Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD, having trouble removing boot virus


  • This topic is locked This topic is locked
37 replies to this topic

#1 dadrivr

dadrivr

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 16 September 2014 - 08:08 AM

I'm getting the blue screen of death and having trouble booting up.  It appears to be a boot virus.  I detected the virus using Avira in safe mode (BOO/Cidox.B ), but the only Avira action is "Download Repair Tool", and when I click on this link, there isn't anything called "Repair Tool" or similar.  Here's the relevant line from the Avira Log:

 

Boot sector 'HDD1(C:)'
    [DETECTION] Contains code of the BOO/Cidox.B boot sector virus

 

I downloaded the Avira System Rescue and installed it as a boot disk.  I tried running a scan using the Avira System Rescue boot disk, but it didn't detect anything.  Malwarebytes is also not detecting anything.

 

Thanks in advance!

 

Here is my HiJackThis Log:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:08:06 AM, on 9/16/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
CHROME: 37.0.2062.120

Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
F:\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSync.exe" -startInTray -usedelay=true
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Amazon Cloud Player] C:\Users\Isaac\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
O4 - HKCU\..\Run: [Allway Sync] "C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe" -m
O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\Isaac\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_66D9B4593984BB5EE437F9BA7B8E9ADA] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: BTGuard Encryption.lnk = C:\BTGUARD\myentunnel.exe
O4 - Startup: BTGuard Updates.lnk = C:\BTGUARD\settings.exe
O4 - Startup: Last.fm Scrobbler.lnk = C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: Samsung Magician.lnk = ?
O4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O21 - SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Botkind Service (BotkindSyncService) - Unknown owner - C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
O23 - Service: CrashPlan Backup Service (CrashPlanService) - CrashPlan - C:\Program Files\CrashPlan\CrashPlanService.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SlingAgentService - Sling Media Inc. - C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13272 bytes



BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 16 September 2014 - 09:02 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 dadrivr

dadrivr
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 16 September 2014 - 07:35 PM

The TDSKiller log is below (the file is too big to attach).  Thanks!

