bd8 elxstor - ok

15:40:41.0346 0x1bd8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys

15:40:41.0346 0x1bd8 ErrDev - ok

15:40:41.0502 0x1bd8 esgiguard - ok

15:40:41.0565 0x1bd8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll

15:40:41.0565 0x1bd8 EventSystem - ok

15:40:41.0627 0x1bd8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys

15:40:41.0627 0x1bd8 exfat - ok

15:40:41.0658 0x1bd8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys

15:40:41.0658 0x1bd8 fastfat - ok

15:40:41.0845 0x1bd8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe

15:40:41.0892 0x1bd8 Fax - ok

15:40:42.0501 0x1bd8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys

15:40:42.0501 0x1bd8 fdc - ok

15:40:42.0641 0x1bd8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll

15:40:42.0641 0x1bd8 fdPHost - ok

15:40:42.0672 0x1bd8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll

15:40:42.0688 0x1bd8 FDResPub - ok

15:40:42.0703 0x1bd8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

15:40:42.0719 0x1bd8 FileInfo - ok

15:40:42.0735 0x1bd8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

15:40:42.0735 0x1bd8 Filetrace - ok

15:40:42.0859 0x1bd8 [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

15:40:42.0937 0x1bd8 FLEXnet Licensing Service - ok

15:40:43.0000 0x1bd8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

15:40:43.0000 0x1bd8 flpydisk - ok

15:40:43.0109 0x1bd8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

15:40:43.0125 0x1bd8 FltMgr - ok

15:40:43.0218 0x1bd8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll

15:40:43.0234 0x1bd8 FontCache - ok

15:40:43.0374 0x1bd8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:40:43.0374 0x1bd8 FontCache3.0.0.0 - ok

15:40:43.0405 0x1bd8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

15:40:43.0405 0x1bd8 FsDepends - ok

15:40:43.0499 0x1bd8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

15:40:43.0515 0x1bd8 Fs_Rec - ok

15:40:43.0608 0x1bd8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

15:40:43.0608 0x1bd8 fvevol - ok

15:40:43.0639 0x1bd8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

15:40:43.0655 0x1bd8 gagp30kx - ok

15:40:43.0733 0x1bd8 [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

15:40:43.0733 0x1bd8 GEARAspiWDM - ok

15:40:45.0059 0x1bd8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll

15:40:45.0075 0x1bd8 gpsvc - ok

15:40:45.0277 0x1bd8 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:40:45.0293 0x1bd8 gupdate - ok

15:40:45.0324 0x1bd8 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:40:45.0340 0x1bd8 gupdatem - ok

15:40:45.0496 0x1bd8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

15:40:45.0511 0x1bd8 gusvc - ok

15:40:45.0543 0x1bd8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

15:40:45.0543 0x1bd8 hcw85cir - ok

15:40:45.0652 0x1bd8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

15:40:45.0652 0x1bd8 HDAudBus - ok

15:40:45.0667 0x1bd8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

15:40:45.0667 0x1bd8 HidBatt - ok

15:40:45.0699 0x1bd8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

15:40:45.0714 0x1bd8 HidBth - ok

15:40:45.0745 0x1bd8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

15:40:45.0745 0x1bd8 HidIr - ok

15:40:45.0808 0x1bd8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll

15:40:45.0823 0x1bd8 hidserv - ok

15:40:45.0917 0x1bd8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys

15:40:45.0917 0x1bd8 HidUsb - ok

15:40:46.0057 0x1bd8 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys

15:40:46.0057 0x1bd8 HipShieldK - ok

15:40:46.0479 0x1bd8 [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys

15:40:46.0479 0x1bd8 hitmanpro37 - ok

15:40:46.0603 0x1bd8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll

15:40:46.0603 0x1bd8 hkmsvc - ok

15:40:46.0666 0x1bd8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

15:40:46.0681 0x1bd8 HomeGroupListener - ok

15:40:46.0900 0x1bd8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

15:40:46.0900 0x1bd8 HomeGroupProvider - ok

15:40:47.0789 0x1bd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:40:47.0805 0x1bd8 HomeNetSvc - ok

15:40:47.0883 0x1bd8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

15:40:47.0883 0x1bd8 HpSAMD - ok

15:40:48.0444 0x1bd8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys

15:40:48.0507 0x1bd8 HTTP - ok

15:40:48.0569 0x1bd8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

15:40:48.0585 0x1bd8 hwpolicy - ok

15:40:48.0709 0x1bd8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

15:40:48.0725 0x1bd8 i8042prt - ok

15:40:48.0865 0x1bd8 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

15:40:48.0865 0x1bd8 iaStor - ok

15:40:49.0021 0x1bd8 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

15:40:49.0021 0x1bd8 IAStorDataMgrSvc - ok

15:40:49.0099 0x1bd8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

15:40:49.0131 0x1bd8 iaStorV - ok

15:40:49.0349 0x1bd8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:40:49.0396 0x1bd8 idsvc - ok

15:40:49.0427 0x1bd8 IEEtwCollectorService - ok

15:40:49.0489 0x1bd8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

15:40:49.0489 0x1bd8 iirsp - ok

15:40:49.0661 0x1bd8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll

15:40:49.0677 0x1bd8 IKEEXT - ok

15:40:50.0613 0x1bd8 [ A0EAB13A78CC5FB960EC76E3D6408DA3, F536B151EB1F284E8F352A7D8C9C0EBBC2E852E5EB6F0F6C6C313F272CE617FE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

15:40:50.0691 0x1bd8 IntcAzAudAddService - ok

15:40:50.0769 0x1bd8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys

15:40:50.0769 0x1bd8 intelide - ok

15:40:50.0925 0x1bd8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

15:40:50.0925 0x1bd8 intelppm - ok

15:40:50.0971 0x1bd8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll

15:40:50.0987 0x1bd8 IPBusEnum - ok

15:40:51.0081 0x1bd8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:40:51.0081 0x1bd8 IpFilterDriver - ok

15:40:51.0190 0x1bd8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

15:40:51.0205 0x1bd8 iphlpsvc - ok

15:40:51.0283 0x1bd8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

15:40:51.0299 0x1bd8 IPMIDRV - ok

15:40:51.0346 0x1bd8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys

15:40:51.0346 0x1bd8 IPNAT - ok

15:40:51.0736 0x1bd8 [ 755E4BA6DCE627A2683BB7640553C8D6, 7E88C31CE78A784F3FCB6D99412A09D5100E7A4FD779BE0B81489BD1D20D5F68 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

15:40:51.0954 0x1bd8 iPod Service - ok

15:40:52.0048 0x1bd8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys

15:40:52.0063 0x1bd8 IRENUM - ok

15:40:52.0344 0x1bd8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys

15:40:52.0360 0x1bd8 isapnp - ok

15:40:52.0594 0x1bd8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

15:40:52.0641 0x1bd8 iScsiPrt - ok

15:40:52.0875 0x1bd8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

15:40:52.0875 0x1bd8 kbdclass - ok

15:40:52.0953 0x1bd8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

15:40:52.0953 0x1bd8 kbdhid - ok

15:40:53.0015 0x1bd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe

15:40:53.0015 0x1bd8 KeyIso - ok

15:40:53.0748 0x1bd8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

15:40:53.0748 0x1bd8 KSecDD - ok

15:40:53.0998 0x1bd8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

15:40:54.0013 0x1bd8 KSecPkg - ok

15:40:54.0809 0x1bd8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

15:40:54.0809 0x1bd8 ksthunk - ok

15:40:54.0871 0x1bd8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll

15:40:54.0887 0x1bd8 KtmRm - ok

15:40:55.0698 0x1bd8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll

15:40:55.0698 0x1bd8 LanmanServer - ok

15:40:56.0619 0x1bd8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

15:40:56.0619 0x1bd8 LanmanWorkstation - ok

15:40:57.0835 0x1bd8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

15:40:57.0835 0x1bd8 lltdio - ok

15:40:58.0054 0x1bd8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll

15:40:58.0085 0x1bd8 lltdsvc - ok

15:40:58.0459 0x1bd8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll

15:40:58.0459 0x1bd8 lmhosts - ok

15:40:59.0520 0x1bd8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

15:40:59.0536 0x1bd8 LSI_FC - ok

15:40:59.0598 0x1bd8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

15:40:59.0598 0x1bd8 LSI_SAS - ok

15:40:59.0661 0x1bd8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:40:59.0661 0x1bd8 LSI_SAS2 - ok

15:40:59.0785 0x1bd8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:40:59.0785 0x1bd8 LSI_SCSI - ok

15:41:00.0487 0x1bd8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys

15:41:00.0487 0x1bd8 luafv - ok

15:41:01.0158 0x1bd8 [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

15:41:01.0158 0x1bd8 MBAMProtector - ok

15:41:01.0735 0x1bd8 [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

15:41:01.0767 0x1bd8 MBAMScheduler - ok

15:41:02.0063 0x1bd8 [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

15:41:02.0094 0x1bd8 MBAMService - ok

15:41:02.0999 0x1bd8 [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys

15:41:03.0015 0x1bd8 MBAMSwissArmy - ok

15:41:03.0280 0x1bd8 [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

15:41:03.0280 0x1bd8 MBAMWebAccessControl - ok

15:41:03.0545 0x1bd8 [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

15:41:03.0561 0x1bd8 McAfee SiteAdvisor Service - ok

15:41:04.0637 0x1bd8 [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe

15:41:04.0653 0x1bd8 McAPExe - ok

15:41:05.0277 0x1bd8 [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

15:41:05.0292 0x1bd8 McComponentHostService - ok

15:41:05.0479 0x1bd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:41:05.0495 0x1bd8 McMPFSvc - ok

15:41:05.0526 0x1bd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:41:05.0526 0x1bd8 McNaiAnn - ok

15:41:06.0883 0x1bd8 [ 7F8446D8AD9161B34DC7C209FB148A5A, 26B07EB138992586FC410849172A63ACC26D99ED59B568EFF9C93ED2EB129453 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe

15:41:06.0883 0x1bd8 McODS - ok

15:41:07.0149 0x1bd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:41:07.0149 0x1bd8 mcpltsvc - ok

15:41:07.0351 0x1bd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:41:07.0367 0x1bd8 McProxy - ok

15:41:07.0679 0x1bd8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

15:41:07.0679 0x1bd8 Mcx2Svc - ok

15:41:07.0975 0x1bd8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

15:41:07.0975 0x1bd8 megasas - ok

15:41:08.0568 0x1bd8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

15:41:08.0755 0x1bd8 MegaSR - ok

15:41:09.0021 0x1bd8 [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys

15:41:09.0021 0x1bd8 mfeapfk - ok

15:41:09.0348 0x1bd8 [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys

15:41:09.0364 0x1bd8 mfeavfk - ok

15:41:10.0378 0x1bd8 [ 28E4FB2E9918C2E680BE9FD8E130471C, DFD1738F2CC0743F2CD9754CAFFFFC4D38590AF8AD2E1159F8FEAC9E9922E4B8 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

15:41:10.0393 0x1bd8 mfecore - ok

15:41:10.0737 0x1bd8 [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

15:41:10.0737 0x1bd8 mfefire - ok

15:41:11.0002 0x1bd8 [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek C:\Windows\system32\drivers\mfefirek.sys

15:41:11.0017 0x1bd8 mfefirek - ok

15:41:11.0548 0x1bd8 [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys

15:41:11.0563 0x1bd8 mfehidk - ok

15:41:11.0751 0x1bd8 [ 6CD9133BC4B5DF25FB8BCBC382C8466F, F3C938D1EDD61EE1B227112CB027804E0AAD16CBCDD67EEE1D8EAABDFC996BA1 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys

15:41:11.0766 0x1bd8 mfencbdc - ok

15:41:12.0094 0x1bd8 [ 408DC249009CDB3C9B299716C861C64B, 3EFBFA8EE857CBF4C6A29E0D1DA38EB21B57D5BA1F6CC544503CA8253E9BFF12 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys

15:41:12.0094 0x1bd8 mfencrk - ok

15:41:12.0468 0x1bd8 [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp C:\Windows\system32\mfevtps.exe

15:41:12.0468 0x1bd8 mfevtp - ok

15:41:12.0702 0x1bd8 [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys

15:41:12.0702 0x1bd8 mfewfpk - ok

15:41:12.0780 0x1bd8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll

15:41:12.0780 0x1bd8 MMCSS - ok

15:41:12.0874 0x1bd8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys

15:41:12.0874 0x1bd8 Modem - ok

15:41:12.0921 0x1bd8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

15:41:12.0921 0x1bd8 monitor - ok

15:41:13.0092 0x1bd8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys

15:41:13.0092 0x1bd8 mouclass - ok

15:41:13.0170 0x1bd8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

15:41:13.0170 0x1bd8 mouhid - ok

15:41:13.0295 0x1bd8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

15:41:13.0295 0x1bd8 mountmgr - ok

15:41:13.0357 0x1bd8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys

15:41:13.0357 0x1bd8 mpio - ok

15:41:13.0420 0x1bd8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

15:41:13.0420 0x1bd8 mpsdrv - ok

15:41:13.0623 0x1bd8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll

15:41:13.0638 0x1bd8 MpsSvc - ok

15:41:13.0810 0x1bd8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

15:41:13.0825 0x1bd8 MRxDAV - ok

15:41:13.0935 0x1bd8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

15:41:13.0935 0x1bd8 mrxsmb - ok

15:41:14.0059 0x1bd8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:41:14.0075 0x1bd8 mrxsmb10 - ok

15:41:14.0371 0x1bd8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:41:14.0371 0x1bd8 mrxsmb20 - ok

15:41:14.0465 0x1bd8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys

15:41:14.0465 0x1bd8 msahci - ok

15:41:14.0574 0x1bd8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys

15:41:14.0574 0x1bd8 msdsm - ok

15:41:14.0637 0x1bd8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe

15:41:14.0683 0x1bd8 MSDTC - ok

15:41:14.0777 0x1bd8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys

15:41:14.0777 0x1bd8 Msfs - ok

15:41:14.0855 0x1bd8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

15:41:14.0871 0x1bd8 mshidkmdf - ok

15:41:14.0949 0x1bd8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

15:41:14.0964 0x1bd8 msisadrv - ok

15:41:15.0089 0x1bd8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

15:41:15.0089 0x1bd8 MSiSCSI - ok

15:41:15.0089 0x1bd8 msiserver - ok

15:41:15.0261 0x1bd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:41:15.0276 0x1bd8 MSK80Service - ok

15:41:15.0370 0x1bd8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

15:41:15.0385 0x1bd8 MSKSSRV - ok

15:41:15.0635 0x1bd8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

15:41:15.0635 0x1bd8 MSPCLOCK - ok

15:41:15.0744 0x1bd8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

15:41:15.0744 0x1bd8 MSPQM - ok

15:41:15.0947 0x1bd8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

15:41:15.0947 0x1bd8 MsRPC - ok

15:41:16.0119 0x1bd8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

15:41:16.0119 0x1bd8 mssmbios - ok

15:41:16.0181 0x1bd8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

15:41:16.0197 0x1bd8 MSTEE - ok

15:41:16.0228 0x1bd8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

15:41:16.0243 0x1bd8 MTConfig - ok

15:41:16.0306 0x1bd8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys

15:41:16.0306 0x1bd8 Mup - ok

15:41:16.0446 0x1bd8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll

15:41:16.0462 0x1bd8 napagent - ok

15:41:16.0571 0x1bd8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

15:41:16.0571 0x1bd8 NativeWifiP - ok

15:41:16.0961 0x1bd8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys

15:41:16.0977 0x1bd8 NDIS - ok

15:41:17.0039 0x1bd8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

15:41:17.0039 0x1bd8 NdisCap - ok

15:41:17.0117 0x1bd8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

15:41:17.0117 0x1bd8 NdisTapi - ok

15:41:17.0335 0x1bd8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

15:41:17.0335 0x1bd8 Ndisuio - ok

15:41:17.0647 0x1bd8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

15:41:17.0647 0x1bd8 NdisWan - ok

15:41:17.0772 0x1bd8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

15:41:17.0772 0x1bd8 NDProxy - ok

15:41:17.0881 0x1bd8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

15:41:17.0881 0x1bd8 NetBIOS - ok

15:41:17.0991 0x1bd8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

15:41:17.0991 0x1bd8 NetBT - ok

15:41:18.0100 0x1bd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe

15:41:18.0100 0x1bd8 Netlogon - ok

15:41:18.0178 0x1bd8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll

15:41:18.0193 0x1bd8 Netman - ok

15:41:18.0427 0x1bd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:41:18.0443 0x1bd8 NetMsmqActivator - ok

15:41:18.0474 0x1bd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:41:18.0474 0x1bd8 NetPipeActivator - ok

15:41:18.0583 0x1bd8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll

15:41:18.0599 0x1bd8 netprofm - ok

15:41:18.0615 0x1bd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:41:18.0615 0x1bd8 NetTcpActivator - ok

15:41:18.0630 0x1bd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:41:18.0630 0x1bd8 NetTcpPortSharing - ok

15:41:18.0755 0x1bd8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

15:41:18.0755 0x1bd8 nfrd960 - ok

15:41:18.0849 0x1bd8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll

15:41:18.0864 0x1bd8 NlaSvc - ok

15:41:19.0785 0x1bd8 [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

15:41:19.0831 0x1bd8 NOBU - ok

15:41:20.0346 0x1bd8 NPF - ok

15:41:20.0487 0x1bd8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys

15:41:20.0487 0x1bd8 Npfs - ok

15:41:20.0767 0x1bd8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll

15:41:20.0767 0x1bd8 nsi - ok

15:41:20.0783 0x1bd8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

15:41:20.0783 0x1bd8 nsiproxy - ok

15:41:21.0298 0x1bd8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

15:41:21.0360 0x1bd8 Ntfs - ok

15:41:21.0407 0x1bd8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys

15:41:21.0423 0x1bd8 Null - ok

15:41:21.0610 0x1bd8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys

15:41:21.0625 0x1bd8 nvraid - ok

15:41:21.0891 0x1bd8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys

15:41:21.0891 0x1bd8 nvstor - ok

15:41:22.0265 0x1bd8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

15:41:22.0265 0x1bd8 nv_agp - ok

15:41:22.0468 0x1bd8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

15:41:22.0468 0x1bd8 ohci1394 - ok

15:41:22.0639 0x1bd8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:41:22.0639 0x1bd8 ose - ok

15:41:23.0482 0x1bd8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:41:23.0653 0x1bd8 osppsvc - ok

15:41:23.0731 0x1bd8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

15:41:23.0747 0x1bd8 p2pimsvc - ok

15:41:24.0106 0x1bd8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll

15:41:24.0137 0x1bd8 p2psvc - ok

15:41:24.0402 0x1bd8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys

15:41:24.0418 0x1bd8 Parport - ok

15:41:24.0574 0x1bd8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys

15:41:24.0574 0x1bd8 partmgr - ok

15:41:24.0667 0x1bd8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll

15:41:24.0667 0x1bd8 PcaSvc - ok

15:41:25.0354 0x1bd8 [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms

15:41:25.0557 0x1bd8 PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok

15:41:25.0635 0x1bd8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys

15:41:25.0650 0x1bd8 pci - ok

15:41:26.0118 0x1bd8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys

15:41:26.0118 0x1bd8 pciide - ok

15:41:26.0181 0x1bd8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

15:41:26.0181 0x1bd8 pcmcia - ok

15:41:26.0243 0x1bd8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys

15:41:26.0259 0x1bd8 pcw - ok

15:41:26.0461 0x1bd8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys

15:41:26.0477 0x1bd8 PEAUTH - ok

15:41:29.0347 0x1bd8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe

15:41:29.0363 0x1bd8 PerfHost - ok

15:41:29.0519 0x1bd8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll

15:41:29.0597 0x1bd8 pla - ok

15:41:30.0237 0x1bd8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

15:41:30.0252 0x1bd8 PlugPlay - ok

15:41:30.0268 0x1bd8 PnkBstrA - ok

15:41:30.0315 0x1bd8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

15:41:30.0315 0x1bd8 PNRPAutoReg - ok

15:41:30.0595 0x1bd8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

15:41:30.0595 0x1bd8 PNRPsvc - ok

15:41:30.0923 0x1bd8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

15:41:30.0939 0x1bd8 PolicyAgent - ok

15:41:31.0110 0x1bd8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll

15:41:31.0126 0x1bd8 Power - ok

15:41:31.0219 0x1bd8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

15:41:31.0219 0x1bd8 PptpMiniport - ok

15:41:31.0282 0x1bd8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys

15:41:31.0313 0x1bd8 Processor - ok

15:41:31.0375 0x1bd8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll

15:41:31.0375 0x1bd8 ProfSvc - ok

15:41:31.0453 0x1bd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe

15:41:31.0453 0x1bd8 ProtectedStorage - ok

15:41:31.0672 0x1bd8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

15:41:31.0687 0x1bd8 Psched - ok

15:41:32.0046 0x1bd8 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

15:41:32.0046 0x1bd8 PxHlpa64 - ok

15:41:32.0405 0x1bd8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

15:41:32.0483 0x1bd8 ql2300 - ok

15:41:32.0577 0x1bd8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

15:41:32.0592 0x1bd8 ql40xx - ok

15:41:32.0764 0x1bd8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll

15:41:32.0795 0x1bd8 QWAVE - ok

15:41:32.0842 0x1bd8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

15:41:32.0842 0x1bd8 QWAVEdrv - ok

15:41:32.0857 0x1bd8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

15:41:32.0857 0x1bd8 RasAcd - ok

15:41:32.0935 0x1bd8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

15:41:32.0935 0x1bd8 RasAgileVpn - ok

15:41:32.0998 0x1bd8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll

15:41:32.0998 0x1bd8 RasAuto - ok

15:41:33.0169 0x1bd8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

15:41:33.0169 0x1bd8 Rasl2tp - ok

15:41:33.0622 0x1bd8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll

15:41:33.0747 0x1bd8 RasMan - ok

15:41:33.0871 0x1bd8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

15:41:33.0887 0x1bd8 RasPppoe - ok

15:41:34.0137 0x1bd8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

15:41:34.0137 0x1bd8 RasSstp - ok

15:41:34.0230 0x1bd8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

15:41:34.0230 0x1bd8 rdbss - ok

15:41:34.0277 0x1bd8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

15:41:34.0277 0x1bd8 rdpbus - ok

15:41:34.0339 0x1bd8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

15:41:34.0339 0x1bd8 RDPCDD - ok

15:41:34.0386 0x1bd8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

15:41:34.0386 0x1bd8 RDPENCDD - ok

15:41:34.0402 0x1bd8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

15:41:34.0402 0x1bd8 RDPREFMP - ok

15:41:34.0542 0x1bd8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

15:41:34.0917 0x1bd8 RDPWD - ok

15:41:35.0229 0x1bd8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

15:41:35.0229 0x1bd8 rdyboost - ok

15:41:35.0353 0x1bd8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll

15:41:35.0369 0x1bd8 RemoteAccess - ok

15:41:35.0634 0x1bd8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll

15:41:35.0634 0x1bd8 RemoteRegistry - ok

15:41:36.0367 0x1bd8 [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

15:41:36.0383 0x1bd8 RoxMediaDB12OEM - ok

15:41:36.0461 0x1bd8 [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

15:41:36.0477 0x1bd8 RoxWatch12 - ok

15:41:36.0757 0x1bd8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

15:41:36.0757 0x1bd8 RpcEptMapper - ok

15:41:36.0835 0x1bd8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe

15:41:36.0867 0x1bd8 RpcLocator - ok

15:41:37.0413 0x1bd8 [ FE4D00D545027A5ABFA62E098145E3D0, 090E82E9F617213FA005BFA67D589399649AB46CB3B3986A7D6547CD5F7A6CD4 ] RpcSs C:\Windows\system32\rpcss.dll

15:41:37.0428 0x1bd8 RpcSs - ok

15:41:37.0553 0x1bd8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

15:41:37.0553 0x1bd8 rspndr - ok

15:41:37.0756 0x1bd8 [ 5AAB4808E8CCAE8C2ECDA5B791260616, EFA49ADD657D209AFE73CE0E9184E319D5F7A8A0C6B60BEFA0AAB172B2D397BA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

15:41:37.0756 0x1bd8 RSUSBSTOR - ok

15:41:37.0818 0x1bd8 [ 777FC2C418465404E3D8A290DC247D24, D053ABB41B0F859762E4BE724EF4EB9F39B83215BC1C7C02B3BE8F02B2A4B094 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