20:28:03.0130 0x0738  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
20:28:08.0715 0x0738  ============================================================
20:28:08.0715 0x0738  Current date / time: 2014/09/16 20:28:08.0715
20:28:08.0715 0x0738  SystemInfo:
20:28:08.0715 0x0738  
20:28:08.0715 0x0738  OS Version: 6.1.7601 ServicePack: 1.0
20:28:08.0715 0x0738  Product type: Workstation
20:28:08.0715 0x0738  ComputerName: ISAAC-PC
20:28:08.0715 0x0738  UserName: Isaac
20:28:08.0715 0x0738  Windows directory: C:\Windows
20:28:08.0715 0x0738  System windows directory: C:\Windows
20:28:08.0715 0x0738  Running under WOW64
20:28:08.0715 0x0738  Processor architecture: Intel x64
20:28:08.0715 0x0738  Number of processors: 8
20:28:08.0715 0x0738  Page size: 0x1000
20:28:08.0715 0x0738  Boot type: Safe boot with network
20:28:08.0715 0x0738  ============================================================
20:28:09.0043 0x0738  KLMD registered as C:\Windows\system32\drivers\52490775.sys
20:28:09.0074 0x0738  System UUID: {27BDAA6D-6EE6-DE23-8230-15158B360C4B}
20:28:09.0308 0x0738  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:09.0308 0x0738  Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:28:09.0323 0x0738  Drive \Device\Harddisk6\DR6 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:28:09.0791 0x0738  ============================================================
20:28:09.0791 0x0738  \Device\Harddisk0\DR0:
20:28:09.0791 0x0738  MBR partitions:
20:28:09.0791 0x0738  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:28:09.0791 0x0738  \Device\Harddisk1\DR1:
20:28:09.0791 0x0738  MBR partitions:
20:28:09.0791 0x0738  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1AD40A71
20:28:09.0791 0x0738  \Device\Harddisk6\DR6:
20:28:09.0791 0x0738  MBR partitions:
20:28:09.0791 0x0738  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
20:28:09.0791 0x0738  ============================================================
20:28:09.0791 0x0738  C: <-> \Device\Harddisk1\DR1\Partition1
20:28:09.0807 0x0738  F: <-> \Device\Harddisk0\DR0\Partition1
20:28:09.0807 0x0738  K: <-> \Device\Harddisk6\DR6\Partition1
20:28:09.0807 0x0738  ============================================================
20:28:09.0807 0x0738  Initialize success
20:28:09.0807 0x0738  ============================================================
20:28:44.0674 0x0b50  ============================================================
20:28:44.0674 0x0b50  Scan started
20:28:44.0674 0x0b50  Mode: Manual; SigCheck; TDLFS; 
20:28:44.0674 0x0b50  ============================================================
20:28:44.0674 0x0b50  KSN ping started
20:28:47.0687 0x0b50  KSN ping finished: true
20:28:48.0492 0x0b50  ================ Scan system memory ========================
20:28:48.0492 0x0b50  System memory - ok
20:28:48.0492 0x0b50  ================ Scan services =============================
20:28:48.0572 0x0b50  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:28:48.0635 0x0b50  1394ohci - ok
20:28:48.0647 0x0b50  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:28:48.0665 0x0b50  ACPI - ok
20:28:48.0690 0x0b50  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:28:48.0710 0x0b50  AcpiPmi - ok
20:28:48.0717 0x0b50  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:28:48.0730 0x0b50  AdobeARMservice - ok
20:28:48.0757 0x0b50  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:28:48.0770 0x0b50  AdobeFlashPlayerUpdateSvc - ok
20:28:48.0792 0x0b50  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:28:48.0812 0x0b50  adp94xx - ok
20:28:48.0822 0x0b50  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:28:48.0835 0x0b50  adpahci - ok
20:28:48.0847 0x0b50  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:28:48.0860 0x0b50  adpu320 - ok
20:28:48.0905 0x0b50  [ CAC04FF26BD3D6521BE79B5B4EB2E53A, 35E48845D5C2D638130B8BD4E953C709C81B0B3AE1C89372A01484D0CC8094A3 ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
20:28:48.0937 0x0b50  AdvancedSystemCareService7 - ok
20:28:48.0960 0x0b50  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:28:49.0010 0x0b50  AeLookupSvc - ok
20:28:49.0027 0x0b50  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
20:28:49.0052 0x0b50  AFD - ok
20:28:49.0057 0x0b50  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:28:49.0070 0x0b50  agp440 - ok
20:28:49.0080 0x0b50  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:28:49.0092 0x0b50  ALG - ok
20:28:49.0100 0x0b50  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:28:49.0110 0x0b50  aliide - ok
20:28:49.0120 0x0b50  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:28:49.0130 0x0b50  amdide - ok
20:28:49.0145 0x0b50  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:28:49.0155 0x0b50  AmdK8 - ok
20:28:49.0165 0x0b50  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:28:49.0175 0x0b50  AmdPPM - ok
20:28:49.0205 0x0b50  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:28:49.0215 0x0b50  amdsata - ok
20:28:49.0232 0x0b50  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:28:49.0250 0x0b50  amdsbs - ok
20:28:49.0252 0x0b50  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:28:49.0262 0x0b50  amdxata - ok
20:28:49.0292 0x0b50  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:28:49.0310 0x0b50  AntiVirSchedulerService - ok
20:28:49.0320 0x0b50  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:28:49.0332 0x0b50  AntiVirService - ok
20:28:49.0367 0x0b50  [ 8275A6F8857CB98F72CBAF75770E9E10, B945A8937E95269A84C4B0EA0E202EE564B457E32DE239DCCDF9F14D9CC204C7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:28:49.0397 0x0b50  AntiVirWebService - ok
20:28:49.0400 0x0b50  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
20:28:49.0460 0x0b50  AppID - ok
20:28:49.0472 0x0b50  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:28:49.0500 0x0b50  AppIDSvc - ok
20:28:49.0502 0x0b50  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
20:28:49.0517 0x0b50  Appinfo - ok
20:28:49.0530 0x0b50  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:28:49.0540 0x0b50  Apple Mobile Device - ok
20:28:49.0575 0x0b50  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:28:49.0585 0x0b50  AppMgmt - ok
20:28:49.0592 0x0b50  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:28:49.0602 0x0b50  arc - ok
20:28:49.0615 0x0b50  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:28:49.0625 0x0b50  arcsas - ok
20:28:49.0677 0x0b50  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:28:49.0692 0x0b50  aspnet_state - ok
20:28:49.0695 0x0b50  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:28:49.0720 0x0b50  AsyncMac - ok
20:28:49.0750 0x0b50  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:28:49.0757 0x0b50  atapi - ok
20:28:49.0787 0x0b50  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:28:49.0835 0x0b50  AudioEndpointBuilder - ok
20:28:49.0850 0x0b50  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:28:49.0890 0x0b50  AudioSrv - ok
20:28:49.0895 0x0b50  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:28:49.0910 0x0b50  avgntflt - ok
20:28:49.0915 0x0b50  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:28:49.0925 0x0b50  avipbb - ok
20:28:49.0965 0x0b50  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
20:28:49.0977 0x0b50  Avira.OE.ServiceHost - ok
20:28:50.0000 0x0b50  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:28:50.0010 0x0b50  avkmgr - ok
20:28:50.0055 0x0b50  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:28:50.0077 0x0b50  AxInstSV - ok
20:28:50.0090 0x0b50  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:28:50.0110 0x0b50  b06bdrv - ok
20:28:50.0120 0x0b50  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:28:50.0137 0x0b50  b57nd60a - ok
20:28:50.0150 0x0b50  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:28:50.0165 0x0b50  BDESVC - ok
20:28:50.0175 0x0b50  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:28:50.0202 0x0b50  Beep - ok
20:28:50.0225 0x0b50  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:28:50.0252 0x0b50  BFE - ok
20:28:50.0275 0x0b50  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:28:50.0332 0x0b50  BITS - ok
20:28:50.0337 0x0b50  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:28:50.0345 0x0b50  blbdrive - ok
20:28:50.0360 0x0b50  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:28:50.0380 0x0b50  Bonjour Service - ok
20:28:50.0387 0x0b50  BotkindSyncService - ok
20:28:50.0427 0x0b50  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:28:50.0437 0x0b50  bowser - ok
20:28:50.0447 0x0b50  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:28:50.0460 0x0b50  BrFiltLo - ok
20:28:50.0467 0x0b50  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:28:50.0482 0x0b50  BrFiltUp - ok
20:28:50.0527 0x0b50  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:28:50.0542 0x0b50  Browser - ok
20:28:50.0550 0x0b50  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
20:28:50.0560 0x0b50  BrSerIb - ok
20:28:50.0572 0x0b50  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:28:50.0590 0x0b50  Brserid - ok
20:28:50.0595 0x0b50  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:28:50.0610 0x0b50  BrSerWdm - ok
20:28:50.0632 0x0b50  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:28:50.0650 0x0b50  BrUsbMdm - ok
20:28:50.0655 0x0b50  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:28:50.0667 0x0b50  BrUsbSer - ok
20:28:50.0685 0x0b50  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
20:28:50.0690 0x0b50  BrUsbSIb - ok
20:28:50.0697 0x0b50  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:28:50.0710 0x0b50  BTHMODEM - ok
20:28:50.0750 0x0b50  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:28:50.0785 0x0b50  bthserv - ok
20:28:50.0790 0x0b50  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:28:50.0820 0x0b50  cdfs - ok
20:28:50.0830 0x0b50  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
20:28:50.0845 0x0b50  cdrom - ok
20:28:50.0852 0x0b50  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:28:50.0875 0x0b50  CertPropSvc - ok
20:28:50.0882 0x0b50  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:28:50.0892 0x0b50  circlass - ok
20:28:50.0910 0x0b50  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:28:50.0927 0x0b50  CLFS - ok
20:28:50.0935 0x0b50  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:28:50.0945 0x0b50  clr_optimization_v2.0.50727_32 - ok
20:28:50.0960 0x0b50  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:28:50.0967 0x0b50  clr_optimization_v2.0.50727_64 - ok
20:28:50.0990 0x0b50  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:28:51.0007 0x0b50  clr_optimization_v4.0.30319_32 - ok
20:28:51.0012 0x0b50  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:28:51.0032 0x0b50  clr_optimization_v4.0.30319_64 - ok
20:28:51.0050 0x0b50  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:28:51.0060 0x0b50  CmBatt - ok
20:28:51.0070 0x0b50  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:28:51.0077 0x0b50  cmdide - ok
20:28:51.0102 0x0b50  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
20:28:51.0130 0x0b50  CNG - ok
20:28:51.0135 0x0b50  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:28:51.0142 0x0b50  Compbatt - ok
20:28:51.0172 0x0b50  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:28:51.0185 0x0b50  CompositeBus - ok
20:28:51.0192 0x0b50  COMSysApp - ok