15:41:37.0818 0x1bd8 RTL8167 - ok

15:41:37.0865 0x1bd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe

15:41:37.0865 0x1bd8 SamSs - ok

15:41:38.0302 0x1bd8 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

15:41:38.0302 0x1bd8 SASDIFSV - ok

15:41:38.0848 0x1bd8 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

15:41:38.0848 0x1bd8 SASKUTIL - ok

15:41:38.0957 0x1bd8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

15:41:38.0957 0x1bd8 sbp2port - ok

15:41:39.0082 0x1bd8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll

15:41:39.0097 0x1bd8 SCardSvr - ok

15:41:39.0144 0x1bd8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

15:41:39.0144 0x1bd8 scfilter - ok

15:41:39.0363 0x1bd8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll

15:41:39.0378 0x1bd8 Schedule - ok

15:41:39.0425 0x1bd8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll

15:41:39.0441 0x1bd8 SCPolicySvc - ok

15:41:39.0487 0x1bd8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll

15:41:39.0503 0x1bd8 SDRSVC - ok

15:41:40.0345 0x1bd8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

15:41:40.0345 0x1bd8 secdrv - ok

15:41:40.0891 0x1bd8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll

15:41:40.0891 0x1bd8 seclogon - ok

15:41:40.0969 0x1bd8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll

15:41:40.0969 0x1bd8 SENS - ok

15:41:41.0047 0x1bd8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll

15:41:41.0063 0x1bd8 SensrSvc - ok

15:41:41.0110 0x1bd8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

15:41:41.0110 0x1bd8 Serenum - ok

15:41:41.0968 0x1bd8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys

15:41:41.0983 0x1bd8 Serial - ok

15:41:42.0280 0x1bd8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

15:41:42.0295 0x1bd8 sermouse - ok

15:41:42.0420 0x1bd8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll

15:41:42.0436 0x1bd8 SessionEnv - ok

15:41:42.0483 0x1bd8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

15:41:42.0483 0x1bd8 sffdisk - ok

15:41:42.0529 0x1bd8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

15:41:42.0529 0x1bd8 sffp_mmc - ok

15:41:42.0576 0x1bd8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

15:41:42.0576 0x1bd8 sffp_sd - ok

15:41:43.0247 0x1bd8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

15:41:43.0247 0x1bd8 sfloppy - ok

15:41:43.0918 0x1bd8 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

15:41:43.0933 0x1bd8 Sftfs - ok

15:41:45.0057 0x1bd8 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

15:41:45.0057 0x1bd8 sftlist - ok

15:41:45.0665 0x1bd8 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

15:41:45.0681 0x1bd8 Sftplay - ok

15:41:45.0743 0x1bd8 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

15:41:45.0743 0x1bd8 Sftredir - ok

15:41:46.0617 0x1bd8 [ 74EC60E20516AAA573BE74F31175270F, 35A68231368DEE46FEF2A4E30BFAAC38F093FC5A362A7491ED38BDE11F0FC356 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

15:41:46.0632 0x1bd8 SftService - ok

15:41:47.0225 0x1bd8 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

15:41:47.0225 0x1bd8 Sftvol - ok

15:41:47.0553 0x1bd8 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

15:41:47.0553 0x1bd8 sftvsa - ok

15:41:49.0113 0x1bd8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll

15:41:49.0300 0x1bd8 SharedAccess - ok

15:41:49.0487 0x1bd8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

15:41:49.0487 0x1bd8 ShellHWDetection - ok

15:41:49.0534 0x1bd8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:41:49.0534 0x1bd8 SiSRaid2 - ok

15:41:49.0737 0x1bd8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

15:41:49.0737 0x1bd8 SiSRaid4 - ok

15:41:50.0470 0x1bd8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys

15:41:50.0470 0x1bd8 Smb - ok

15:41:50.0688 0x1bd8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

15:41:50.0688 0x1bd8 SNMPTRAP - ok

15:41:50.0735 0x1bd8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys

15:41:50.0735 0x1bd8 spldr - ok

15:41:50.0907 0x1bd8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe

15:41:50.0922 0x1bd8 Spooler - ok

15:41:52.0607 0x1bd8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe

15:41:52.0654 0x1bd8 sppsvc - ok

15:41:52.0950 0x1bd8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll

15:41:52.0950 0x1bd8 sppuinotify - ok

15:41:53.0340 0x1bd8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys

15:41:53.0356 0x1bd8 srv - ok

15:41:53.0949 0x1bd8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

15:41:53.0964 0x1bd8 srv2 - ok

15:41:53.0995 0x1bd8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

15:41:54.0011 0x1bd8 srvnet - ok

15:41:54.0089 0x1bd8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

15:41:54.0089 0x1bd8 SSDPSRV - ok

15:41:54.0619 0x1bd8 [ 1100066057FBF612B573EFD3B21383F1, 894F5A999E03807DFFEA67938D2E456D50D9E5511FE91D2E2293C51D98B3D87D ] ssmirrdr C:\Windows\system32\DRIVERS\ssmirrdr.sys

15:41:54.0619 0x1bd8 ssmirrdr - ok

15:41:54.0885 0x1bd8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll

15:41:54.0900 0x1bd8 SstpSvc - ok

15:41:55.0711 0x1bd8 [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

15:41:55.0758 0x1bd8 Steam Client Service - ok

15:41:55.0852 0x1bd8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

15:41:55.0852 0x1bd8 stexstor - ok

15:41:56.0117 0x1bd8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll

15:41:56.0117 0x1bd8 stisvc - ok

15:41:56.0179 0x1bd8 [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

15:41:56.0179 0x1bd8 stllssvr - ok

15:41:56.0257 0x1bd8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys

15:41:56.0257 0x1bd8 swenum - ok

15:41:56.0367 0x1bd8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll

15:41:56.0382 0x1bd8 swprv - ok

15:41:56.0663 0x1bd8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll

15:41:56.0694 0x1bd8 SysMain - ok

15:41:56.0772 0x1bd8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

15:41:56.0772 0x1bd8 TabletInputService - ok

15:41:56.0913 0x1bd8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll

15:41:56.0944 0x1bd8 TapiSrv - ok

15:41:57.0552 0x1bd8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll

15:41:57.0552 0x1bd8 TBS - ok

15:41:58.0317 0x1bd8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

15:41:58.0348 0x1bd8 Tcpip - ok

15:41:58.0987 0x1bd8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

15:41:59.0003 0x1bd8 TCPIP6 - ok

15:41:59.0268 0x1bd8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

15:41:59.0284 0x1bd8 tcpipreg - ok

15:41:59.0471 0x1bd8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

15:41:59.0471 0x1bd8 TDPIPE - ok

15:41:59.0549 0x1bd8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

15:41:59.0549 0x1bd8 TDTCP - ok

15:41:59.0627 0x1bd8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

15:41:59.0643 0x1bd8 tdx - ok

15:41:59.0783 0x1bd8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys

15:41:59.0783 0x1bd8 TermDD - ok

15:42:00.0048 0x1bd8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll

15:42:00.0313 0x1bd8 TermService - ok

15:42:00.0407 0x1bd8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll

15:42:00.0407 0x1bd8 Themes - ok

15:42:00.0797 0x1bd8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll

15:42:00.0797 0x1bd8 THREADORDER - ok

15:42:00.0891 0x1bd8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll

15:42:00.0891 0x1bd8 TrkWks - ok

15:42:01.0218 0x1bd8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

15:42:01.0218 0x1bd8 TrustedInstaller - ok

15:42:01.0343 0x1bd8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

15:42:01.0359 0x1bd8 tssecsrv - ok

15:42:01.0437 0x1bd8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

15:42:01.0437 0x1bd8 TsUsbFlt - ok

15:42:02.0341 0x1bd8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

15:42:02.0341 0x1bd8 tunnel - ok

15:42:02.0373 0x1bd8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

15:42:02.0373 0x1bd8 uagp35 - ok

15:42:02.0731 0x1bd8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

15:42:02.0731 0x1bd8 udfs - ok

15:42:03.0012 0x1bd8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe

15:42:03.0028 0x1bd8 UI0Detect - ok

15:42:03.0231 0x1bd8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

15:42:03.0231 0x1bd8 uliagpkx - ok

15:42:03.0355 0x1bd8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys

15:42:03.0355 0x1bd8 umbus - ok

15:42:03.0496 0x1bd8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

15:42:03.0527 0x1bd8 UmPass - ok

15:42:03.0636 0x1bd8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll

15:42:03.0652 0x1bd8 upnphost - ok

15:42:03.0761 0x1bd8 [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

15:42:03.0870 0x1bd8 USBAAPL64 - ok

15:42:04.0057 0x1bd8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

15:42:04.0073 0x1bd8 usbccgp - ok

15:42:04.0900 0x1bd8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys

15:42:04.0900 0x1bd8 usbcir - ok

15:42:05.0383 0x1bd8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

15:42:05.0383 0x1bd8 usbehci - ok

15:42:05.0446 0x1bd8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

15:42:05.0446 0x1bd8 usbhub - ok

15:42:05.0493 0x1bd8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys

15:42:05.0493 0x1bd8 usbohci - ok

15:42:06.0070 0x1bd8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

15:42:06.0070 0x1bd8 usbprint - ok

15:42:06.0397 0x1bd8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys

15:42:06.0397 0x1bd8 usbscan - ok

15:42:06.0569 0x1bd8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:42:06.0569 0x1bd8 USBSTOR - ok

15:42:06.0865 0x1bd8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

15:42:06.0865 0x1bd8 usbuhci - ok

15:42:06.0943 0x1bd8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll

15:42:06.0943 0x1bd8 UxSms - ok

15:42:06.0990 0x1bd8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe

15:42:06.0990 0x1bd8 VaultSvc - ok

15:42:07.0099 0x1bd8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

15:42:07.0099 0x1bd8 vdrvroot - ok

15:42:07.0271 0x1bd8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe

15:42:07.0287 0x1bd8 vds - ok

15:42:07.0583 0x1bd8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

15:42:07.0583 0x1bd8 vga - ok

15:42:07.0786 0x1bd8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys

15:42:07.0786 0x1bd8 VgaSave - ok

15:42:08.0051 0x1bd8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys


15:42:08.0067 0x1bd8 vhdmp - ok

15:42:08.0472 0x1bd8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys

15:42:08.0519 0x1bd8 viaide - ok

15:42:08.0581 0x1bd8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys

15:42:08.0581 0x1bd8 volmgr - ok

15:42:08.0691 0x1bd8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

15:42:08.0706 0x1bd8 volmgrx - ok

15:42:08.0737 0x1bd8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys

15:42:08.0737 0x1bd8 volsnap - ok

15:42:08.0862 0x1bd8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

15:42:08.0878 0x1bd8 vsmraid - ok

15:42:09.0268 0x1bd8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe

15:42:09.0283 0x1bd8 VSS - ok

15:42:09.0455 0x1bd8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

15:42:09.0471 0x1bd8 vwifibus - ok

15:42:09.0674 0x1bd8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

15:42:09.0689 0x1bd8 vwififlt - ok

15:42:09.0876 0x1bd8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

15:42:09.0876 0x1bd8 vwifimp - ok

15:42:09.0986 0x1bd8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll

15:42:10.0001 0x1bd8 W32Time - ok

15:42:10.0188 0x1bd8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

15:42:10.0188 0x1bd8 WacomPen - ok

15:42:10.0298 0x1bd8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

15:42:10.0313 0x1bd8 WANARP - ok

15:42:10.0360 0x1bd8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

15:42:10.0376 0x1bd8 Wanarpv6 - ok

15:42:10.0859 0x1bd8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

15:42:11.0280 0x1bd8 WatAdminSvc - ok

15:42:11.0858 0x1bd8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe

15:42:11.0936 0x1bd8 wbengine - ok

15:42:13.0215 0x1bd8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

15:42:13.0262 0x1bd8 WbioSrvc - ok

15:42:13.0355 0x1bd8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll

15:42:13.0371 0x1bd8 wcncsvc - ok

15:42:13.0480 0x1bd8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

15:42:13.0480 0x1bd8 WcsPlugInService - ok

15:42:13.0558 0x1bd8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys

15:42:13.0574 0x1bd8 Wd - ok

15:42:14.0104 0x1bd8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

15:42:14.0120 0x1bd8 Wdf01000 - ok

15:42:14.0712 0x1bd8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll

15:42:14.0728 0x1bd8 WdiServiceHost - ok

15:42:14.0744 0x1bd8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll

15:42:14.0744 0x1bd8 WdiSystemHost - ok

15:42:14.0822 0x1bd8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll

15:42:14.0822 0x1bd8 WebClient - ok

15:42:14.0931 0x1bd8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll

15:42:14.0946 0x1bd8 Wecsvc - ok

15:42:15.0009 0x1bd8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll

15:42:15.0024 0x1bd8 wercplsupport - ok

15:42:15.0071 0x1bd8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll

15:42:15.0071 0x1bd8 WerSvc - ok

15:42:15.0165 0x1bd8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

15:42:15.0165 0x1bd8 WfpLwf - ok

15:42:15.0243 0x1bd8 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

15:42:15.0243 0x1bd8 WimFltr - ok

15:42:15.0305 0x1bd8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys

15:42:15.0305 0x1bd8 WIMMount - ok

15:42:16.0101 0x1bd8 WinDefend - ok

15:42:16.0475 0x1bd8 WinHttpAutoProxySvc - ok

15:42:17.0068 0x1bd8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

15:42:17.0068 0x1bd8 Winmgmt - ok

15:42:18.0597 0x1bd8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll

15:42:19.0595 0x1bd8 WinRM - ok

15:42:19.0720 0x1bd8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

15:42:19.0720 0x1bd8 WinUsb - ok

15:42:19.0892 0x1bd8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll

15:42:19.0907 0x1bd8 Wlansvc - ok

15:42:19.0954 0x1bd8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

15:42:19.0970 0x1bd8 wlcrasvc - ok

15:42:20.0531 0x1bd8 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:42:21.0358 0x1bd8 wlidsvc - ok