20:28:51.0220 0x0b50  [ 2C0197886BB851E6589087434D890926, 345AC2F80DB3FB530F6AD89FDB1BFF0423E27EF59B2DC46B65F9E2DB0D9D2E89 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe
20:28:51.0230 0x0b50  CrashPlanService - detected UnsignedFile.Multi.Generic ( 1 )
20:28:54.0177 0x0b50  Detect skipped due to KSN trusted
20:28:54.0177 0x0b50  CrashPlanService - ok
20:28:54.0182 0x0b50  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:28:54.0190 0x0b50  crcdisk - ok
20:28:54.0220 0x0b50  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:28:54.0235 0x0b50  CryptSvc - ok
20:28:54.0290 0x0b50  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
20:28:54.0310 0x0b50  CSC - ok
20:28:54.0327 0x0b50  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
20:28:54.0352 0x0b50  CscService - ok
20:28:54.0370 0x0b50  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:28:54.0402 0x0b50  DcomLaunch - ok
20:28:54.0412 0x0b50  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:28:54.0447 0x0b50  defragsvc - ok
20:28:54.0452 0x0b50  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:28:54.0482 0x0b50  DfsC - ok
20:28:54.0495 0x0b50  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:28:54.0512 0x0b50  Dhcp - ok
20:28:54.0522 0x0b50  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:28:54.0552 0x0b50  discache - ok
20:28:54.0557 0x0b50  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:28:54.0565 0x0b50  Disk - ok
20:28:54.0605 0x0b50  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:28:54.0622 0x0b50  Dnscache - ok
20:28:54.0632 0x0b50  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:28:54.0660 0x0b50  dot3svc - ok
20:28:54.0667 0x0b50  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:28:54.0695 0x0b50  DPS - ok
20:28:54.0697 0x0b50  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:28:54.0707 0x0b50  drmkaud - ok
20:28:54.0710 0x0b50  [ 0040A0132AAC1004E50055F8FBB14C08, A336CA41DA09AC749242852827C1F2FB645E8E81A707217C360C5E4ACD1760BA ] dsNcAdpt        C:\Windows\system32\DRIVERS\dsNcAdpt.sys
20:28:54.0720 0x0b50  dsNcAdpt - ok
20:28:54.0755 0x0b50  [ 004CE5DE82780E617639466180AE75E9, AFB2D694165ACD470C428D6415BD06A5C853572CB452A5866F61B2DDBDF196C3 ] dsNcService     C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
20:28:54.0777 0x0b50  dsNcService - ok
20:28:54.0802 0x0b50  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:28:54.0832 0x0b50  DXGKrnl - ok
20:28:54.0855 0x0b50  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:28:54.0882 0x0b50  EapHost - ok
20:28:54.0960 0x0b50  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:28:55.0050 0x0b50  ebdrv - ok
20:28:55.0055 0x0b50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
20:28:55.0065 0x0b50  EFS - ok
20:28:55.0095 0x0b50  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:28:55.0125 0x0b50  ehRecvr - ok
20:28:55.0130 0x0b50  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:28:55.0140 0x0b50  ehSched - ok
20:28:55.0162 0x0b50  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:28:55.0180 0x0b50  elxstor - ok
20:28:55.0190 0x0b50  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:28:55.0200 0x0b50  ErrDev - ok
20:28:55.0245 0x0b50  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:28:55.0280 0x0b50  EventSystem - ok
20:28:55.0287 0x0b50  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:28:55.0317 0x0b50  exfat - ok
20:28:55.0325 0x0b50  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:28:55.0355 0x0b50  fastfat - ok
20:28:55.0372 0x0b50  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:28:55.0395 0x0b50  Fax - ok
20:28:55.0417 0x0b50  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:28:55.0430 0x0b50  fdc - ok
20:28:55.0440 0x0b50  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:28:55.0465 0x0b50  fdPHost - ok
20:28:55.0480 0x0b50  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:28:55.0505 0x0b50  FDResPub - ok
20:28:55.0520 0x0b50  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:28:55.0530 0x0b50  FileInfo - ok
20:28:55.0557 0x0b50  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:28:55.0582 0x0b50  Filetrace - ok
20:28:55.0587 0x0b50  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:28:55.0595 0x0b50  flpydisk - ok
20:28:55.0602 0x0b50  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:28:55.0617 0x0b50  FltMgr - ok
20:28:55.0660 0x0b50  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
20:28:55.0697 0x0b50  FontCache - ok
20:28:55.0702 0x0b50  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:28:55.0710 0x0b50  FontCache3.0.0.0 - ok
20:28:55.0722 0x0b50  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:28:55.0732 0x0b50  FsDepends - ok
20:28:55.0742 0x0b50  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:28:55.0752 0x0b50  Fs_Rec - ok
20:28:55.0767 0x0b50  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:28:55.0782 0x0b50  fvevol - ok
20:28:55.0820 0x0b50  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:28:55.0827 0x0b50  gagp30kx - ok
20:28:55.0847 0x0b50  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:28:55.0852 0x0b50  GEARAspiWDM - ok
20:28:55.0915 0x0b50  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:28:55.0957 0x0b50  gpsvc - ok
20:28:55.0965 0x0b50  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:28:55.0972 0x0b50  gupdate - ok
20:28:55.0982 0x0b50  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:28:55.0990 0x0b50  gupdatem - ok
20:28:56.0012 0x0b50  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:28:56.0025 0x0b50  gusvc - ok
20:28:56.0047 0x0b50  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:28:56.0057 0x0b50  hcw85cir - ok
20:28:56.0075 0x0b50  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:28:56.0095 0x0b50  HdAudAddService - ok
20:28:56.0112 0x0b50  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:28:56.0125 0x0b50  HDAudBus - ok
20:28:56.0147 0x0b50  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:28:56.0160 0x0b50  HidBatt - ok
20:28:56.0187 0x0b50  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:28:56.0197 0x0b50  HidBth - ok
20:28:56.0205 0x0b50  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:28:56.0220 0x0b50  HidIr - ok
20:28:56.0225 0x0b50  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:28:56.0250 0x0b50  hidserv - ok
20:28:56.0280 0x0b50  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
20:28:56.0287 0x0b50  HidUsb - ok
20:28:56.0322 0x0b50  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:28:56.0350 0x0b50  hkmsvc - ok
20:28:56.0357 0x0b50  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:28:56.0370 0x0b50  HomeGroupListener - ok
20:28:56.0377 0x0b50  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:28:56.0387 0x0b50  HomeGroupProvider - ok
20:28:56.0397 0x0b50  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:28:56.0407 0x0b50  HpSAMD - ok
20:28:56.0450 0x0b50  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:28:56.0492 0x0b50  HTTP - ok
20:28:56.0515 0x0b50  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:28:56.0522 0x0b50  hwpolicy - ok
20:28:56.0557 0x0b50  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:28:56.0567 0x0b50  i8042prt - ok
20:28:56.0602 0x0b50  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:28:56.0620 0x0b50  iaStorV - ok
20:28:56.0645 0x0b50  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:28:56.0672 0x0b50  idsvc - ok
20:28:56.0675 0x0b50  IEEtwCollectorService - ok
20:28:56.0680 0x0b50  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:28:56.0687 0x0b50  iirsp - ok
20:28:56.0717 0x0b50  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:28:56.0747 0x0b50  IKEEXT - ok
20:28:56.0767 0x0b50  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:28:56.0780 0x0b50  intelide - ok
20:28:56.0805 0x0b50  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:28:56.0815 0x0b50  intelppm - ok
20:28:56.0830 0x0b50  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:28:56.0857 0x0b50  IPBusEnum - ok
20:28:56.0865 0x0b50  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:28:56.0890 0x0b50  IpFilterDriver - ok
20:28:56.0932 0x0b50  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:28:56.0955 0x0b50  iphlpsvc - ok
20:28:56.0960 0x0b50  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:28:57.0085 0x0b50  IPMIDRV - ok
20:28:57.0090 0x0b50  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:28:57.0120 0x0b50  IPNAT - ok
20:28:57.0135 0x0b50  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:28:57.0157 0x0b50  iPod Service - ok
20:28:57.0160 0x0b50  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:28:57.0172 0x0b50  IRENUM - ok
20:28:57.0192 0x0b50  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:28:57.0200 0x0b50  isapnp - ok
20:28:57.0220 0x0b50  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:28:57.0232 0x0b50  iScsiPrt - ok
20:28:57.0270 0x0b50  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:28:57.0280 0x0b50  kbdclass - ok
20:28:57.0307 0x0b50  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:28:57.0317 0x0b50  kbdhid - ok
20:28:57.0330 0x0b50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
20:28:57.0337 0x0b50  KeyIso - ok
20:28:57.0375 0x0b50  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:28:57.0385 0x0b50  KSecDD - ok
20:28:57.0397 0x0b50  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:28:57.0407 0x0b50  KSecPkg - ok
20:28:57.0430 0x0b50  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:28:57.0455 0x0b50  ksthunk - ok
20:28:57.0465 0x0b50  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:28:57.0497 0x0b50  KtmRm - ok
20:28:57.0505 0x0b50  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:28:57.0532 0x0b50  LanmanServer - ok
20:28:57.0545 0x0b50  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:28:57.0570 0x0b50  LanmanWorkstation - ok
20:28:57.0617 0x0b50  [ D69FDDADA5CF0097966C4F52C2E6FEBA, 35FA7E4658AFCCE293F31E66B695D45D31A0ADF4C837DA1C801F7577B73754AC ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
20:28:57.0670 0x0b50  LiveUpdateSvc - ok
20:28:57.0677 0x0b50  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:28:57.0707 0x0b50  lltdio - ok
20:28:57.0717 0x0b50  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:28:57.0747 0x0b50  lltdsvc - ok
20:28:57.0752 0x0b50  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:28:57.0777 0x0b50  lmhosts - ok
20:28:57.0810 0x0b50  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:28:57.0820 0x0b50  LSI_FC - ok
20:28:57.0830 0x0b50  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:28:57.0840 0x0b50  LSI_SAS - ok
20:28:57.0867 0x0b50  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:28:57.0877 0x0b50  LSI_SAS2 - ok
20:28:57.0910 0x0b50  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:28:57.0922 0x0b50  LSI_SCSI - ok
20:28:57.0932 0x0b50  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:28:57.0965 0x0b50  luafv - ok
20:28:57.0987 0x0b50  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
20:28:57.0992 0x0b50  LVPr2M64 - ok
20:28:58.0012 0x0b50  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
20:28:58.0020 0x0b50  LVPr2Mon - ok
20:28:58.0057 0x0b50  [ 9CD0DC863BE5D40A762F7D84F11A8471, 5824EF34618CA613C63684DBFD7D7DB743A92D632888095B9062A52B512034D9 ] LVPrcS64        C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
20:28:58.0067 0x0b50  LVPrcS64 - ok
20:28:58.0115 0x0b50  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
20:28:58.0127 0x0b50  LVRS64 - ok
20:28:58.0252 0x0b50  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
20:28:58.0375 0x0b50  LVUVC64 - ok
20:28:58.0385 0x0b50  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:28:58.0397 0x0b50  Mcx2Svc - ok
20:28:58.0412 0x0b50  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:28:58.0425 0x0b50  megasas - ok
20:28:58.0455 0x0b50  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:28:58.0470 0x0b50  MegaSR - ok
20:28:58.0477 0x0b50  Microsoft SharePoint Workspace Audit Service - ok
20:28:58.0515 0x0b50  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:28:58.0540 0x0b50  MMCSS - ok
20:28:58.0552 0x0b50  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:28:58.0577 0x0b50  Modem - ok
20:28:58.0590 0x0b50  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:28:58.0600 0x0b50  monitor - ok
20:28:58.0627 0x0b50  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:28:58.0635 0x0b50  mouclass - ok
20:28:58.0650 0x0b50  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:28:58.0657 0x0b50  mouhid - ok
20:28:58.0670 0x0b50  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:28:58.0680 0x0b50  mountmgr - ok
20:28:58.0715 0x0b50  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:28:58.0725 0x0b50  mpio - ok
20:28:58.0750 0x0b50  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:28:58.0782 0x0b50  mpsdrv - ok
20:28:58.0810 0x0b50  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:28:58.0855 0x0b50  MpsSvc - ok
20:28:58.0862 0x0b50  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:28:58.0877 0x0b50  MRxDAV - ok
20:28:58.0892 0x0b50  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:28:58.0902 0x0b50  mrxsmb - ok
20:28:58.0932 0x0b50  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:28:58.0945 0x0b50  mrxsmb10 - ok
20:28:58.0967 0x0b50  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:28:58.0977 0x0b50  mrxsmb20 - ok
20:28:58.0982 0x0b50  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:28:58.0992 0x0b50  msahci - ok
20:28:59.0025 0x0b50  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:28:59.0037 0x0b50  msdsm - ok
20:28:59.0047 0x0b50  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:28:59.0060 0x0b50  MSDTC - ok
20:28:59.0085 0x0b50  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:28:59.0110 0x0b50  Msfs - ok
20:28:59.0122 0x0b50  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:28:59.0150 0x0b50  mshidkmdf - ok
20:28:59.0155 0x0b50  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:28:59.0162 0x0b50  msisadrv - ok
20:28:59.0182 0x0b50  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:28:59.0212 0x0b50  MSiSCSI - ok
20:28:59.0215 0x0b50  msiserver - ok
20:28:59.0235 0x0b50  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:28:59.0260 0x0b50  MSKSSRV - ok
20:28:59.0265 0x0b50  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:28:59.0295 0x0b50  MSPCLOCK - ok
20:28:59.0305 0x0b50  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:28:59.0327 0x0b50  MSPQM - ok
20:28:59.0347 0x0b50  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:28:59.0365 0x0b50  MsRPC - ok
20:28:59.0380 0x0b50  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:28:59.0387 0x0b50  mssmbios - ok
20:28:59.0417 0x0b50  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:28:59.0442 0x0b50  MSTEE - ok
20:28:59.0445 0x0b50  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:28:59.0455 0x0b50  MTConfig - ok
20:28:59.0467 0x0b50  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:28:59.0475 0x0b50  Mup - ok
20:28:59.0530 0x0b50  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:28:59.0567 0x0b50  napagent - ok
20:28:59.0575 0x0b50  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:28:59.0595 0x0b50  NativeWifiP - ok
20:28:59.0642 0x0b50  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:28:59.0672 0x0b50  NDIS - ok
20:28:59.0677 0x0b50  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:28:59.0702 0x0b50  NdisCap - ok
20:28:59.0707 0x0b50  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:28:59.0732 0x0b50  NdisTapi - ok
20:28:59.0737 0x0b50  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:28:59.0762 0x0b50  Ndisuio - ok
20:28:59.0770 0x0b50  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:28:59.0805 0x0b50  NdisWan - ok
20:28:59.0810 0x0b50  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:28:59.0837 0x0b50  NDProxy - ok
20:28:59.0842 0x0b50  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:28:59.0870 0x0b50  NetBIOS - ok
20:28:59.0887 0x0b50  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:28:59.0917 0x0b50  NetBT - ok
20:28:59.0922 0x0b50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
20:28:59.0930 0x0b50  Netlogon - ok
20:28:59.0970 0x0b50  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:29:00.0005 0x0b50  Netman - ok
20:29:00.0010 0x0b50  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:29:00.0025 0x0b50  NetMsmqActivator - ok
20:29:00.0070 0x0b50  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:29:00.0080 0x0b50  NetPipeActivator - ok
20:29:00.0100 0x0b50  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:29:00.0140 0x0b50  netprofm - ok
20:29:00.0147 0x0b50  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:29:00.0157 0x0b50  NetTcpActivator - ok
20:29:00.0162 0x0b50  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:29:00.0172 0x0b50  NetTcpPortSharing - ok
20:29:00.0210 0x0b50  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:29:00.0220 0x0b50  nfrd960 - ok
20:29:00.0235 0x0b50  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:29:00.0250 0x0b50  NlaSvc - ok
20:29:00.0255 0x0b50  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:29:00.0280 0x0b50  Npfs - ok
20:29:00.0312 0x0b50  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:29:00.0340 0x0b50  nsi - ok
20:29:00.0342 0x0b50  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:29:00.0367 0x0b50  nsiproxy - ok
20:29:00.0432 0x0b50  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:29:00.0477 0x0b50  Ntfs - ok
20:29:00.0505 0x0b50  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:29:00.0542 0x0b50  Null - ok
20:29:00.0797 0x0b50  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:29:01.0095 0x0b50  nvlddmkm - ok
20:29:01.0142 0x0b50  [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:29:01.0192 0x0b50  NvNetworkService - ok
20:29:01.0200 0x0b50  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:29:01.0210 0x0b50  nvraid - ok
20:29:01.0215 0x0b50  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:29:01.0227 0x0b50  nvstor - ok
20:29:01.0257 0x0b50  [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:29:01.0265 0x0b50  NvStreamKms - ok
20:29:01.0647 0x0b50  [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
20:29:02.0087 0x0b50  NvStreamSvc - ok
20:29:02.0127 0x0b50  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:29:02.0157 0x0b50  nvsvc - ok
20:29:02.0160 0x0b50  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:29:02.0167 0x0b50  nvvad_WaveExtensible - ok
20:29:02.0182 0x0b50  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:29:02.0192 0x0b50  nv_agp - ok
20:29:02.0240 0x0b50  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:29:02.0250 0x0b50  ohci1394 - ok
20:29:02.0262 0x0b50  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:29:02.0270 0x0b50  ose64 - ok
20:29:02.0407 0x0b50  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:29:02.0527 0x0b50  osppsvc - ok
20:29:02.0542 0x0b50  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:29:02.0560 0x0b50  p2pimsvc - ok
20:29:02.0575 0x0b50  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:29:02.0595 0x0b50  p2psvc - ok
20:29:02.0605 0x0b50  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:29:02.0615 0x0b50  Parport - ok
20:29:02.0627 0x0b50  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:29:02.0635 0x0b50  partmgr - ok
20:29:02.0682 0x0b50  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:29:02.0702 0x0b50  PcaSvc - ok
20:29:02.0710 0x0b50  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:29:02.0722 0x0b50  pci - ok
20:29:02.0747 0x0b50  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:29:02.0757 0x0b50  pciide - ok
20:29:02.0775 0x0b50  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:29:02.0787 0x0b50  pcmcia - ok
20:29:02.0807 0x0b50  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:29:02.0817 0x0b50  pcw - ok
20:29:02.0875 0x0b50  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:29:02.0915 0x0b50  PEAUTH - ok
20:29:02.0945 0x0b50  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:29:02.0990 0x0b50  PeerDistSvc - ok
20:29:03.0005 0x0b50  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:29:03.0025 0x0b50  PerfHost - ok
20:29:03.0065 0x0b50  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:29:03.0125 0x0b50  pla - ok
20:29:03.0152 0x0b50  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:29:03.0172 0x0b50  PlugPlay - ok
20:29:03.0177 0x0b50  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:29:03.0185 0x0b50  PNRPAutoReg - ok
20:29:03.0222 0x0b50  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:29:03.0235 0x0b50  PNRPsvc - ok
20:29:03.0257 0x0b50  [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64         C:\Windows\system32\DRIVERS\point64.sys
20:29:03.0267 0x0b50  Point64 - ok
20:29:03.0305 0x0b50  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:29:03.0340 0x0b50  PolicyAgent - ok
20:29:03.0347 0x0b50  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:29:03.0377 0x0b50  Power - ok
20:29:03.0385 0x0b50  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:29:03.0410 0x0b50  PptpMiniport - ok
20:29:03.0435 0x0b50  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:29:03.0447 0x0b50  Processor - ok
20:29:03.0460 0x0b50  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:29:03.0472 0x0b50  ProfSvc - ok
20:29:03.0495 0x0b50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:29:03.0505 0x0b50  ProtectedStorage - ok
20:29:03.0517 0x0b50  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:29:03.0547 0x0b50  Psched - ok
20:29:03.0567 0x0b50  qknfd - ok
20:29:03.0637 0x0b50  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:29:03.0677 0x0b50  ql2300 - ok
20:29:03.0685 0x0b50  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:29:03.0697 0x0b50  ql40xx - ok
20:29:03.0725 0x0b50  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:29:03.0745 0x0b50  QWAVE - ok
20:29:03.0760 0x0b50  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:29:03.0772 0x0b50  QWAVEdrv - ok
20:29:03.0795 0x0b50  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:29:03.0820 0x0b50  RasAcd - ok
20:29:03.0857 0x0b50  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:29:03.0882 0x0b50  RasAgileVpn - ok
20:29:03.0887 0x0b50  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:29:03.0912 0x0b50  RasAuto - ok
20:29:03.0925 0x0b50  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:29:03.0950 0x0b50  Rasl2tp - ok
20:29:03.0960 0x0b50  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:29:03.0992 0x0b50  RasMan - ok
20:29:03.0997 0x0b50  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:29:04.0025 0x0b50  RasPppoe - ok
20:29:04.0030 0x0b50  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:29:04.0057 0x0b50  RasSstp - ok
20:29:04.0067 0x0b50  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:29:04.0097 0x0b50  rdbss - ok