15:42:21.0717 0x1bd8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

15:42:21.0717 0x1bd8 WmiAcpi - ok

15:42:22.0388 0x1bd8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

15:42:22.0403 0x1bd8 wmiApSrv - ok

15:42:22.0528 0x1bd8 WMPNetworkSvc - ok

15:42:22.0559 0x1bd8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll

15:42:22.0559 0x1bd8 WPCSvc - ok

15:42:22.0668 0x1bd8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

15:42:22.0668 0x1bd8 WPDBusEnum - ok

15:42:22.0762 0x1bd8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

15:42:22.0762 0x1bd8 ws2ifsl - ok

15:42:22.0809 0x1bd8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] WscSvc C:\Windows\System32\wscsvc.dll

15:42:22.0809 0x1bd8 WscSvc - ok

15:42:22.0824 0x1bd8 WSearch - ok

15:42:24.0369 0x1bd8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll

15:42:24.0400 0x1bd8 wuauserv - ok

15:42:24.0525 0x1bd8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

15:42:24.0525 0x1bd8 WudfPf - ok

15:42:24.0743 0x1bd8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

15:42:24.0759 0x1bd8 WUDFRd - ok

15:42:24.0806 0x1bd8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

15:42:24.0821 0x1bd8 wudfsvc - ok

15:42:24.0868 0x1bd8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll

15:42:24.0884 0x1bd8 WwanSvc - ok

15:42:24.0930 0x1bd8 ================ Scan global ===============================

15:42:25.0164 0x1bd8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

15:42:25.0242 0x1bd8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

15:42:25.0274 0x1bd8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

15:42:25.0336 0x1bd8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

15:42:26.0132 0x1bd8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

15:42:26.0147 0x1bd8 [ Global ] - ok

15:42:26.0147 0x1bd8 ================ Scan MBR ==================================

15:42:26.0272 0x1bd8 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0

15:42:31.0326 0x1bd8 \Device\Harddisk0\DR0 - ok

15:42:31.0326 0x1bd8 ================ Scan VBR ==================================

15:42:31.0404 0x1bd8 [ 808B5E8FC8FE49EE5D398BB312F91430 ] \Device\Harddisk0\DR0\Partition1

15:42:31.0545 0x1bd8 \Device\Harddisk0\DR0\Partition1 - ok

15:42:31.0592 0x1bd8 [ B5F83611FBEE7EE6DDE2AEDCAE3432A3 ] \Device\Harddisk0\DR0\Partition2

15:42:31.0685 0x1bd8 \Device\Harddisk0\DR0\Partition2 - ok

15:42:31.0685 0x1bd8 ================ Scan generic autorun ======================

15:42:32.0184 0x1bd8 [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe

15:42:32.0200 0x1bd8 mcpltui_exe - ok

15:42:32.0450 0x1bd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

15:42:32.0652 0x1bd8 Sidebar - ok

15:42:32.0746 0x1bd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:42:32.0762 0x1bd8 mctadmin - ok

15:42:32.0918 0x1bd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

15:42:32.0933 0x1bd8 Sidebar - ok

15:42:32.0949 0x1bd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:42:32.0949 0x1bd8 mctadmin - ok

15:42:33.0198 0x1bd8 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

15:42:33.0214 0x1bd8 swg - ok

15:42:34.0727 0x1bd8 [ A9F05C0ACACED3F2B2BAD58B90ACB2D0, 4A37AFFB24AF065BA9C44E455AE3D0A3239E12194682B3B721F9E1A971CE6B6A ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

15:42:34.0836 0x1bd8 SUPERAntiSpyware - ok

15:42:34.0883 0x1bd8 BRS - ok

15:42:34.0883 0x1bd8 Waiting for KSN requests completion. In queue: 7

15:42:35.0897 0x1bd8 Waiting for KSN requests completion. In queue: 7

15:42:36.0911 0x1bd8 Waiting for KSN requests completion. In queue: 7

15:42:38.0019 0x1bd8 AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )

15:42:38.0019 0x1bd8 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )

15:42:40.0546 0x1bd8 ============================================================

15:42:40.0546 0x1bd8 Scan finished

15:42:40.0546 0x1bd8 ============================================================

15:42:40.0546 0x156c Detected object count: 0

15:42:40.0546 0x156c Actual detected object count: 0

15:44:21.0663 0x15f4 ============================================================

15:44:21.0663 0x15f4 Scan started

15:44:21.0663 0x15f4 Mode: Manual; SigCheck; TDLFS;

15:44:21.0663 0x15f4 ============================================================

15:44:21.0663 0x15f4 KSN ping started

15:44:37.0054 0x15f4 KSN ping finished: true

15:44:41.0289 0x15f4 ================ Scan system memory ========================

15:44:41.0289 0x15f4 System memory - ok

15:44:41.0289 0x15f4 ================ Scan services =============================

15:44:41.0398 0x15f4 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

15:44:41.0570 0x15f4 !SASCORE - ok

15:44:42.0552 0x15f4 0013871408714285mcinstcleanup - ok

15:44:45.0136 0x15f4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

15:44:45.0246 0x15f4 1394ohci - ok

15:44:45.0370 0x15f4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys

15:44:45.0386 0x15f4 ACPI - ok

15:44:45.0511 0x15f4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

15:44:45.0558 0x15f4 AcpiPmi - ok

15:44:47.0887 0x15f4 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:44:47.0903 0x15f4 AdobeFlashPlayerUpdateSvc - ok

15:44:48.0043 0x15f4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

15:44:48.0074 0x15f4 adp94xx - ok

15:44:48.0277 0x15f4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

15:44:48.0308 0x15f4 adpahci - ok

15:44:48.0324 0x15f4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

15:44:48.0339 0x15f4 adpu320 - ok

15:44:48.0417 0x15f4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

15:44:48.0480 0x15f4 AeLookupSvc - ok

15:44:48.0605 0x15f4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys

15:44:48.0641 0x15f4 AFD - ok

15:44:48.0703 0x15f4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys

15:44:48.0734 0x15f4 agp440 - ok

15:44:48.0812 0x15f4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe

15:44:49.0171 0x15f4 ALG - ok

15:44:49.0249 0x15f4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys

15:44:49.0265 0x15f4 aliide - ok

15:44:49.0327 0x15f4 [ 5EBA5E837D6635AEA999BAE47E186C6F, F185EAB171B8298ABCAE61B8265F57580AE8A2F424D5BD51E56C6AB482D26FCE ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

15:44:49.0358 0x15f4 AMD External Events Utility - ok

15:44:49.0421 0x15f4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys

15:44:49.0452 0x15f4 amdide - ok

15:44:49.0561 0x15f4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

15:44:49.0592 0x15f4 AmdK8 - ok

15:44:51.0516 0x15f4 [ DCC8177244FE79C61C4E73C65E63922A, 1AF6FB52FD7499F1E1C0530C9A75BDC62A2D2EEBC138496DA28E941454708E1E ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

15:44:51.0719 0x15f4 amdkmdag - ok

15:44:52.0000 0x15f4 [ 7FE67D107329DC2CF89136A8E19BCEB7, B8048BF857E52CB5CACC1503F6246F12302DC43FA7B814EE169D2EAD3294C8D1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

15:44:52.0281 0x15f4 amdkmdap - ok

15:44:52.0405 0x15f4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

15:44:52.0452 0x15f4 AmdPPM - ok

15:44:52.0515 0x15f4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys

15:44:52.0546 0x15f4 amdsata - ok

15:44:52.0660 0x15f4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

15:44:52.0691 0x15f4 amdsbs - ok

15:44:52.0769 0x15f4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys

15:44:52.0785 0x15f4 amdxata - ok

15:44:52.0832 0x15f4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys

15:44:52.0941 0x15f4 AppID - ok

15:44:53.0034 0x15f4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll

15:44:53.0081 0x15f4 AppIDSvc - ok

15:44:53.0144 0x15f4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll

15:44:53.0175 0x15f4 Appinfo - ok

15:44:53.0534 0x15f4 [ 7EF47644B74EBE721CC32211D3C35E76, 1381908E70567AAE5A8C96C4B7BF8E68748F64DE3243FD0FA8CC0E72DEEDA9A7 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:44:53.0549 0x15f4 Apple Mobile Device - ok

15:44:53.0643 0x15f4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys

15:44:53.0674 0x15f4 arc - ok

15:44:53.0721 0x15f4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

15:44:53.0752 0x15f4 arcsas - ok

15:44:53.0970 0x15f4 [ 72DDC83A57224D1547FE56E85331A5AD, E6223C9652E7B5F7793C70DCE707CF79E4ECBD2DF4B3524E49E93CCC87BBFC52 ] asd2fsm C:\Windows\system32\DRIVERS\asd2fsm.sys

15:44:54.0017 0x15f4 asd2fsm - ok

15:44:54.0485 0x15f4 [ 861840092584593BE3FC1EA7F13F39DE, DC9E5B7E193EB6E0B134669A7F9708F237285B89743FA8FFC5F582FD048A7260 ] ASD2Svc C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe

15:44:54.0516 0x15f4 ASD2Svc - ok

15:44:55.0286 0x15f4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

15:44:55.0317 0x15f4 aspnet_state - ok

15:44:55.0411 0x15f4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

15:44:55.0442 0x15f4 AsyncMac - ok

15:44:55.0489 0x15f4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys

15:44:55.0520 0x15f4 atapi - ok

15:44:55.0629 0x15f4 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

15:44:55.0660 0x15f4 AtiHDAudioService - ok

15:44:55.0754 0x15f4 [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys

15:44:55.0832 0x15f4 AtiHdmiService - ok

15:44:56.0003 0x15f4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

15:44:56.0066 0x15f4 AudioEndpointBuilder - ok

15:44:56.0113 0x15f4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll

15:44:56.0159 0x15f4 AudioSrv - ok

15:44:56.0253 0x15f4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll

15:44:56.0331 0x15f4 AxInstSV - ok

15:44:56.0549 0x15f4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

15:44:56.0632 0x15f4 b06bdrv - ok

15:44:56.0788 0x15f4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

15:44:57.0022 0x15f4 b57nd60a - ok

15:44:57.0210 0x15f4 [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe

15:44:57.0241 0x15f4 BBSvc - ok

15:44:57.0288 0x15f4 [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe

15:44:57.0319 0x15f4 BBUpdate - ok

15:44:57.0319 0x15f4 BCMH43XX - ok

15:44:57.0366 0x15f4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll

15:44:57.0397 0x15f4 BDESVC - ok

15:44:57.0412 0x15f4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys

15:44:57.0475 0x15f4 Beep - ok

15:44:57.0631 0x15f4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll

15:44:57.0662 0x15f4 BFE - ok

15:44:57.0802 0x15f4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll

15:44:57.0865 0x15f4 BITS - ok

15:44:57.0927 0x15f4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

15:44:57.0958 0x15f4 blbdrive - ok

15:44:58.0036 0x15f4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

15:44:58.0192 0x15f4 bowser - ok

15:44:58.0255 0x15f4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:44:58.0536 0x15f4 BrFiltLo - ok

15:44:58.0567 0x15f4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:44:58.0598 0x15f4 BrFiltUp - ok

15:44:58.0665 0x15f4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll

15:44:58.0697 0x15f4 Browser - ok

15:44:58.0899 0x15f4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys

15:44:58.0946 0x15f4 Brserid - ok

15:44:59.0165 0x15f4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

15:44:59.0227 0x15f4 BrSerWdm - ok

15:44:59.0321 0x15f4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

15:44:59.0352 0x15f4 BrUsbMdm - ok

15:44:59.0399 0x15f4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

15:44:59.0430 0x15f4 BrUsbSer - ok

15:44:59.0570 0x15f4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

15:44:59.0601 0x15f4 BTHMODEM - ok

15:44:59.0726 0x15f4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll

15:45:00.0085 0x15f4 bthserv - ok

15:45:00.0116 0x15f4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

15:45:00.0163 0x15f4 cdfs - ok

15:45:00.0210 0x15f4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys

15:45:00.0241 0x15f4 cdrom - ok

15:45:00.0335 0x15f4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll

15:45:00.0397 0x15f4 CertPropSvc - ok

15:45:00.0459 0x15f4 [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids C:\Windows\system32\drivers\cfwids.sys