20:29:04.0105 0x0b50  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:29:04.0115 0x0b50  rdpbus - ok
20:29:04.0125 0x0b50  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:29:04.0150 0x0b50  RDPCDD - ok
20:29:04.0157 0x0b50  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:29:04.0170 0x0b50  RDPDR - ok
20:29:04.0172 0x0b50  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:29:04.0197 0x0b50  RDPENCDD - ok
20:29:04.0202 0x0b50  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:29:04.0225 0x0b50  RDPREFMP - ok
20:29:04.0230 0x0b50  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:29:04.0237 0x0b50  RdpVideoMiniport - ok
20:29:04.0257 0x0b50  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:29:04.0270 0x0b50  RDPWD - ok
20:29:04.0280 0x0b50  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:29:04.0292 0x0b50  rdyboost - ok
20:29:04.0315 0x0b50  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:29:04.0345 0x0b50  RemoteAccess - ok
20:29:04.0350 0x0b50  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:29:04.0380 0x0b50  RemoteRegistry - ok
20:29:04.0382 0x0b50  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:29:04.0410 0x0b50  RpcEptMapper - ok
20:29:04.0412 0x0b50  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:29:04.0422 0x0b50  RpcLocator - ok
20:29:04.0450 0x0b50  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:29:04.0487 0x0b50  RpcSs - ok
20:29:04.0490 0x0b50  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:29:04.0515 0x0b50  rspndr - ok
20:29:04.0535 0x0b50  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:29:04.0552 0x0b50  RTL8167 - ok
20:29:04.0557 0x0b50  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
20:29:04.0565 0x0b50  s3cap - ok
20:29:04.0577 0x0b50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
20:29:04.0585 0x0b50  SamSs - ok
20:29:04.0620 0x0b50  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:29:04.0630 0x0b50  sbp2port - ok
20:29:04.0642 0x0b50  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:29:04.0672 0x0b50  SCardSvr - ok
20:29:04.0680 0x0b50  [ 0E3B268357B750D93584981766FA0816, CCDFF71FF75D6E062952E677290CDC98C56BE921B2B9B6B2B388F07A8A5AEC1F ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
20:29:04.0690 0x0b50  SCDEmu - ok
20:29:04.0705 0x0b50  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:29:04.0730 0x0b50  scfilter - ok
20:29:04.0782 0x0b50  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:29:04.0835 0x0b50  Schedule - ok
20:29:04.0855 0x0b50  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:29:04.0877 0x0b50  SCPolicySvc - ok
20:29:04.0910 0x0b50  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:29:04.0922 0x0b50  SDRSVC - ok
20:29:04.0927 0x0b50  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:29:04.0952 0x0b50  secdrv - ok
20:29:04.0965 0x0b50  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:29:04.0990 0x0b50  seclogon - ok
20:29:05.0002 0x0b50  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:29:05.0030 0x0b50  SENS - ok
20:29:05.0060 0x0b50  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:29:05.0072 0x0b50  SensrSvc - ok
20:29:05.0082 0x0b50  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:29:05.0090 0x0b50  Serenum - ok
20:29:05.0105 0x0b50  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:29:05.0115 0x0b50  Serial - ok
20:29:05.0127 0x0b50  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:29:05.0137 0x0b50  sermouse - ok
20:29:05.0187 0x0b50  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:29:05.0220 0x0b50  SessionEnv - ok
20:29:05.0225 0x0b50  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:29:05.0235 0x0b50  sffdisk - ok
20:29:05.0255 0x0b50  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:29:05.0267 0x0b50  sffp_mmc - ok
20:29:05.0275 0x0b50  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:29:05.0287 0x0b50  sffp_sd - ok
20:29:05.0312 0x0b50  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:29:05.0320 0x0b50  sfloppy - ok
20:29:05.0342 0x0b50  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:29:05.0375 0x0b50  SharedAccess - ok
20:29:05.0387 0x0b50  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:29:05.0427 0x0b50  ShellHWDetection - ok
20:29:05.0447 0x0b50  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:29:05.0455 0x0b50  SiSRaid2 - ok
20:29:05.0460 0x0b50  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:29:05.0467 0x0b50  SiSRaid4 - ok
20:29:05.0497 0x0b50  [ E15176399AF40B56AC09A823708B85D7, 463BEA1E1DD5AC1DE82D07C181388693B937745E4949A9010560B638303BE144 ] SlingAgentService C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
20:29:05.0507 0x0b50  SlingAgentService - ok
20:29:05.0535 0x0b50  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:29:05.0562 0x0b50  Smb - ok
20:29:05.0567 0x0b50  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:29:05.0577 0x0b50  SNMPTRAP - ok
20:29:05.0597 0x0b50  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:29:05.0605 0x0b50  spldr - ok
20:29:05.0647 0x0b50  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:29:05.0670 0x0b50  Spooler - ok
20:29:05.0777 0x0b50  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:29:05.0900 0x0b50  sppsvc - ok
20:29:05.0907 0x0b50  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:29:05.0932 0x0b50  sppuinotify - ok
20:29:05.0940 0x0b50  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:29:05.0971 0x0b50  srv - ok
20:29:05.0971 0x0b50  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:29:06.0004 0x0b50  srv2 - ok
20:29:06.0012 0x0b50  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:29:06.0022 0x0b50  srvnet - ok
20:29:06.0053 0x0b50  [ 2F4595C0AFA2152D67AAE594DC461509, 7CD0C856EC11362EDA45779696EA670DF0047070515DDBDA65C4741EC401CB59 ] SSCBFS3         C:\Windows\system32\DRIVERS\sscbfs3.sys
20:29:06.0068 0x0b50  SSCBFS3 - ok
20:29:06.0086 0x0b50  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:29:06.0123 0x0b50  SSDPSRV - ok
20:29:06.0128 0x0b50  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:29:06.0158 0x0b50  SstpSvc - ok
20:29:06.0168 0x0b50  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:29:06.0186 0x0b50  Stereo Service - ok
20:29:06.0201 0x0b50  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:29:06.0208 0x0b50  stexstor - ok
20:29:06.0243 0x0b50  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:29:06.0276 0x0b50  stisvc - ok
20:29:06.0281 0x0b50  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:29:06.0291 0x0b50  storflt - ok
20:29:06.0296 0x0b50  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:29:06.0303 0x0b50  storvsc - ok
20:29:06.0316 0x0b50  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:29:06.0326 0x0b50  swenum - ok
20:29:06.0363 0x0b50  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:29:06.0411 0x0b50  swprv - ok
20:29:06.0413 0x0b50  Synth3dVsc - ok
20:29:06.0463 0x0b50  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
20:29:06.0533 0x0b50  SysMain - ok
20:29:06.0541 0x0b50  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:29:06.0556 0x0b50  TabletInputService - ok
20:29:06.0571 0x0b50  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:29:06.0613 0x0b50  TapiSrv - ok
20:29:06.0628 0x0b50  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:29:06.0663 0x0b50  TBS - ok
20:29:06.0708 0x0b50  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:29:06.0761 0x0b50  Tcpip - ok
20:29:06.0806 0x0b50  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:29:06.0848 0x0b50  TCPIP6 - ok
20:29:06.0856 0x0b50  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:29:06.0863 0x0b50  tcpipreg - ok
20:29:06.0876 0x0b50  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:29:06.0886 0x0b50  TDPIPE - ok
20:29:06.0931 0x0b50  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:29:06.0941 0x0b50  TDTCP - ok
20:29:06.0953 0x0b50  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:29:06.0981 0x0b50  tdx - ok
20:29:06.0991 0x0b50  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:29:06.0998 0x0b50  TermDD - ok
20:29:07.0023 0x0b50  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
20:29:07.0066 0x0b50  TermService - ok
20:29:07.0068 0x0b50  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:29:07.0081 0x0b50  Themes - ok
20:29:07.0083 0x0b50  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:29:07.0111 0x0b50  THREADORDER - ok
20:29:07.0128 0x0b50  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:29:07.0161 0x0b50  TrkWks - ok
20:29:07.0168 0x0b50  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:29:07.0196 0x0b50  TrustedInstaller - ok
20:29:07.0201 0x0b50  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:29:07.0211 0x0b50  tssecsrv - ok
20:29:07.0228 0x0b50  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:29:07.0238 0x0b50  TsUsbFlt - ok
20:29:07.0248 0x0b50  tsusbhub - ok
20:29:07.0256 0x0b50  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:29:07.0298 0x0b50  tunnel - ok
20:29:07.0303 0x0b50  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:29:07.0311 0x0b50  uagp35 - ok
20:29:07.0343 0x0b50  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:29:07.0381 0x0b50  udfs - ok
20:29:07.0438 0x0b50  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:29:07.0451 0x0b50  UI0Detect - ok
20:29:07.0463 0x0b50  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:29:07.0473 0x0b50  uliagpkx - ok
20:29:07.0498 0x0b50  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
20:29:07.0508 0x0b50  umbus - ok
20:29:07.0536 0x0b50  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:29:07.0546 0x0b50  UmPass - ok
20:29:07.0591 0x0b50  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:29:07.0603 0x0b50  UmRdpService - ok
20:29:07.0636 0x0b50  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
20:29:07.0658 0x0b50  UMVPFSrv - ok
20:29:07.0661 0x0b50  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
20:29:07.0668 0x0b50  UnlockerDriver5 - ok
20:29:07.0696 0x0b50  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:29:07.0743 0x0b50  upnphost - ok
20:29:07.0748 0x0b50  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:29:07.0761 0x0b50  USBAAPL64 - ok
20:29:07.0778 0x0b50  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:29:07.0793 0x0b50  usbaudio - ok
20:29:07.0801 0x0b50  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:29:07.0813 0x0b50  usbccgp - ok
20:29:07.0821 0x0b50  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:29:07.0833 0x0b50  usbcir - ok
20:29:07.0876 0x0b50  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:29:07.0888 0x0b50  usbehci - ok
20:29:07.0921 0x0b50  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:29:07.0938 0x0b50  usbhub - ok
20:29:07.0961 0x0b50  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:29:07.0968 0x0b50  usbohci - ok
20:29:07.0998 0x0b50  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:29:08.0011 0x0b50  usbprint - ok
20:29:08.0023 0x0b50  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:29:08.0033 0x0b50  usbscan - ok
20:29:08.0063 0x0b50  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:29:08.0073 0x0b50  USBSTOR - ok
20:29:08.0086 0x0b50  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:29:08.0101 0x0b50  usbuhci - ok
20:29:08.0128 0x0b50  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:29:08.0146 0x0b50  usbvideo - ok
20:29:08.0168 0x0b50  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:29:08.0201 0x0b50  UxSms - ok