15:45:00.0491 0x15f4 cfwids - ok

15:45:00.0584 0x15f4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys

15:45:00.0620 0x15f4 circlass - ok

15:45:00.0875 0x15f4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys

15:45:00.0922 0x15f4 CLFS - ok

15:45:01.0374 0x15f4 [ FDFF50AF8A708A23B7DE1D69C285A2AE, D3DD5553711FD5290FF0DFF7C2069D68E12EDCA3A3732A237C52602B59AA27AD ] CLKMSVC10_9EC60124 c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe

15:45:01.0405 0x15f4 CLKMSVC10_9EC60124 - ok

15:45:01.0717 0x15f4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:45:01.0749 0x15f4 clr_optimization_v2.0.50727_32 - ok

15:45:02.0029 0x15f4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:45:02.0061 0x15f4 clr_optimization_v2.0.50727_64 - ok

15:45:02.0643 0x15f4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:45:02.0690 0x15f4 clr_optimization_v4.0.30319_32 - ok

15:45:02.0799 0x15f4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:45:02.0814 0x15f4 clr_optimization_v4.0.30319_64 - ok

15:45:02.0939 0x15f4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

15:45:02.0955 0x15f4 CmBatt - ok

15:45:03.0017 0x15f4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys

15:45:03.0048 0x15f4 cmdide - ok

15:45:03.0158 0x15f4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys

15:45:03.0204 0x15f4 CNG - ok

15:45:03.0267 0x15f4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

15:45:03.0298 0x15f4 Compbatt - ok

15:45:03.0345 0x15f4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

15:45:03.0376 0x15f4 CompositeBus - ok

15:45:03.0376 0x15f4 COMSysApp - ok

15:45:03.0454 0x15f4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

15:45:03.0485 0x15f4 crcdisk - ok

15:45:03.0485 0x15f4 crhhhrfl - ok

15:45:03.0610 0x15f4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll

15:45:03.0626 0x15f4 CryptSvc - ok

15:45:04.0062 0x15f4 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

15:45:04.0094 0x15f4 cvhsvc - ok

15:45:04.0172 0x15f4 [ FE4D00D545027A5ABFA62E098145E3D0, 090E82E9F617213FA005BFA67D589399649AB46CB3B3986A7D6547CD5F7A6CD4 ] DcomLaunch C:\Windows\system32\rpcss.dll

15:45:04.0187 0x15f4 DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )

15:45:04.0234 0x15f4 Object is SCO, delete is not allowed

15:45:04.0234 0x15f4 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning

15:45:06.0849 0x15f4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll

15:45:06.0896 0x15f4 defragsvc - ok

15:45:06.0943 0x15f4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys

15:45:06.0990 0x15f4 DfsC - ok

15:45:07.0052 0x15f4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll

15:45:07.0099 0x15f4 Dhcp - ok

15:45:07.0146 0x15f4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys

15:45:07.0192 0x15f4 discache - ok

15:45:07.0224 0x15f4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys

15:45:07.0239 0x15f4 Disk - ok

15:45:07.0239 0x15f4 dlea_device - ok

15:45:07.0302 0x15f4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll

15:45:07.0317 0x15f4 Dnscache - ok

15:45:07.0395 0x15f4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll

15:45:07.0442 0x15f4 dot3svc - ok

15:45:07.0520 0x15f4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll

15:45:07.0567 0x15f4 DPS - ok

15:45:07.0785 0x15f4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

15:45:07.0816 0x15f4 drmkaud - ok

15:45:08.0082 0x15f4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

15:45:08.0113 0x15f4 DXGKrnl - ok

15:45:08.0191 0x15f4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll

15:45:08.0238 0x15f4 EapHost - ok

15:45:08.0742 0x15f4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

15:45:08.0835 0x15f4 ebdrv - ok

15:45:08.0898 0x15f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe

15:45:08.0929 0x15f4 EFS - ok

15:45:09.0225 0x15f4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

15:45:09.0272 0x15f4 ehRecvr - ok

15:45:09.0288 0x15f4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe

15:45:09.0319 0x15f4 ehSched - ok

15:45:09.0428 0x15f4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

15:45:09.0459 0x15f4 elxstor - ok

15:45:09.0522 0x15f4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys

15:45:09.0553 0x15f4 ErrDev - ok

15:45:09.0693 0x15f4 esgiguard - ok

15:45:09.0912 0x15f4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll

15:45:09.0959 0x15f4 EventSystem - ok

15:45:10.0005 0x15f4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys

15:45:10.0052 0x15f4 exfat - ok

15:45:10.0130 0x15f4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys

15:45:10.0177 0x15f4 fastfat - ok

15:45:10.0364 0x15f4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe

15:45:10.0395 0x15f4 Fax - ok

15:45:10.0442 0x15f4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys

15:45:10.0489 0x15f4 fdc - ok

15:45:10.0520 0x15f4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll

15:45:10.0567 0x15f4 fdPHost - ok

15:45:10.0583 0x15f4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll

15:45:10.0619 0x15f4 FDResPub - ok

15:45:10.0666 0x15f4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

15:45:10.0681 0x15f4 FileInfo - ok

15:45:10.0712 0x15f4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

15:45:10.0759 0x15f4 Filetrace - ok

15:45:11.0087 0x15f4 [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

15:45:11.0102 0x15f4 FLEXnet Licensing Service - ok

15:45:11.0165 0x15f4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

15:45:11.0196 0x15f4 flpydisk - ok

15:45:11.0290 0x15f4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

15:45:11.0321 0x15f4 FltMgr - ok

15:45:11.0711 0x15f4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll

15:45:11.0758 0x15f4 FontCache - ok

15:45:11.0882 0x15f4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:45:11.0898 0x15f4 FontCache3.0.0.0 - ok

15:45:11.0945 0x15f4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

15:45:11.0976 0x15f4 FsDepends - ok

15:45:12.0054 0x15f4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

15:45:12.0070 0x15f4 Fs_Rec - ok

15:45:12.0194 0x15f4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

15:45:12.0241 0x15f4 fvevol - ok

15:45:12.0257 0x15f4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

15:45:12.0288 0x15f4 gagp30kx - ok

15:45:12.0288 0x15f4 [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

15:45:12.0304 0x15f4 GEARAspiWDM - ok

15:45:12.0506 0x15f4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll

15:45:12.0569 0x15f4 gpsvc - ok

15:45:12.0745 0x15f4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:45:12.0777 0x15f4 gupdate - ok

15:45:12.0777 0x15f4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

15:45:12.0792 0x15f4 gupdatem - ok

15:45:12.0855 0x15f4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

15:45:12.0870 0x15f4 gusvc - ok

15:45:13.0042 0x15f4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

15:45:13.0182 0x15f4 hcw85cir - ok

15:45:13.0276 0x15f4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

15:45:13.0307 0x15f4 HDAudBus - ok

15:45:13.0338 0x15f4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

15:45:13.0369 0x15f4 HidBatt - ok

15:45:13.0416 0x15f4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

15:45:13.0432 0x15f4 HidBth - ok

15:45:13.0479 0x15f4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

15:45:13.0494 0x15f4 HidIr - ok

15:45:13.0525 0x15f4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll

15:45:13.0572 0x15f4 hidserv - ok

15:45:13.0619 0x15f4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys

15:45:13.0681 0x15f4 HidUsb - ok

15:45:13.0837 0x15f4 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys

15:45:13.0869 0x15f4 HipShieldK - ok

15:45:13.0900 0x15f4 [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys

15:45:13.0915 0x15f4 hitmanpro37 - ok

15:45:13.0962 0x15f4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll

15:45:13.0993 0x15f4 hkmsvc - ok

15:45:14.0227 0x15f4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

15:45:14.0274 0x15f4 HomeGroupListener - ok

15:45:14.0321 0x15f4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

15:45:14.0368 0x15f4 HomeGroupProvider - ok

15:45:14.0654 0x15f4 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:45:14.0700 0x15f4 HomeNetSvc - ok

15:45:14.0794 0x15f4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

15:45:14.0810 0x15f4 HpSAMD - ok

15:45:14.0981 0x15f4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys

15:45:15.0028 0x15f4 HTTP - ok

15:45:15.0106 0x15f4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

15:45:15.0122 0x15f4 hwpolicy - ok

15:45:15.0168 0x15f4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

15:45:15.0200 0x15f4 i8042prt - ok

15:45:15.0356 0x15f4 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

15:45:15.0387 0x15f4 iaStor - ok

15:45:15.0527 0x15f4 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

15:45:15.0543 0x15f4 IAStorDataMgrSvc - ok

15:45:15.0777 0x15f4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

15:45:15.0808 0x15f4 iaStorV - ok

15:45:15.0980 0x15f4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:45:16.0011 0x15f4 idsvc - ok

15:45:16.0011 0x15f4 IEEtwCollectorService - ok

15:45:16.0073 0x15f4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

15:45:16.0104 0x15f4 iirsp - ok

15:45:16.0479 0x15f4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll

15:45:16.0510 0x15f4 IKEEXT - ok

15:45:16.0936 0x15f4 [ A0EAB13A78CC5FB960EC76E3D6408DA3, F536B151EB1F284E8F352A7D8C9C0EBBC2E852E5EB6F0F6C6C313F272CE617FE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

15:45:16.0983 0x15f4 IntcAzAudAddService - ok

15:45:17.0030 0x15f4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys

15:45:17.0061 0x15f4 intelide - ok

15:45:17.0108 0x15f4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

15:45:17.0139 0x15f4 intelppm - ok

15:45:17.0217 0x15f4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll

15:45:17.0264 0x15f4 IPBusEnum - ok

15:45:17.0326 0x15f4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:45:17.0373 0x15f4 IpFilterDriver - ok

15:45:17.0545 0x15f4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

15:45:17.0591 0x15f4 iphlpsvc - ok

15:45:17.0716 0x15f4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

15:45:17.0747 0x15f4 IPMIDRV - ok

15:45:17.0794 0x15f4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys

15:45:17.0841 0x15f4 IPNAT - ok

15:45:18.0013 0x15f4 [ 755E4BA6DCE627A2683BB7640553C8D6, 7E88C31CE78A784F3FCB6D99412A09D5100E7A4FD779BE0B81489BD1D20D5F68 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

15:45:18.0044 0x15f4 iPod Service - ok

15:45:18.0091 0x15f4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys

15:45:18.0106 0x15f4 IRENUM - ok

15:45:18.0137 0x15f4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys

15:45:18.0153 0x15f4 isapnp - ok

15:45:18.0278 0x15f4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

15:45:18.0293 0x15f4 iScsiPrt - ok

15:45:18.0325 0x15f4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

15:45:18.0340 0x15f4 kbdclass - ok

15:45:18.0387 0x15f4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

15:45:18.0449 0x15f4 kbdhid - ok

15:45:18.0481 0x15f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe

15:45:18.0512 0x15f4 KeyIso - ok

15:45:18.0590 0x15f4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

15:45:18.0605 0x15f4 KSecDD - ok

15:45:18.0720 0x15f4 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

15:45:18.0751 0x15f4 KSecPkg - ok

15:45:18.0782 0x15f4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

15:45:18.0829 0x15f4 ksthunk - ok

15:45:19.0000 0x15f4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll

15:45:19.0032 0x15f4 KtmRm - ok

15:45:19.0078 0x15f4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll

15:45:19.0125 0x15f4 LanmanServer - ok

15:45:19.0234 0x15f4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

15:45:19.0297 0x15f4 LanmanWorkstation - ok

15:45:19.0312 0x15f4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

15:45:19.0359 0x15f4 lltdio - ok

15:45:19.0484 0x15f4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll

15:45:19.0515 0x15f4 lltdsvc - ok

15:45:19.0562 0x15f4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll

15:45:19.0609 0x15f4 lmhosts - ok

15:45:19.0687 0x15f4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

15:45:19.0718 0x15f4 LSI_FC - ok

15:45:19.0749 0x15f4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

15:45:19.0780 0x15f4 LSI_SAS - ok

15:45:19.0827 0x15f4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:45:19.0843 0x15f4 LSI_SAS2 - ok

15:45:19.0874 0x15f4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:45:19.0890 0x15f4 LSI_SCSI - ok

15:45:19.0936 0x15f4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys

15:45:19.0983 0x15f4 luafv - ok

15:45:20.0092 0x15f4 [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

15:45:20.0108 0x15f4 MBAMProtector - ok

15:45:20.0420 0x15f4 [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

15:45:20.0467 0x15f4 MBAMScheduler - ok

15:45:20.0643 0x15f4 [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

15:45:20.0675 0x15f4 MBAMService - ok

15:45:20.0706 0x15f4 [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys

15:45:20.0737 0x15f4 MBAMSwissArmy - ok

15:45:20.0877 0x15f4 [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

15:45:20.0893 0x15f4 MBAMWebAccessControl - ok

15:45:21.0096 0x15f4 [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

15:45:21.0111 0x15f4 McAfee SiteAdvisor Service - ok

15:45:21.0392 0x15f4 [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe

15:45:21.0423 0x15f4 McAPExe - ok

15:45:21.0657 0x15f4 [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

15:45:21.0689 0x15f4 McComponentHostService - ok

15:45:21.0720 0x15f4 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:45:21.0751 0x15f4 McMPFSvc - ok

15:45:21.0767 0x15f4 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:45:21.0798 0x15f4 McNaiAnn - ok

15:45:22.0203 0x15f4 [ 7F8446D8AD9161B34DC7C209FB148A5A, 26B07EB138992586FC410849172A63ACC26D99ED59B568EFF9C93ED2EB129453 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe

15:45:22.0235 0x15f4 McODS - ok

15:45:22.0250 0x15f4 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:45:22.0266 0x15f4 mcpltsvc - ok

15:45:22.0266 0x15f4 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:45:22.0297 0x15f4 McProxy - ok

15:45:22.0375 0x15f4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

15:45:22.0406 0x15f4 Mcx2Svc - ok

15:45:22.0453 0x15f4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

15:45:22.0469 0x15f4 megasas - ok

15:45:22.0645 0x15f4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

15:45:22.0676 0x15f4 MegaSR - ok

15:45:22.0708 0x15f4 [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys

15:45:22.0739 0x15f4 mfeapfk - ok

15:45:22.0848 0x15f4 [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys

15:45:22.0879 0x15f4 mfeavfk - ok

15:45:23.0207 0x15f4 [ 28E4FB2E9918C2E680BE9FD8E130471C, DFD1738F2CC0743F2CD9754CAFFFFC4D38590AF8AD2E1159F8FEAC9E9922E4B8 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

15:45:23.0238 0x15f4 mfecore - ok

15:45:23.0425 0x15f4 [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

15:45:23.0456 0x15f4 mfefire - ok

15:45:23.0581 0x15f4 [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek C:\Windows\system32\drivers\mfefirek.sys

15:45:23.0612 0x15f4 mfefirek - ok

15:45:23.0768 0x15f4 [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys

15:45:23.0800 0x15f4 mfehidk - ok

15:45:24.0034 0x15f4 [ 6CD9133BC4B5DF25FB8BCBC382C8466F, F3C938D1EDD61EE1B227112CB027804E0AAD16CBCDD67EEE1D8EAABDFC996BA1 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys

15:45:24.0049 0x15f4 mfencbdc - ok

15:45:24.0424 0x15f4 [ 408DC249009CDB3C9B299716C861C64B, 3EFBFA8EE857CBF4C6A29E0D1DA38EB21B57D5BA1F6CC544503CA8253E9BFF12 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys

15:45:24.0455 0x15f4 mfencrk - ok

15:45:24.0580 0x15f4 [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp C:\Windows\system32\mfevtps.exe

15:45:24.0611 0x15f4 mfevtp - ok

15:45:24.0663 0x15f4 [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys

15:45:24.0709 0x15f4 mfewfpk - ok

15:45:24.0772 0x15f4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll

15:45:24.0819 0x15f4 MMCSS - ok

15:45:24.0897 0x15f4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys

15:45:24.0959 0x15f4 Modem - ok

15:45:25.0037 0x15f4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

15:45:25.0084 0x15f4 monitor - ok

15:45:25.0162 0x15f4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys

15:45:25.0177 0x15f4 mouclass - ok

15:45:25.0318 0x15f4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

15:45:25.0349 0x15f4 mouhid - ok

15:45:25.0411 0x15f4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

15:45:25.0427 0x15f4 mountmgr - ok

15:45:25.0458 0x15f4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys

15:45:25.0474 0x15f4 mpio - ok

15:45:25.0505 0x15f4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

15:45:25.0536 0x15f4 mpsdrv - ok

15:45:25.0723 0x15f4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll

15:45:25.0770 0x15f4 MpsSvc - ok

15:45:25.0817 0x15f4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

15:45:25.0848 0x15f4 MRxDAV - ok

15:45:25.0957 0x15f4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

15:45:26.0035 0x15f4 mrxsmb - ok

15:45:26.0113 0x15f4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:45:26.0129 0x15f4 mrxsmb10 - ok

15:45:26.0207 0x15f4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:45:26.0238 0x15f4 mrxsmb20 - ok

15:45:26.0301 0x15f4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys

15:45:26.0332 0x15f4 msahci - ok

15:45:26.0457 0x15f4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys

15:45:26.0488 0x15f4 msdsm - ok

15:45:26.0566 0x15f4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe

15:45:26.0597 0x15f4 MSDTC - ok

15:45:26.0633 0x15f4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys

15:45:26.0664 0x15f4 Msfs - ok

15:45:26.0711 0x15f4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

15:45:26.0742 0x15f4 mshidkmdf - ok

15:45:26.0820 0x15f4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

15:45:26.0836 0x15f4 msisadrv - ok

15:45:26.0961 0x15f4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

15:45:27.0008 0x15f4 MSiSCSI - ok

15:45:27.0008 0x15f4 msiserver - ok

15:45:27.0054 0x15f4 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

15:45:27.0086 0x15f4 MSK80Service - ok

15:45:27.0132 0x15f4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

15:45:27.0164 0x15f4 MSKSSRV - ok

15:45:27.0257 0x15f4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

15:45:27.0320 0x15f4 MSPCLOCK - ok

15:45:27.0351 0x15f4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

15:45:27.0429 0x15f4 MSPQM - ok

15:45:27.0522 0x15f4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

15:45:27.0554 0x15f4 MsRPC - ok

15:45:27.0632 0x15f4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

15:45:27.0647 0x15f4 mssmbios - ok

15:45:27.0694 0x15f4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

15:45:27.0741 0x15f4 MSTEE - ok

15:45:27.0772 0x15f4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

15:45:27.0788 0x15f4 MTConfig - ok

15:45:27.0834 0x15f4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys

15:45:27.0850 0x15f4 Mup - ok

15:45:28.0022 0x15f4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll

15:45:28.0084 0x15f4 napagent - ok

15:45:28.0193 0x15f4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

15:45:28.0224 0x15f4 NativeWifiP - ok

15:45:28.0521 0x15f4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys

15:45:28.0568 0x15f4 NDIS - ok

15:45:28.0651 0x15f4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

15:45:28.0682 0x15f4 NdisCap - ok

15:45:28.0729 0x15f4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

15:45:28.0760 0x15f4 NdisTapi - ok

15:45:28.0822 0x15f4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

15:45:28.0885 0x15f4 Ndisuio - ok

15:45:28.0947 0x15f4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

15:45:28.0994 0x15f4 NdisWan - ok

15:45:29.0041 0x15f4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

15:45:29.0072 0x15f4 NDProxy - ok

15:45:29.0134 0x15f4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

15:45:29.0181 0x15f4 NetBIOS - ok

15:45:29.0275 0x15f4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

15:45:29.0337 0x15f4 NetBT - ok

15:45:29.0368 0x15f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe

15:45:29.0384 0x15f4 Netlogon - ok

15:45:29.0446 0x15f4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll

15:45:29.0493 0x15f4 Netman - ok

15:45:29.0602 0x15f4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:45:29.0633 0x15f4 NetMsmqActivator - ok

15:45:29.0633 0x15f4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:45:29.0649 0x15f4 NetPipeActivator - ok

15:45:29.0836 0x15f4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll

15:45:29.0899 0x15f4 netprofm - ok

15:45:29.0899 0x15f4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:45:29.0914 0x15f4 NetTcpActivator - ok

15:45:29.0930 0x15f4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:45:29.0945 0x15f4 NetTcpPortSharing - ok

15:45:30.0008 0x15f4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

15:45:30.0039 0x15f4 nfrd960 - ok

15:45:30.0179 0x15f4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll

15:45:30.0211 0x15f4 NlaSvc - ok

15:45:30.0730 0x15f4 [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

15:45:30.0793 0x15f4 NOBU - ok

15:45:30.0793 0x15f4 NPF - ok

15:45:30.0871 0x15f4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys

15:45:30.0918 0x15f4 Npfs - ok

15:45:30.0964 0x15f4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll

15:45:31.0011 0x15f4 nsi - ok

15:45:31.0105 0x15f4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

15:45:31.0152 0x15f4 nsiproxy - ok

15:45:31.0401 0x15f4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

15:45:31.0448 0x15f4 Ntfs - ok

15:45:31.0588 0x15f4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys

15:45:31.0635 0x15f4 Null - ok

15:45:31.0698 0x15f4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys

15:45:31.0729 0x15f4 nvraid - ok

15:45:31.0760 0x15f4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys

15:45:31.0791 0x15f4 nvstor - ok

15:45:31.0822 0x15f4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

15:45:31.0854 0x15f4 nv_agp - ok

15:45:31.0947 0x15f4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

15:45:31.0978 0x15f4 ohci1394 - ok

15:45:32.0041 0x15f4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:45:32.0056 0x15f4 ose - ok

15:45:32.0857 0x15f4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:45:32.0966 0x15f4 osppsvc - ok