20:29:08.0203 0x0b50  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
20:29:08.0213 0x0b50  VaultSvc - ok
20:29:08.0251 0x0b50  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:29:08.0261 0x0b50  vdrvroot - ok
20:29:08.0288 0x0b50  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:29:08.0326 0x0b50  vds - ok
20:29:08.0331 0x0b50  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:29:08.0341 0x0b50  vga - ok
20:29:08.0361 0x0b50  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:29:08.0393 0x0b50  VgaSave - ok
20:29:08.0401 0x0b50  VGPU - ok
20:29:08.0411 0x0b50  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:29:08.0428 0x0b50  vhdmp - ok
20:29:08.0433 0x0b50  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:29:08.0446 0x0b50  viaide - ok
20:29:08.0488 0x0b50  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:29:08.0516 0x0b50  vmbus - ok
20:29:08.0523 0x0b50  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
20:29:08.0533 0x0b50  VMBusHID - ok
20:29:08.0546 0x0b50  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:29:08.0558 0x0b50  volmgr - ok
20:29:08.0593 0x0b50  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:29:08.0608 0x0b50  volmgrx - ok
20:29:08.0628 0x0b50  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:29:08.0643 0x0b50  volsnap - ok
20:29:08.0666 0x0b50  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:29:08.0676 0x0b50  vsmraid - ok
20:29:08.0723 0x0b50  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:29:08.0796 0x0b50  VSS - ok
20:29:08.0818 0x0b50  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:29:08.0828 0x0b50  vwifibus - ok
20:29:08.0848 0x0b50  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:29:08.0886 0x0b50  W32Time - ok
20:29:08.0893 0x0b50  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:29:08.0901 0x0b50  WacomPen - ok
20:29:08.0923 0x0b50  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:29:08.0958 0x0b50  WANARP - ok
20:29:08.0963 0x0b50  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:29:08.0988 0x0b50  Wanarpv6 - ok
20:29:09.0016 0x0b50  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:29:09.0053 0x0b50  WatAdminSvc - ok
20:29:09.0091 0x0b50  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:29:09.0156 0x0b50  wbengine - ok
20:29:09.0166 0x0b50  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:29:09.0186 0x0b50  WbioSrvc - ok
20:29:09.0231 0x0b50  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:29:09.0261 0x0b50  wcncsvc - ok
20:29:09.0268 0x0b50  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:29:09.0281 0x0b50  WcsPlugInService - ok
20:29:09.0306 0x0b50  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:29:09.0316 0x0b50  Wd - ok
20:29:09.0348 0x0b50  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:29:09.0381 0x0b50  Wdf01000 - ok
20:29:09.0388 0x0b50  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:29:09.0418 0x0b50  WdiServiceHost - ok
20:29:09.0423 0x0b50  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:29:09.0446 0x0b50  WdiSystemHost - ok
20:29:09.0493 0x0b50  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
20:29:09.0513 0x0b50  WebClient - ok
20:29:09.0523 0x0b50  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:29:09.0578 0x0b50  Wecsvc - ok
20:29:09.0583 0x0b50  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:29:09.0616 0x0b50  wercplsupport - ok
20:29:09.0621 0x0b50  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:29:09.0653 0x0b50  WerSvc - ok
20:29:09.0656 0x0b50  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:29:09.0678 0x0b50  WfpLwf - ok
20:29:09.0686 0x0b50  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:29:09.0696 0x0b50  WIMMount - ok
20:29:09.0723 0x0b50  WinDefend - ok
20:29:09.0748 0x0b50  WinHttpAutoProxySvc - ok
20:29:09.0761 0x0b50  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:29:09.0803 0x0b50  Winmgmt - ok
20:29:09.0851 0x0b50  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:29:09.0928 0x0b50  WinRM - ok
20:29:09.0936 0x0b50  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:29:09.0953 0x0b50  WinUsb - ok
20:29:09.0988 0x0b50  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:29:10.0028 0x0b50  Wlansvc - ok
20:29:10.0088 0x0b50  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:29:10.0151 0x0b50  wlidsvc - ok
20:29:10.0156 0x0b50  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:29:10.0163 0x0b50  WmiAcpi - ok
20:29:10.0191 0x0b50  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:29:10.0208 0x0b50  wmiApSrv - ok
20:29:10.0213 0x0b50  WMPNetworkSvc - ok
20:29:10.0236 0x0b50  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:29:10.0246 0x0b50  WPCSvc - ok
20:29:10.0273 0x0b50  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:29:10.0293 0x0b50  WPDBusEnum - ok
20:29:10.0298 0x0b50  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:29:10.0331 0x0b50  ws2ifsl - ok
20:29:10.0336 0x0b50  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:29:10.0351 0x0b50  wscsvc - ok
20:29:10.0356 0x0b50  WSearch - ok
20:29:10.0443 0x0b50  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:29:10.0523 0x0b50  wuauserv - ok
20:29:10.0533 0x0b50  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:29:10.0543 0x0b50  WudfPf - ok
20:29:10.0561 0x0b50  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:29:10.0576 0x0b50  WUDFRd - ok
20:29:10.0583 0x0b50  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:29:10.0596 0x0b50  wudfsvc - ok
20:29:10.0626 0x0b50  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:29:10.0646 0x0b50  WwanSvc - ok
20:29:10.0691 0x0b50  ================ Scan global ===============================
20:29:10.0698 0x0b50  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:29:10.0723 0x0b50  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:29:10.0741 0x0b50  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:29:10.0771 0x0b50  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:29:10.0783 0x0b50  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:29:10.0791 0x0b50  [ Global ] - ok
20:29:10.0793 0x0b50  ================ Scan MBR ==================================
20:29:10.0813 0x0b50  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:29:11.0046 0x0b50  \Device\Harddisk0\DR0 - ok
20:29:11.0048 0x0b50  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:29:11.0141 0x0b50  \Device\Harddisk1\DR1 - ok
20:29:11.0603 0x0b50  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk6\DR6
20:29:11.0701 0x0b50  \Device\Harddisk6\DR6 - ok
20:29:11.0703 0x0b50  ================ Scan VBR ==================================
20:29:11.0703 0x0b50  [ 046342F898994D99E166E174A1938CA3 ] \Device\Harddisk0\DR0\Partition1
20:29:11.0723 0x0b50  \Device\Harddisk0\DR0\Partition1 - ok
20:29:11.0736 0x0b50  [ 588BEB94AFDABF357059997CD310B3D7 ] \Device\Harddisk1\DR1\Partition1
20:29:11.0738 0x0b50  \Device\Harddisk1\DR1\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
20:29:11.0738 0x0b50  \Device\Harddisk1\DR1\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
20:29:14.0726 0x0b50  [ D9B87E1D54F3D57287C9FC1464D53549 ] \Device\Harddisk6\DR6\Partition1
20:29:14.0766 0x0b50  \Device\Harddisk6\DR6\Partition1 - ok
20:29:14.0766 0x0b50  ================ Scan generic autorun ======================
20:29:14.0774 0x0b50  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
20:29:14.0786 0x0b50  BCSSync - ok
20:29:14.0839 0x0b50  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:29:14.0861 0x0b50  AdobeAAMUpdater-1.0 - ok
20:29:14.0866 0x0b50  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:29:14.0879 0x0b50  ShadowPlay - ok
20:29:14.0944 0x0b50  [ 05470C684B62C2F86325D8685E4513CB, EDE70A162AFA104D774AE1D8D3A077F2C12940851EC5BA785242F4032EEA902E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:29:15.0009 0x0b50  NvBackend - ok
20:29:15.0099 0x0b50  [ BCD9CBF0621F9A6767276A2E0BF1DD15, C0748AEE57A79D1AD8A4307D3ECB03A517464D047CD5CC64BAD299E0BFAEFB60 ] C:\Program Files (x86)\Google\Google Talk\googletalk.exe
20:29:15.0211 0x0b50  googletalk - detected UnsignedFile.Multi.Generic ( 1 )
20:29:18.0236 0x0b50  Detect skipped due to KSN trusted
20:29:18.0236 0x0b50  googletalk - ok
20:29:18.0261 0x0b50  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:29:18.0286 0x0b50  avgnt - ok
20:29:18.0291 0x0b50  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:29:18.0301 0x0b50  APSDaemon - ok
20:29:18.0334 0x0b50  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:29:18.0364 0x0b50  Adobe ARM - ok
20:29:18.0391 0x0b50  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:29:18.0436 0x0b50  Sidebar - ok
20:29:18.0441 0x0b50  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:29:18.0461 0x0b50  mctadmin - ok
20:29:18.0499 0x0b50  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:29:18.0546 0x0b50  Sidebar - ok
20:29:18.0569 0x0b50  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:29:18.0584 0x0b50  mctadmin - ok
20:29:18.0906 0x0b50  [ 3A0D949461B2706235BA283A9C9E63E9, 0B9A1C59EC5D9B74CD8BD66B9CBF9202F8C4074D41B13642544BDB75B326EABC ] C:\Program Files (x86)\SugarSync\SugarSync.exe
20:29:19.0229 0x0b50  SugarSync - ok
20:29:19.0244 0x0b50  GoogleDriveSync - ok
20:29:19.0251 0x0b50  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe
20:29:19.0264 0x0b50  Google Update - ok
20:29:19.0366 0x0b50  [ ADC55133E9D66939CFF779715E33B15E, CA7BB49B8F0D3AAE9133CAD18146922CEEC0583F0EBA11E71657C1A9F7D441E8 ] C:\Users\Isaac\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
20:29:19.0469 0x0b50  Amazon Cloud Player - detected UnsignedFile.Multi.Generic ( 1 )
20:29:22.0556 0x0b50  Detect skipped due to KSN trusted
20:29:22.0556 0x0b50  Amazon Cloud Player - ok
20:29:22.0564 0x0b50  [ 7E6870981D989AF191C99D325292ABC6, 8527296CD6D18FE3DECF639FB407F553D9C6A72F73195D9DAD707D2465F63033 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
20:29:22.0574 0x0b50  Allway Sync - ok
20:29:22.0689 0x0b50  [ BAB442AE1AEF7D7CFAB62344FCCCFEA7, 8B757713D0B298B1762A617D29B688E11D82EAD9DF1605A6FCFA93BBC52646B9 ] C:\Users\Isaac\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
20:29:22.0784 0x0b50  Google+ Auto Backup - ok
20:29:22.0814 0x0b50  [ AC08A03D7E579E2903925736E7AB48F2, B4350DFB5BF153D60C38835FD0D4A13A993B5FCEDE04F98750396EDF0070B3FE ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:29:22.0846 0x0b50  GoogleChromeAutoLaunch_66D9B4593984BB5EE437F9BA7B8E9ADA - ok
20:29:22.0846 0x0b50  Waiting for KSN requests completion. In queue: 15
20:29:23.0846 0x0b50  Waiting for KSN requests completion. In queue: 15
20:29:24.0846 0x0b50  Waiting for KSN requests completion. In queue: 15
20:29:25.0846 0x0b50  Waiting for KSN requests completion. In queue: 15
20:29:26.0846 0x0b50  Waiting for KSN requests completion. In queue: 15
20:29:27.0884 0x0b50  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
20:29:27.0889 0x0b50  Win FW state via NFP2: enabled
20:29:30.0814 0x0b50  ============================================================
20:29:30.0814 0x0b50  Scan finished
20:29:30.0814 0x0b50  ============================================================
20:29:30.0816 0x0b48  Detected object count: 1
20:29:30.0816 0x0b48  Actual detected object count: 1
20:29:47.0724 0x0b48  \Device\Harddisk1\DR1\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
20:29:47.0724 0x0b48  \Device\Harddisk1\DR1\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip 
20:30:01.0489 0x0714  Deinitialize success