15:45:33.0013 0x15f4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

15:45:33.0044 0x15f4 p2pimsvc - ok

15:45:33.0309 0x15f4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll

15:45:33.0356 0x15f4 p2psvc - ok

15:45:33.0465 0x15f4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys

15:45:33.0497 0x15f4 Parport - ok

15:45:33.0543 0x15f4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys

15:45:33.0575 0x15f4 partmgr - ok

15:45:33.0699 0x15f4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll

15:45:33.0746 0x15f4 PcaSvc - ok

15:45:34.0292 0x15f4 [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms

15:45:34.0308 0x15f4 PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok

15:45:34.0433 0x15f4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys

15:45:34.0464 0x15f4 pci - ok

15:45:34.0573 0x15f4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys

15:45:34.0604 0x15f4 pciide - ok

15:45:34.0687 0x15f4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

15:45:34.0718 0x15f4 pcmcia - ok

15:45:34.0781 0x15f4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys

15:45:34.0812 0x15f4 pcw - ok

15:45:34.0937 0x15f4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys

15:45:34.0984 0x15f4 PEAUTH - ok

15:45:36.0829 0x15f4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe

15:45:36.0861 0x15f4 PerfHost - ok

15:45:37.0313 0x15f4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll

15:45:37.0375 0x15f4 pla - ok

15:45:37.0500 0x15f4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

15:45:37.0531 0x15f4 PlugPlay - ok

15:45:37.0531 0x15f4 PnkBstrA - ok

15:45:37.0609 0x15f4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

15:45:37.0641 0x15f4 PNRPAutoReg - ok

15:45:37.0687 0x15f4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

15:45:37.0719 0x15f4 PNRPsvc - ok

15:45:37.0859 0x15f4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

15:45:37.0906 0x15f4 PolicyAgent - ok

15:45:37.0953 0x15f4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll

15:45:38.0015 0x15f4 Power - ok

15:45:38.0109 0x15f4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

15:45:38.0140 0x15f4 PptpMiniport - ok

15:45:38.0202 0x15f4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys

15:45:38.0249 0x15f4 Processor - ok

15:45:38.0296 0x15f4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll

15:45:38.0327 0x15f4 ProfSvc - ok

15:45:38.0358 0x15f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe

15:45:38.0389 0x15f4 ProtectedStorage - ok

15:45:38.0467 0x15f4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

15:45:38.0514 0x15f4 Psched - ok

15:45:38.0608 0x15f4 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

15:45:38.0628 0x15f4 PxHlpa64 - ok

15:45:38.0909 0x15f4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

15:45:38.0956 0x15f4 ql2300 - ok

15:45:39.0034 0x15f4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

15:45:39.0050 0x15f4 ql40xx - ok

15:45:39.0112 0x15f4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll

15:45:39.0143 0x15f4 QWAVE - ok

15:45:39.0190 0x15f4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

15:45:39.0206 0x15f4 QWAVEdrv - ok

15:45:39.0253 0x15f4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

15:45:39.0331 0x15f4 RasAcd - ok

15:45:39.0362 0x15f4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

15:45:39.0393 0x15f4 RasAgileVpn - ok

15:45:39.0440 0x15f4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll

15:45:39.0502 0x15f4 RasAuto - ok

15:45:39.0565 0x15f4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

15:45:39.0627 0x15f4 Rasl2tp - ok

15:45:39.0689 0x15f4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll

15:45:39.0752 0x15f4 RasMan - ok

15:45:39.0783 0x15f4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

15:45:39.0814 0x15f4 RasPppoe - ok

15:45:39.0845 0x15f4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

15:45:39.0877 0x15f4 RasSstp - ok

15:45:39.0939 0x15f4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

15:45:39.0970 0x15f4 rdbss - ok

15:45:40.0033 0x15f4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

15:45:40.0064 0x15f4 rdpbus - ok

15:45:40.0095 0x15f4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

15:45:40.0126 0x15f4 RDPCDD - ok

15:45:40.0220 0x15f4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

15:45:40.0251 0x15f4 RDPENCDD - ok

15:45:40.0282 0x15f4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

15:45:40.0345 0x15f4 RDPREFMP - ok

15:45:40.0391 0x15f4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

15:45:40.0469 0x15f4 RDPWD - ok

15:45:40.0579 0x15f4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

15:45:40.0610 0x15f4 rdyboost - ok

15:45:40.0662 0x15f4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll

15:45:40.0708 0x15f4 RemoteAccess - ok

15:45:40.0818 0x15f4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll

15:45:40.0880 0x15f4 RemoteRegistry - ok

15:45:41.0286 0x15f4 [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

15:45:41.0317 0x15f4 RoxMediaDB12OEM - ok

15:45:41.0488 0x15f4 [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

15:45:41.0520 0x15f4 RoxWatch12 - ok

15:45:41.0566 0x15f4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

15:45:41.0613 0x15f4 RpcEptMapper - ok

15:45:41.0707 0x15f4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe

15:45:41.0738 0x15f4 RpcLocator - ok

15:45:41.0800 0x15f4 [ FE4D00D545027A5ABFA62E098145E3D0, 090E82E9F617213FA005BFA67D589399649AB46CB3B3986A7D6547CD5F7A6CD4 ] RpcSs C:\Windows\system32\rpcss.dll

15:45:41.0816 0x15f4 RpcSs - detected UnsignedFile.Multi.Generic ( 1 )

15:45:41.0816 0x15f4 Object is SCO, delete is not allowed

15:45:41.0816 0x15f4 RpcSs ( UnsignedFile.Multi.Generic ) - warning

15:45:41.0816 0x15f4 Force sending object to P2P due to detect: RpcSs

15:45:57.0518 0x15f4 Object send P2P result: true

15:46:00.0082 0x15f4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

15:46:00.0129 0x15f4 rspndr - ok

15:46:00.0222 0x15f4 [ 5AAB4808E8CCAE8C2ECDA5B791260616, EFA49ADD657D209AFE73CE0E9184E319D5F7A8A0C6B60BEFA0AAB172B2D397BA ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

15:46:00.0253 0x15f4 RSUSBSTOR - ok

15:46:00.0441 0x15f4 [ 777FC2C418465404E3D8A290DC247D24, D053ABB41B0F859762E4BE724EF4EB9F39B83215BC1C7C02B3BE8F02B2A4B094 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

15:46:00.0487 0x15f4 RTL8167 - ok

15:46:00.0519 0x15f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe

15:46:00.0550 0x15f4 SamSs - ok

15:46:00.0851 0x15f4 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

15:46:00.0867 0x15f4 SASDIFSV - ok

15:46:00.0882 0x15f4 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

15:46:00.0898 0x15f4 SASKUTIL - ok

15:46:00.0960 0x15f4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

15:46:00.0976 0x15f4 sbp2port - ok

15:46:01.0179 0x15f4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll

15:46:01.0241 0x15f4 SCardSvr - ok

15:46:01.0319 0x15f4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

15:46:01.0397 0x15f4 scfilter - ok

15:46:01.0662 0x15f4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll

15:46:01.0725 0x15f4 Schedule - ok

15:46:01.0772 0x15f4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll

15:46:01.0818 0x15f4 SCPolicySvc - ok

15:46:01.0881 0x15f4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll

15:46:01.0912 0x15f4 SDRSVC - ok

15:46:01.0959 0x15f4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

15:46:02.0006 0x15f4 secdrv - ok

15:46:02.0068 0x15f4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll

15:46:02.0115 0x15f4 seclogon - ok

15:46:02.0162 0x15f4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll

15:46:02.0208 0x15f4 SENS - ok

15:46:02.0240 0x15f4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll

15:46:02.0302 0x15f4 SensrSvc - ok

15:46:02.0427 0x15f4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

15:46:02.0458 0x15f4 Serenum - ok

15:46:02.0489 0x15f4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys

15:46:02.0536 0x15f4 Serial - ok

15:46:02.0822 0x15f4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

15:46:02.0853 0x15f4 sermouse - ok

15:46:02.0915 0x15f4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll

15:46:02.0978 0x15f4 SessionEnv - ok

15:46:03.0056 0x15f4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

15:46:03.0103 0x15f4 sffdisk - ok

15:46:03.0134 0x15f4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

15:46:03.0149 0x15f4 sffp_mmc - ok

15:46:03.0196 0x15f4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

15:46:03.0227 0x15f4 sffp_sd - ok

15:46:03.0243 0x15f4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

15:46:03.0274 0x15f4 sfloppy - ok

15:46:03.0415 0x15f4 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

15:46:03.0461 0x15f4 Sftfs - ok

15:46:03.0711 0x15f4 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

15:46:03.0742 0x15f4 sftlist - ok

15:46:03.0773 0x15f4 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

15:46:03.0805 0x15f4 Sftplay - ok

15:46:03.0851 0x15f4 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

15:46:03.0867 0x15f4 Sftredir - ok

15:46:04.0553 0x15f4 [ 74EC60E20516AAA573BE74F31175270F, 35A68231368DEE46FEF2A4E30BFAAC38F093FC5A362A7491ED38BDE11F0FC356 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

15:46:04.0600 0x15f4 SftService - ok

15:46:04.0636 0x15f4 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

15:46:04.0668 0x15f4 Sftvol - ok

15:46:04.0792 0x15f4 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

15:46:04.0824 0x15f4 sftvsa - ok

15:46:04.0886 0x15f4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll

15:46:04.0933 0x15f4 SharedAccess - ok

15:46:05.0011 0x15f4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

15:46:05.0058 0x15f4 ShellHWDetection - ok

15:46:05.0136 0x15f4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:46:05.0167 0x15f4 SiSRaid2 - ok

15:46:05.0245 0x15f4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

15:46:05.0276 0x15f4 SiSRaid4 - ok

15:46:05.0416 0x15f4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys

15:46:05.0463 0x15f4 Smb - ok

15:46:05.0526 0x15f4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

15:46:05.0557 0x15f4 SNMPTRAP - ok

15:46:05.0588 0x15f4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys

15:46:05.0619 0x15f4 spldr - ok

15:46:05.0822 0x15f4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe

15:46:05.0853 0x15f4 Spooler - ok

15:46:06.0779 0x15f4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe

15:46:06.0872 0x15f4 sppsvc - ok

15:46:06.0919 0x15f4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll

15:46:06.0966 0x15f4 sppuinotify - ok

15:46:07.0122 0x15f4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys

15:46:07.0184 0x15f4 srv - ok

15:46:07.0559 0x15f4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

15:46:07.0590 0x15f4 srv2 - ok

15:46:07.0683 0x15f4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

15:46:07.0699 0x15f4 srvnet - ok

15:46:07.0746 0x15f4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

15:46:07.0777 0x15f4 SSDPSRV - ok

15:46:07.0824 0x15f4 [ 1100066057FBF612B573EFD3B21383F1, 894F5A999E03807DFFEA67938D2E456D50D9E5511FE91D2E2293C51D98B3D87D ] ssmirrdr C:\Windows\system32\DRIVERS\ssmirrdr.sys

15:46:07.0839 0x15f4 ssmirrdr - ok

15:46:07.0933 0x15f4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll

15:46:07.0980 0x15f4 SstpSvc - ok

15:46:08.0105 0x15f4 [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

15:46:08.0136 0x15f4 Steam Client Service - ok

15:46:08.0198 0x15f4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

15:46:08.0229 0x15f4 stexstor - ok

15:46:08.0354 0x15f4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll

15:46:08.0385 0x15f4 stisvc - ok

15:46:08.0463 0x15f4 [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

15:46:08.0479 0x15f4 stllssvr - ok

15:46:08.0526 0x15f4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys

15:46:08.0557 0x15f4 swenum - ok

15:46:08.0687 0x15f4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll

15:46:08.0749 0x15f4 swprv - ok

15:46:09.0061 0x15f4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll

15:46:09.0108 0x15f4 SysMain - ok

15:46:09.0202 0x15f4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

15:46:09.0233 0x15f4 TabletInputService - ok

15:46:09.0373 0x15f4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll

15:46:09.0420 0x15f4 TapiSrv - ok

15:46:09.0467 0x15f4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll

15:46:09.0514 0x15f4 TBS - ok

15:46:09.0872 0x15f4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

15:46:09.0919 0x15f4 Tcpip - ok

15:46:10.0356 0x15f4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

15:46:10.0403 0x15f4 TCPIP6 - ok

15:46:10.0465 0x15f4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

15:46:10.0496 0x15f4 tcpipreg - ok

15:46:10.0624 0x15f4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

15:46:10.0644 0x15f4 TDPIPE - ok

15:46:10.0691 0x15f4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

15:46:10.0722 0x15f4 TDTCP - ok

15:46:10.0800 0x15f4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

15:46:10.0847 0x15f4 tdx - ok

15:46:10.0894 0x15f4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys

15:46:10.0925 0x15f4 TermDD - ok

15:46:11.0128 0x15f4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll

15:46:11.0175 0x15f4 TermService - ok

15:46:11.0237 0x15f4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll

15:46:11.0268 0x15f4 Themes - ok

15:46:11.0362 0x15f4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll

15:46:11.0409 0x15f4 THREADORDER - ok

15:46:11.0487 0x15f4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll

15:46:11.0533 0x15f4 TrkWks - ok

15:46:11.0752 0x15f4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

15:46:11.0799 0x15f4 TrustedInstaller - ok

15:46:11.0845 0x15f4 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

15:46:11.0877 0x15f4 tssecsrv - ok

15:46:11.0955 0x15f4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

15:46:12.0001 0x15f4 TsUsbFlt - ok

15:46:12.0064 0x15f4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

15:46:12.0111 0x15f4 tunnel - ok

15:46:12.0157 0x15f4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

15:46:12.0189 0x15f4 uagp35 - ok

15:46:12.0329 0x15f4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

15:46:12.0376 0x15f4 udfs - ok

15:46:12.0454 0x15f4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe

15:46:12.0485 0x15f4 UI0Detect - ok

15:46:12.0516 0x15f4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

15:46:12.0547 0x15f4 uliagpkx - ok

15:46:12.0594 0x15f4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys

15:46:12.0630 0x15f4 umbus - ok

15:46:12.0677 0x15f4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

15:46:12.0708 0x15f4 UmPass - ok

15:46:12.0755 0x15f4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll

15:46:12.0802 0x15f4 upnphost - ok

15:46:12.0849 0x15f4 [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

15:46:12.0880 0x15f4 USBAAPL64 - ok

15:46:12.0989 0x15f4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

15:46:13.0020 0x15f4 usbccgp - ok

15:46:13.0067 0x15f4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys

15:46:13.0161 0x15f4 usbcir - ok

15:46:13.0270 0x15f4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

15:46:13.0301 0x15f4 usbehci - ok

15:46:13.0379 0x15f4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

15:46:13.0410 0x15f4 usbhub - ok

15:46:13.0457 0x15f4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys

15:46:13.0473 0x15f4 usbohci - ok

15:46:13.0566 0x15f4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

15:46:13.0598 0x15f4 usbprint - ok

15:46:13.0629 0x15f4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys

15:46:13.0660 0x15f4 usbscan - ok

15:46:13.0707 0x15f4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:46:13.0738 0x15f4 USBSTOR - ok

15:46:13.0769 0x15f4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

15:46:13.0785 0x15f4 usbuhci - ok

15:46:13.0847 0x15f4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll

15:46:13.0894 0x15f4 UxSms - ok

15:46:13.0988 0x15f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe

15:46:14.0019 0x15f4 VaultSvc - ok

15:46:14.0487 0x15f4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

15:46:14.0502 0x15f4 vdrvroot - ok

15:46:14.0866 0x15f4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe

15:46:14.0897 0x15f4 vds - ok

15:46:15.0007 0x15f4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

15:46:15.0038 0x15f4 vga - ok

15:46:15.0100 0x15f4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys

15:46:15.0163 0x15f4 VgaSave - ok

15:46:15.0225 0x15f4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

15:46:15.0256 0x15f4 vhdmp - ok

15:46:15.0303 0x15f4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys

15:46:15.0334 0x15f4 viaide - ok

15:46:15.0397 0x15f4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys

15:46:15.0428 0x15f4 volmgr - ok

15:46:15.0709 0x15f4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

15:46:15.0740 0x15f4 volmgrx - ok

15:46:15.0865 0x15f4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys

15:46:15.0896 0x15f4 volsnap - ok

15:46:15.0989 0x15f4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

15:46:16.0021 0x15f4 vsmraid - ok

15:46:16.0317 0x15f4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe

15:46:16.0379 0x15f4 VSS - ok

15:46:16.0411 0x15f4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

15:46:16.0442 0x15f4 vwifibus - ok

15:46:16.0504 0x15f4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

15:46:16.0535 0x15f4 vwififlt - ok

15:46:16.0582 0x15f4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

15:46:16.0634 0x15f4 vwifimp - ok

15:46:16.0806 0x15f4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll

15:46:16.0852 0x15f4 W32Time - ok

15:46:16.0884 0x15f4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

15:46:16.0915 0x15f4 WacomPen - ok

15:46:16.0977 0x15f4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

15:46:17.0024 0x15f4 WANARP - ok

15:46:17.0024 0x15f4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

15:46:17.0055 0x15f4 Wanarpv6 - ok

15:46:17.0352 0x15f4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

15:46:17.0383 0x15f4 WatAdminSvc - ok

15:46:17.0726 0x15f4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe

15:46:17.0773 0x15f4 wbengine - ok

15:46:17.0851 0x15f4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

15:46:17.0882 0x15f4 WbioSrvc - ok

15:46:18.0007 0x15f4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll

15:46:18.0038 0x15f4 wcncsvc - ok

15:46:18.0116 0x15f4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

15:46:18.0147 0x15f4 WcsPlugInService - ok

15:46:18.0194 0x15f4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys

15:46:18.0225 0x15f4 Wd - ok

15:46:18.0428 0x15f4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

15:46:18.0459 0x15f4 Wdf01000 - ok

15:46:18.0522 0x15f4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll

15:46:18.0568 0x15f4 WdiServiceHost - ok

15:46:18.0568 0x15f4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll

15:46:18.0584 0x15f4 WdiSystemHost - ok

15:46:18.0745 0x15f4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll

15:46:18.0776 0x15f4 WebClient - ok

15:46:18.0932 0x15f4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll

15:46:18.0995 0x15f4 Wecsvc - ok

15:46:19.0026 0x15f4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll

15:46:19.0073 0x15f4 wercplsupport - ok

15:46:19.0182 0x15f4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll

15:46:19.0229 0x15f4 WerSvc - ok

15:46:19.0275 0x15f4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

15:46:19.0322 0x15f4 WfpLwf - ok

15:46:19.0509 0x15f4 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

15:46:19.0541 0x15f4 WimFltr - ok

15:46:19.0572 0x15f4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys

15:46:19.0603 0x15f4 WIMMount - ok

15:46:19.0634 0x15f4 WinDefend - ok

15:46:19.0634 0x15f4 WinHttpAutoProxySvc - ok

15:46:19.0977 0x15f4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

15:46:20.0024 0x15f4 Winmgmt - ok

15:46:20.0508 0x15f4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll

15:46:20.0586 0x15f4 WinRM - ok

15:46:20.0669 0x15f4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

15:46:20.0700 0x15f4 WinUsb - ok

15:46:20.0903 0x15f4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll

15:46:20.0934 0x15f4 Wlansvc - ok

15:46:21.0028 0x15f4 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

15:46:21.0043 0x15f4 wlcrasvc - ok

15:46:21.0854 0x15f4 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:46:21.0901 0x15f4 wlidsvc - ok

15:46:21.0979 0x15f4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

15:46:22.0026 0x15f4 WmiAcpi - ok

15:46:22.0135 0x15f4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

15:46:22.0166 0x15f4 wmiApSrv - ok

15:46:22.0338 0x15f4 WMPNetworkSvc - ok

15:46:22.0416 0x15f4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll

15:46:22.0463 0x15f4 WPCSvc - ok

15:46:22.0671 0x15f4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

15:46:22.0702 0x15f4 WPDBusEnum - ok

15:46:22.0764 0x15f4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

15:46:22.0811 0x15f4 ws2ifsl - ok

15:46:22.0873 0x15f4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] WscSvc C:\Windows\System32\wscsvc.dll

15:46:22.0905 0x15f4 WscSvc - ok

15:46:22.0920 0x15f4 WSearch - ok

15:46:23.0404 0x15f4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll

15:46:23.0466 0x15f4 wuauserv - ok

15:46:23.0544 0x15f4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

15:46:23.0575 0x15f4 WudfPf - ok

15:46:23.0607 0x15f4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

15:46:23.0638 0x15f4 WUDFRd - ok

15:46:23.0716 0x15f4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

15:46:23.0747 0x15f4 wudfsvc - ok

15:46:23.0856 0x15f4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll

15:46:23.0887 0x15f4 WwanSvc - ok

15:46:23.0887 0x15f4 ================ Scan global ===============================

15:46:23.0981 0x15f4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

15:46:24.0168 0x15f4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

15:46:24.0215 0x15f4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

15:46:24.0355 0x15f4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

15:46:24.0433 0x15f4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

15:46:24.0433 0x15f4 [ Global ] - ok

15:46:24.0449 0x15f4 ================ Scan MBR ==================================

15:46:24.0480 0x15f4 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0

15:46:39.0122 0x15f4 \Device\Harddisk0\DR0 - ok

15:46:39.0122 0x15f4 ================ Scan VBR ==================================

15:46:39.0200 0x15f4 [ 808B5E8FC8FE49EE5D398BB312F91430 ] \Device\Harddisk0\DR0\Partition1

15:46:39.0309 0x15f4 \Device\Harddisk0\DR0\Partition1 - ok

15:46:39.0387 0x15f4 [ B5F83611FBEE7EE6DDE2AEDCAE3432A3 ] \Device\Harddisk0\DR0\Partition2

15:46:39.0512 0x15f4 \Device\Harddisk0\DR0\Partition2 - ok

15:46:39.0512 0x15f4 ================ Scan generic autorun ======================

15:46:39.0762 0x15f4 [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe

15:46:39.0793 0x15f4 mcpltui_exe - ok

15:46:40.0089 0x15f4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

15:46:40.0136 0x15f4 Sidebar - ok

15:46:40.0167 0x15f4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:46:40.0214 0x15f4 mctadmin - ok

15:46:40.0276 0x15f4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

15:46:40.0323 0x15f4 Sidebar - ok

15:46:40.0323 0x15f4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:46:40.0339 0x15f4 mctadmin - ok

15:46:40.0479 0x15f4 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

15:46:40.0510 0x15f4 swg - ok

15:46:42.0138 0x15f4 [ A9F05C0ACACED3F2B2BAD58B90ACB2D0, 4A37AFFB24AF065BA9C44E455AE3D0A3239E12194682B3B721F9E1A971CE6B6A ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

15:46:42.0294 0x15f4 SUPERAntiSpyware - ok

15:46:42.0309 0x15f4 BRS - ok

15:46:42.0325 0x15f4 AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )

15:46:42.0325 0x15f4 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )

15:46:44.0815 0x15f4 ============================================================

15:46:44.0815 0x15f4 Scan finished

15:46:44.0815 0x15f4 ============================================================

15:46:44.0815 0x18ac Detected object count: 2

15:46:44.0815 0x18ac Actual detected object count: 2

15:47:01.0735 0x18ac DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user

15:47:01.0735 0x18ac DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:47:01.0735 0x18ac RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user

15:47:01.0735 0x18ac RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip



#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:12 AM

Posted 26 August 2014 - 05:51 AM


Hi,
thank you for posting the log. Could you also perform step 1 above please?
The search result is still missing. :)

Thank you!
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 Metalbourne

Metalbourne
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 26 August 2014 - 06:43 AM

For step 1 I ran the search and it has searched for 8 to 9 hours the first I've run it and around 10 hours the second time I ran it. I don't think I have it. Or does it need longer?



#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:12 AM

Posted 26 August 2014 - 07:07 AM

Thanks for letting me know.
 

 

Or does it need longer?

 

No, definitely not. Please wait for further instructions.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:12 AM

Posted 27 August 2014 - 12:42 PM

Hi, please run some scans from Recovery Environment.

Step 1
Please download ListPartslistparts.png(by Farbar) to a USB flash drive.

Step 2

frst.png
Please download Farbar Recovery Scan Tool to a USB flash drive.


Step 3

FRST Scan/Search from RECOVERY Environment

Plug the flashdrive into the infected PC.
If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

    Select Command Prompt
Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Write the following text into the Search textbox:
rpcss.dll
  • Press Search button.
  • It will make a log (Search.txt) on the flash drive. Please copy and paste it to your reply.
Afterwards:
  • In the command window type e:\listparts64 and press Enter.
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will Open.
  • Press Scan button to run the tool.
  • When it finished it will make a log (Result.txt) on the flash drive. Please copy and paste it to your reply.

Edited by deeprybka, 27 August 2014 - 12:44 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 Metalbourne

Metalbourne
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 28 August 2014 - 04:34 PM

ListParts by Farbar Version: 31-07-2014
Ran by SYSTEM (administrator) on 28-08-2014 at 18:26:57
Windows 7 (X64)
Running From: k:\
Language: English (United States)
************************************************************

========================= Memory info ======================

Percentage of memory in use: 8%
Total physical RAM: 9206.93 MB
Available physical RAM: 8429.24 MB
Total Pagefile: 9205.07 MB
Available Pagefile: 8417.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.93 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:1384.96 GB) (Free:925.13 GB) NTFS
3 Drive e: (RECOVERY) (Fixed) (Total:12.25 GB) (Free:5.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
9 Drive k: (PUBLIC) (Removable) (Total:7.45 GB) (Free:7.28 GB) FAT32
10 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online         1397 GB      0 B        
  Disk 1    No Media           0 B      0 B        
  Disk 2    No Media           0 B      0 B        
  Disk 3    No Media           0 B      0 B        
  Disk 4    No Media           0 B      0 B        
  Disk 5    Online         7632 MB      0 B        

Partitions of Disk 0:
===============

Disk ID: 77E3ED41

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    OEM                 39 MB    31 KB
  Partition 2    Primary             12 GB    40 MB
  Partition 3    Primary           1384 GB    12 GB
  Partition 4    Primary             10 MB  1397 GB

======================================================================================================

Disk: 0
Partition 1
Type  : DE
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 9                      FAT    Partition     39 MB  Healthy    Hidden 

======================================================================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     E   RECOVERY     NTFS   Partition     12 GB  Healthy           

======================================================================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     C   OS           NTFS   Partition   1384 GB  Healthy           

======================================================================================================

Disk: 0
Partition 4
Type  : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Partitions of Disk 5:
===============

Disk ID: C3072E18

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           7628 MB  4032 KB

======================================================================================================

Disk: 5
Partition 1
Type  : 0C
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 8     K   PUBLIC       FAT32  Removable   7628 MB  Healthy           

======================================================================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: 77E3ED41
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1385 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=10 MB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 4

==============================
Partitions of Disk 5:
===============
Disk ID: C3072E18
Partition 1: (Not Active) - (Size=7 GB) - (Type=0C)

****** End Of Log ******


Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by SYSTEM at 2014-08-28 16:18:19
Running from k:\
Boot Mode: Recovery

================== Search Files: "rpcss.dll" =============



#14 Metalbourne

Metalbourne
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:04:12 AM

Posted 28 August 2014 - 04:36 PM

I ran the frst just like you showed me and it won't generate a log. I let it run for hours and nothing even when I ran it off of the flashdrive.



#15 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:12 AM

Posted 30 August 2014 - 11:10 PM

Hi,

Step 1
listparts.pnglistpartsfix.PNG
Please download ListParts(by Farbar) and save it to your Desktop

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.
  • Copy the entire content of the codebox below and paste into the notepad document:
    Disk=0 Partition=4 delete
    
  • Click File, Save As and type Fix.txt as the File Name.
  • Both files, Listparts64.exe and Fix.txt have to be in the same location or the fix will not work!

    Start ListParts with administator privileges.
  • Press the Fix button.
  • When finished, Listparts will produce a new log (Result.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.
Step 2
  • Please download SystemLook (64-bit) by jpshortstuff and save it to your desktop
  • Double-click the program to run it, paste the entire text into the main text box:
    :filefind 
    rpcss.dll 
    
  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Edited by deeprybka, 31 August 2014 - 10:51 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users