Edited by dadrivr, 16 September 2014 - 07:37 PM.


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 18 September 2014 - 07:49 AM

Fix with TDSS-Killer

Please read and follow these instructions carefully.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • When the scan is finished, select copy to quarantine for the following entry.

    Rootkit.Boot.Cidox.b
  • Hit continue.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 dadrivr

dadrivr
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 18 September 2014 - 09:35 PM

Just copied Rootkit.Boot.Cidox.B to quarantine using TDS Killer.  Log is below:

22:30:17.0296 0x1f70  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
22:30:21.0492 0x1f70  ============================================================
22:30:21.0492 0x1f70  Current date / time: 2014/09/18 22:30:21.0492
22:30:21.0492 0x1f70  SystemInfo:
22:30:21.0492 0x1f70  
22:30:21.0492 0x1f70  OS Version: 6.1.7601 ServicePack: 1.0
22:30:21.0492 0x1f70  Product type: Workstation
22:30:21.0492 0x1f70  ComputerName: ISAAC-PC
22:30:21.0492 0x1f70  UserName: Isaac
22:30:21.0492 0x1f70  Windows directory: C:\Windows
22:30:21.0492 0x1f70  System windows directory: C:\Windows
22:30:21.0492 0x1f70  Running under WOW64
22:30:21.0492 0x1f70  Processor architecture: Intel x64
22:30:21.0492 0x1f70  Number of processors: 8
22:30:21.0492 0x1f70  Page size: 0x1000
22:30:21.0492 0x1f70  Boot type: Safe boot with network
22:30:21.0492 0x1f70  ============================================================
22:30:21.0773 0x1f70  KLMD registered as C:\Windows\system32\drivers\89301565.sys
22:30:21.0789 0x1f70  System UUID: {27BDAA6D-6EE6-DE23-8230-15158B360C4B}
22:30:22.0023 0x1f70  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:30:22.0023 0x1f70  Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:30:22.0038 0x1f70  Drive \Device\Harddisk6\DR6 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:30:22.0506 0x1f70  ============================================================
22:30:22.0506 0x1f70  \Device\Harddisk0\DR0:
22:30:22.0506 0x1f70  MBR partitions:
22:30:22.0506 0x1f70  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
22:30:22.0506 0x1f70  \Device\Harddisk1\DR1:
22:30:22.0506 0x1f70  MBR partitions:
22:30:22.0506 0x1f70  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1AD40A71
22:30:22.0506 0x1f70  \Device\Harddisk6\DR6:
22:30:22.0506 0x1f70  MBR partitions:
22:30:22.0506 0x1f70  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
22:30:22.0506 0x1f70  ============================================================
22:30:22.0506 0x1f70  C: <-> \Device\Harddisk1\DR1\Partition1
22:30:22.0506 0x1f70  F: <-> \Device\Harddisk0\DR0\Partition1
22:30:22.0506 0x1f70  K: <-> \Device\Harddisk6\DR6\Partition1
22:30:22.0506 0x1f70  ============================================================
22:30:22.0506 0x1f70  Initialize success
22:30:22.0506 0x1f70  ============================================================
22:30:41.0928 0x1fd4  ============================================================
22:30:41.0928 0x1fd4  Scan started
22:30:41.0928 0x1fd4  Mode: Manual; SigCheck; TDLFS; 
22:30:41.0928 0x1fd4  ============================================================
22:30:41.0928 0x1fd4  KSN ping started
22:30:54.0502 0x1fd4  KSN ping finished: true
22:30:55.0126 0x1fd4  ================ Scan system memory ========================
22:30:55.0126 0x1fd4  System memory - ok
22:30:55.0126 0x1fd4  ================ Scan services =============================
22:30:55.0157 0x1fd4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:30:55.0594 0x1fd4  1394ohci - ok
22:30:55.0610 0x1fd4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:30:55.0625 0x1fd4  ACPI - ok
22:30:55.0641 0x1fd4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:30:55.0656 0x1fd4  AcpiPmi - ok
22:30:55.0656 0x1fd4  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:30:55.0672 0x1fd4  AdobeARMservice - ok
22:30:55.0688 0x1fd4  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:30:55.0688 0x1fd4  AdobeFlashPlayerUpdateSvc - ok
22:30:55.0719 0x1fd4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:30:55.0734 0x1fd4  adp94xx - ok
22:30:55.0750 0x1fd4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:30:55.0766 0x1fd4  adpahci - ok
22:30:55.0766 0x1fd4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:30:55.0781 0x1fd4  adpu320 - ok
22:30:55.0812 0x1fd4  [ CAC04FF26BD3D6521BE79B5B4EB2E53A, 35E48845D5C2D638130B8BD4E953C709C81B0B3AE1C89372A01484D0CC8094A3 ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
22:30:55.0844 0x1fd4  AdvancedSystemCareService7 - ok
22:30:55.0844 0x1fd4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:30:55.0890 0x1fd4  AeLookupSvc - ok
22:30:55.0890 0x1fd4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:30:55.0922 0x1fd4  AFD - ok
22:30:55.0937 0x1fd4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:30:55.0937 0x1fd4  agp440 - ok
22:30:55.0953 0x1fd4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:30:55.0953 0x1fd4  ALG - ok
22:30:55.0953 0x1fd4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:30:55.0968 0x1fd4  aliide - ok
22:30:55.0968 0x1fd4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:30:55.0984 0x1fd4  amdide - ok
22:30:55.0984 0x1fd4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:30:55.0984 0x1fd4  AmdK8 - ok
22:30:55.0984 0x1fd4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:30:56.0000 0x1fd4  AmdPPM - ok
22:30:56.0015 0x1fd4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:30:56.0015 0x1fd4  amdsata - ok
22:30:56.0031 0x1fd4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:30:56.0031 0x1fd4  amdsbs - ok
22:30:56.0046 0x1fd4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:30:56.0046 0x1fd4  amdxata - ok
22:30:56.0062 0x1fd4  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:30:56.0078 0x1fd4  AntiVirSchedulerService - ok
22:30:56.0093 0x1fd4  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:30:56.0093 0x1fd4  AntiVirService - ok
22:30:56.0124 0x1fd4  [ 8275A6F8857CB98F72CBAF75770E9E10, B945A8937E95269A84C4B0EA0E202EE564B457E32DE239DCCDF9F14D9CC204C7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
22:30:56.0140 0x1fd4  AntiVirWebService - ok
22:30:56.0156 0x1fd4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
22:30:56.0234 0x1fd4  AppID - ok
22:30:56.0234 0x1fd4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:30:56.0265 0x1fd4  AppIDSvc - ok
22:30:56.0265 0x1fd4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:30:56.0265 0x1fd4  Appinfo - ok
22:30:56.0296 0x1fd4  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:30:56.0296 0x1fd4  Apple Mobile Device - ok
22:30:56.0312 0x1fd4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:30:56.0312 0x1fd4  AppMgmt - ok
22:30:56.0327 0x1fd4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:30:56.0327 0x1fd4  arc - ok
22:30:56.0327 0x1fd4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:30:56.0343 0x1fd4  arcsas - ok
22:30:56.0358 0x1fd4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:30:56.0374 0x1fd4  aspnet_state - ok
22:30:56.0374 0x1fd4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:30:56.0405 0x1fd4  AsyncMac - ok
22:30:56.0405 0x1fd4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:30:56.0405 0x1fd4  atapi - ok
22:30:56.0421 0x1fd4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:30:56.0468 0x1fd4  AudioEndpointBuilder - ok
22:30:56.0483 0x1fd4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:30:56.0514 0x1fd4  AudioSrv - ok
22:30:56.0514 0x1fd4  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:30:56.0530 0x1fd4  avgntflt - ok
22:30:56.0530 0x1fd4  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:30:56.0546 0x1fd4  avipbb - ok
22:30:56.0546 0x1fd4  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
22:30:56.0561 0x1fd4  Avira.OE.ServiceHost - ok
22:30:56.0577 0x1fd4  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:30:56.0577 0x1fd4  avkmgr - ok
22:30:56.0577 0x1fd4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:30:56.0608 0x1fd4  AxInstSV - ok
22:30:56.0624 0x1fd4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:30:56.0639 0x1fd4  b06bdrv - ok
22:30:56.0655 0x1fd4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:30:56.0670 0x1fd4  b57nd60a - ok
22:30:56.0686 0x1fd4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:30:56.0686 0x1fd4  BDESVC - ok
22:30:56.0686 0x1fd4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:30:56.0717 0x1fd4  Beep - ok
22:30:56.0748 0x1fd4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:30:56.0764 0x1fd4  BFE - ok
22:30:56.0795 0x1fd4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:30:56.0842 0x1fd4  BITS - ok
22:30:56.0842 0x1fd4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:30:56.0858 0x1fd4  blbdrive - ok
22:30:56.0873 0x1fd4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:30:56.0889 0x1fd4  Bonjour Service - ok
22:30:56.0889 0x1fd4  BotkindSyncService - ok
22:30:56.0904 0x1fd4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:30:56.0904 0x1fd4  bowser - ok
22:30:56.0904 0x1fd4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:30:56.0920 0x1fd4  BrFiltLo - ok
22:30:56.0920 0x1fd4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:30:56.0936 0x1fd4  BrFiltUp - ok
22:30:56.0951 0x1fd4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:30:56.0967 0x1fd4  Browser - ok
22:30:56.0967 0x1fd4  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
22:30:56.0967 0x1fd4  BrSerIb - ok
22:30:56.0982 0x1fd4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:30:56.0998 0x1fd4  Brserid - ok
22:30:56.0998 0x1fd4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:30:57.0014 0x1fd4  BrSerWdm - ok
22:30:57.0029 0x1fd4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:30:57.0029 0x1fd4  BrUsbMdm - ok
22:30:57.0029 0x1fd4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:30:57.0045 0x1fd4  BrUsbSer - ok
22:30:57.0045 0x1fd4  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
22:30:57.0045 0x1fd4  BrUsbSIb - ok
22:30:57.0060 0x1fd4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:30:57.0060 0x1fd4  BTHMODEM - ok
22:30:57.0076 0x1fd4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:30:57.0092 0x1fd4  bthserv - ok
22:30:57.0092 0x1fd4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:30:57.0123 0x1fd4  cdfs - ok
22:30:57.0123 0x1fd4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
22:30:57.0138 0x1fd4  cdrom - ok
22:30:57.0138 0x1fd4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:30:57.0170 0x1fd4  CertPropSvc - ok
22:30:57.0170 0x1fd4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:30:57.0170 0x1fd4  circlass - ok
22:30:57.0185 0x1fd4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
22:30:57.0201 0x1fd4  CLFS - ok
22:30:57.0216 0x1fd4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:30:57.0232 0x1fd4  clr_optimization_v2.0.50727_32 - ok
22:30:57.0248 0x1fd4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:30:57.0263 0x1fd4  clr_optimization_v2.0.50727_64 - ok
22:30:57.0263 0x1fd4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:30:57.0279 0x1fd4  clr_optimization_v4.0.30319_32 - ok
22:30:57.0294 0x1fd4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:30:57.0310 0x1fd4  clr_optimization_v4.0.30319_64 - ok
22:30:57.0310 0x1fd4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:30:57.0310 0x1fd4  CmBatt - ok
22:30:57.0310 0x1fd4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:30:57.0326 0x1fd4  cmdide - ok
22:30:57.0341 0x1fd4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
22:30:57.0357 0x1fd4  CNG - ok
22:30:57.0357 0x1fd4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:30:57.0372 0x1fd4  Compbatt - ok
22:30:57.0372 0x1fd4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:30:57.0372 0x1fd4  CompositeBus - ok
22:30:57.0372 0x1fd4  COMSysApp - ok
22:30:57.0388 0x1fd4  [ 2C0197886BB851E6589087434D890926, 345AC2F80DB3FB530F6AD89FDB1BFF0423E27EF59B2DC46B65F9E2DB0D9D2E89 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe
22:30:57.0388 0x1fd4  CrashPlanService - detected UnsignedFile.Multi.Generic ( 1 )
22:31:00.0196 0x1fd4  Detect skipped due to KSN trusted
22:31:00.0196 0x1fd4  CrashPlanService - ok
22:31:00.0196 0x1fd4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:31:00.0212 0x1fd4  crcdisk - ok
22:31:00.0212 0x1fd4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:31:00.0227 0x1fd4  CryptSvc - ok
22:31:00.0243 0x1fd4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
22:31:00.0258 0x1fd4  CSC - ok
22:31:00.0290 0x1fd4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
22:31:00.0305 0x1fd4  CscService - ok
22:31:00.0321 0x1fd4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:31:00.0352 0x1fd4  DcomLaunch - ok
22:31:00.0352 0x1fd4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:31:00.0383 0x1fd4  defragsvc - ok
22:31:00.0399 0x1fd4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:31:00.0414 0x1fd4  DfsC - ok
22:31:00.0430 0x1fd4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:31:00.0446 0x1fd4  Dhcp - ok
22:31:00.0446 0x1fd4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:31:00.0461 0x1fd4  discache - ok
22:31:00.0461 0x1fd4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:31:00.0477 0x1fd4  Disk - ok
22:31:00.0492 0x1fd4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:31:00.0508 0x1fd4  Dnscache - ok
22:31:00.0508 0x1fd4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:31:00.0539 0x1fd4  dot3svc - ok
22:31:00.0555 0x1fd4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:31:00.0586 0x1fd4  DPS - ok
22:31:00.0586 0x1fd4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:31:00.0586 0x1fd4  drmkaud - ok
22:31:00.0586 0x1fd4  [ 0040A0132AAC1004E50055F8FBB14C08, A336CA41DA09AC749242852827C1F2FB645E8E81A707217C360C5E4ACD1760BA ] dsNcAdpt        C:\Windows\system32\DRIVERS\dsNcAdpt.sys
22:31:00.0602 0x1fd4  dsNcAdpt - ok
22:31:00.0617 0x1fd4  [ 004CE5DE82780E617639466180AE75E9, AFB2D694165ACD470C428D6415BD06A5C853572CB452A5866F61B2DDBDF196C3 ] dsNcService     C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
22:31:00.0633 0x1fd4  dsNcService - ok
22:31:00.0648 0x1fd4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:31:00.0680 0x1fd4  DXGKrnl - ok
22:31:00.0695 0x1fd4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:31:00.0711 0x1fd4  EapHost - ok
22:31:00.0773 0x1fd4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:31:00.0867 0x1fd4  ebdrv - ok
22:31:00.0867 0x1fd4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
22:31:00.0882 0x1fd4  EFS - ok
22:31:00.0898 0x1fd4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:31:00.0914 0x1fd4  ehRecvr - ok
22:31:00.0929 0x1fd4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:31:00.0929 0x1fd4  ehSched - ok
22:31:00.0945 0x1fd4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:31:00.0960 0x1fd4  elxstor - ok
22:31:00.0976 0x1fd4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:31:00.0992 0x1fd4  ErrDev - ok
22:31:01.0007 0x1fd4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:31:01.0038 0x1fd4  EventSystem - ok
22:31:01.0054 0x1fd4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:31:01.0085 0x1fd4  exfat - ok
22:31:01.0101 0x1fd4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:31:01.0132 0x1fd4  fastfat - ok
22:31:01.0148 0x1fd4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:31:01.0163 0x1fd4  Fax - ok
22:31:01.0179 0x1fd4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:31:01.0179 0x1fd4  fdc - ok
22:31:01.0179 0x1fd4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:31:01.0210 0x1fd4  fdPHost - ok
22:31:01.0210 0x1fd4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:31:01.0241 0x1fd4  FDResPub - ok
22:31:01.0257 0x1fd4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:31:01.0257 0x1fd4  FileInfo - ok
22:31:01.0257 0x1fd4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:31:01.0288 0x1fd4  Filetrace - ok
22:31:01.0288 0x1fd4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:31:01.0304 0x1fd4  flpydisk - ok
22:31:01.0304 0x1fd4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:31:01.0319 0x1fd4  FltMgr - ok
22:31:01.0350 0x1fd4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:31:01.0397 0x1fd4  FontCache - ok
22:31:01.0397 0x1fd4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:31:01.0397 0x1fd4  FontCache3.0.0.0 - ok
22:31:01.0397 0x1fd4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:31:01.0413 0x1fd4  FsDepends - ok
22:31:01.0413 0x1fd4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:31:01.0428 0x1fd4  Fs_Rec - ok
22:31:01.0428 0x1fd4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:31:01.0444 0x1fd4  fvevol - ok
22:31:01.0460 0x1fd4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:31:01.0460 0x1fd4  gagp30kx - ok
22:31:01.0460 0x1fd4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
22:31:01.0475 0x1fd4  GEARAspiWDM - ok
22:31:01.0491 0x1fd4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:31:01.0522 0x1fd4  gpsvc - ok
22:31:01.0538 0x1fd4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:01.0538 0x1fd4  gupdate - ok
22:31:01.0553 0x1fd4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:01.0553 0x1fd4  gupdatem - ok
22:31:01.0553 0x1fd4  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:31:01.0569 0x1fd4  gusvc - ok
22:31:01.0569 0x1fd4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:31:01.0569 0x1fd4  hcw85cir - ok
22:31:01.0600 0x1fd4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:31:01.0616 0x1fd4  HdAudAddService - ok
22:31:01.0631 0x1fd4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:31:01.0631 0x1fd4  HDAudBus - ok
22:31:01.0647 0x1fd4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:31:01.0647 0x1fd4  HidBatt - ok
22:31:01.0662 0x1fd4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:31:01.0678 0x1fd4  HidBth - ok
22:31:01.0678 0x1fd4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:31:01.0694 0x1fd4  HidIr - ok
22:31:01.0694 0x1fd4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:31:01.0709 0x1fd4  hidserv - ok
22:31:01.0725 0x1fd4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
22:31:01.0725 0x1fd4  HidUsb - ok
22:31:01.0725 0x1fd4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:31:01.0756 0x1fd4  hkmsvc - ok
22:31:01.0756 0x1fd4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:31:01.0772 0x1fd4  HomeGroupListener - ok
22:31:01.0787 0x1fd4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:31:01.0787 0x1fd4  HomeGroupProvider - ok
22:31:01.0803 0x1fd4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:31:01.0803 0x1fd4  HpSAMD - ok
22:31:01.0818 0x1fd4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:31:01.0865 0x1fd4  HTTP - ok
22:31:01.0881 0x1fd4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:31:01.0881 0x1fd4  hwpolicy - ok
22:31:01.0881 0x1fd4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:31:01.0896 0x1fd4  i8042prt - ok
22:31:01.0912 0x1fd4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:31:01.0928 0x1fd4  iaStorV - ok
22:31:01.0959 0x1fd4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:31:01.0974 0x1fd4  idsvc - ok
22:31:01.0974 0x1fd4  IEEtwCollectorService - ok
22:31:01.0990 0x1fd4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:31:01.0990 0x1fd4  iirsp - ok
22:31:02.0006 0x1fd4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:31:02.0037 0x1fd4  IKEEXT - ok
22:31:02.0037 0x1fd4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:31:02.0052 0x1fd4  intelide - ok
22:31:02.0052 0x1fd4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:31:02.0068 0x1fd4  intelppm - ok
22:31:02.0084 0x1fd4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:31:02.0099 0x1fd4  IPBusEnum - ok
22:31:02.0115 0x1fd4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:31:02.0130 0x1fd4  IpFilterDriver - ok
22:31:02.0146 0x1fd4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:31:02.0162 0x1fd4  iphlpsvc - ok
22:31:02.0177 0x1fd4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:31:02.0177 0x1fd4  IPMIDRV - ok
22:31:02.0177 0x1fd4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:31:02.0208 0x1fd4  IPNAT - ok
22:31:02.0224 0x1fd4  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:31:02.0240 0x1fd4  iPod Service - ok
22:31:02.0240 0x1fd4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:31:02.0255 0x1fd4  IRENUM - ok
22:31:02.0255 0x1fd4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:31:02.0255 0x1fd4  isapnp - ok
22:31:02.0271 0x1fd4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:31:02.0286 0x1fd4  iScsiPrt - ok
22:31:02.0286 0x1fd4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
22:31:02.0286 0x1fd4  kbdclass - ok
22:31:02.0318 0x1fd4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
22:31:02.0318 0x1fd4  kbdhid - ok
22:31:02.0349 0x1fd4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
22:31:02.0349 0x1fd4  KeyIso - ok
22:31:02.0396 0x1fd4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:31:02.0396 0x1fd4  KSecDD - ok
22:31:02.0411 0x1fd4  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:31:02.0411 0x1fd4  KSecPkg - ok
22:31:02.0411 0x1fd4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:31:02.0442 0x1fd4  ksthunk - ok
22:31:02.0458 0x1fd4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:31:02.0489 0x1fd4  KtmRm - ok
22:31:02.0505 0x1fd4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:31:02.0520 0x1fd4  LanmanServer - ok
22:31:02.0536 0x1fd4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:31:02.0552 0x1fd4  LanmanWorkstation - ok
22:31:02.0598 0x1fd4  [ D69FDDADA5CF0097966C4F52C2E6FEBA, 35FA7E4658AFCCE293F31E66B695D45D31A0ADF4C837DA1C801F7577B73754AC ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
22:31:02.0661 0x1fd4  LiveUpdateSvc - ok
22:31:02.0661 0x1fd4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:31:02.0676 0x1fd4  lltdio - ok
22:31:02.0692 0x1fd4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:31:02.0723 0x1fd4  lltdsvc - ok
22:31:02.0739 0x1fd4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:31:02.0754 0x1fd4  lmhosts - ok
22:31:02.0770 0x1fd4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:31:02.0770 0x1fd4  LSI_FC - ok
22:31:02.0770 0x1fd4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:31:02.0786 0x1fd4  LSI_SAS - ok
22:31:02.0801 0x1fd4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:31:02.0801 0x1fd4  LSI_SAS2 - ok
22:31:02.0817 0x1fd4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:31:02.0817 0x1fd4  LSI_SCSI - ok
22:31:02.0817 0x1fd4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:31:02.0848 0x1fd4  luafv - ok
22:31:02.0848 0x1fd4  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
22:31:02.0848 0x1fd4  LVPr2M64 - ok
22:31:02.0879 0x1fd4  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
22:31:02.0879 0x1fd4  LVPr2Mon - ok
22:31:02.0879 0x1fd4  [ 9CD0DC863BE5D40A762F7D84F11A8471, 5824EF34618CA613C63684DBFD7D7DB743A92D632888095B9062A52B512034D9 ] LVPrcS64        C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
22:31:02.0895 0x1fd4  LVPrcS64 - ok
22:31:02.0895 0x1fd4  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
22:31:02.0910 0x1fd4  LVRS64 - ok
22:31:03.0004 0x1fd4  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
22:31:03.0113 0x1fd4  LVUVC64 - ok
22:31:03.0129 0x1fd4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:31:03.0129 0x1fd4  Mcx2Svc - ok
22:31:03.0129 0x1fd4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:31:03.0144 0x1fd4  megasas - ok
22:31:03.0160 0x1fd4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:31:03.0176 0x1fd4  MegaSR - ok
22:31:03.0176 0x1fd4  Microsoft SharePoint Workspace Audit Service - ok
22:31:03.0176 0x1fd4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:31:03.0207 0x1fd4  MMCSS - ok
22:31:03.0207 0x1fd4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:31:03.0238 0x1fd4  Modem - ok
22:31:03.0238 0x1fd4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:31:03.0238 0x1fd4  monitor - ok
22:31:03.0254 0x1fd4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:31:03.0254 0x1fd4  mouclass - ok
22:31:03.0285 0x1fd4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:31:03.0285 0x1fd4  mouhid - ok
22:31:03.0316 0x1fd4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:31:03.0332 0x1fd4  mountmgr - ok
22:31:03.0332 0x1fd4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:31:03.0347 0x1fd4  mpio - ok
22:31:03.0363 0x1fd4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:31:03.0378 0x1fd4  mpsdrv - ok
22:31:03.0410 0x1fd4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:31:03.0441 0x1fd4  MpsSvc - ok
22:31:03.0456 0x1fd4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:31:03.0456 0x1fd4  MRxDAV - ok
22:31:03.0472 0x1fd4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:31:03.0472 0x1fd4  mrxsmb - ok
22:31:03.0488 0x1fd4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:31:03.0503 0x1fd4  mrxsmb10 - ok
22:31:03.0534 0x1fd4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:31:03.0550 0x1fd4  mrxsmb20 - ok
22:31:03.0566 0x1fd4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:31:03.0566 0x1fd4  msahci - ok
22:31:03.0581 0x1fd4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:31:03.0581 0x1fd4  msdsm - ok
22:31:03.0597 0x1fd4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:31:03.0597 0x1fd4  MSDTC - ok
22:31:03.0612 0x1fd4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:31:03.0628 0x1fd4  Msfs - ok
22:31:03.0644 0x1fd4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:31:03.0659 0x1fd4  mshidkmdf - ok
22:31:03.0659 0x1fd4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:31:03.0675 0x1fd4  msisadrv - ok
22:31:03.0690 0x1fd4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:31:03.0722 0x1fd4  MSiSCSI - ok
22:31:03.0722 0x1fd4  msiserver - ok
22:31:03.0722 0x1fd4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:31:03.0737 0x1fd4  MSKSSRV - ok
22:31:03.0737 0x1fd4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:31:03.0768 0x1fd4  MSPCLOCK - ok
22:31:03.0768 0x1fd4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:31:03.0784 0x1fd4  MSPQM - ok
22:31:03.0800 0x1fd4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:31:03.0815 0x1fd4  MsRPC - ok
22:31:03.0815 0x1fd4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:31:03.0831 0x1fd4  mssmbios - ok
22:31:03.0846 0x1fd4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:31:03.0862 0x1fd4  MSTEE - ok
22:31:03.0862 0x1fd4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:31:03.0878 0x1fd4  MTConfig - ok
22:31:03.0878 0x1fd4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:31:03.0878 0x1fd4  Mup - ok
22:31:03.0893 0x1fd4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:31:03.0924 0x1fd4  napagent - ok
22:31:03.0940 0x1fd4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:31:03.0956 0x1fd4  NativeWifiP - ok
22:31:03.0987 0x1fd4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:31:04.0002 0x1fd4  NDIS - ok
22:31:04.0018 0x1fd4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:31:04.0034 0x1fd4  NdisCap - ok
22:31:04.0034 0x1fd4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:31:04.0065 0x1fd4  NdisTapi - ok
22:31:04.0065 0x1fd4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:31:04.0080 0x1fd4  Ndisuio - ok
22:31:04.0096 0x1fd4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:31:04.0112 0x1fd4  NdisWan - ok
22:31:04.0143 0x1fd4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:31:04.0158 0x1fd4  NDProxy - ok
22:31:04.0158 0x1fd4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:31:04.0190 0x1fd4  NetBIOS - ok
22:31:04.0205 0x1fd4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:31:04.0236 0x1fd4  NetBT - ok
22:31:04.0252 0x1fd4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
22:31:04.0252 0x1fd4  Netlogon - ok
22:31:04.0268 0x1fd4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:31:04.0299 0x1fd4  Netman - ok
22:31:04.0314 0x1fd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:04.0314 0x1fd4  NetMsmqActivator - ok
22:31:04.0330 0x1fd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:04.0330 0x1fd4  NetPipeActivator - ok
22:31:04.0346 0x1fd4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:31:04.0377 0x1fd4  netprofm - ok
22:31:04.0392 0x1fd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:04.0392 0x1fd4  NetTcpActivator - ok
22:31:04.0408 0x1fd4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:04.0408 0x1fd4  NetTcpPortSharing - ok
22:31:04.0439 0x1fd4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:31:04.0439 0x1fd4  nfrd960 - ok
22:31:04.0470 0x1fd4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:31:04.0486 0x1fd4  NlaSvc - ok
22:31:04.0486 0x1fd4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:31:04.0517 0x1fd4  Npfs - ok
22:31:04.0533 0x1fd4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:31:04.0548 0x1fd4  nsi - ok
22:31:04.0548 0x1fd4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:31:04.0580 0x1fd4  nsiproxy - ok
22:31:04.0626 0x1fd4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:31:04.0658 0x1fd4  Ntfs - ok
22:31:04.0673 0x1fd4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:31:04.0689 0x1fd4  Null - ok
22:31:04.0923 0x1fd4  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:31:05.0204 0x1fd4  nvlddmkm - ok
22:31:05.0235 0x1fd4  [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
22:31:05.0282 0x1fd4  NvNetworkService - ok
22:31:05.0297 0x1fd4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:31:05.0297 0x1fd4  nvraid - ok
22:31:05.0313 0x1fd4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:31:05.0313 0x1fd4  nvstor - ok
22:31:05.0313 0x1fd4  [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
22:31:05.0328 0x1fd4  NvStreamKms - ok
22:31:05.0687 0x1fd4  [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
22:31:06.0093 0x1fd4  NvStreamSvc - ok
22:31:06.0124 0x1fd4  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:31:06.0155 0x1fd4  nvsvc - ok
22:31:06.0155 0x1fd4  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
22:31:06.0171 0x1fd4  nvvad_WaveExtensible - ok
22:31:06.0171 0x1fd4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:31:06.0171 0x1fd4  nv_agp - ok
22:31:06.0186 0x1fd4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:31:06.0186 0x1fd4  ohci1394 - ok
22:31:06.0202 0x1fd4  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:06.0202 0x1fd4  ose64 - ok
22:31:06.0311 0x1fd4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:31:06.0420 0x1fd4  osppsvc - ok
22:31:06.0436 0x1fd4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:31:06.0452 0x1fd4  p2pimsvc - ok
22:31:06.0467 0x1fd4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:31:06.0483 0x1fd4  p2psvc - ok
22:31:06.0498 0x1fd4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:31:06.0498 0x1fd4  Parport - ok
22:31:06.0514 0x1fd4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:31:06.0514 0x1fd4  partmgr - ok
22:31:06.0530 0x1fd4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:31:06.0530 0x1fd4  PcaSvc - ok
22:31:06.0561 0x1fd4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:31:06.0576 0x1fd4  pci - ok
22:31:06.0576 0x1fd4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:31:06.0576 0x1fd4  pciide - ok
22:31:06.0592 0x1fd4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:31:06.0592 0x1fd4  pcmcia - ok
22:31:06.0608 0x1fd4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:31:06.0608 0x1fd4  pcw - ok
22:31:06.0623 0x1fd4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:31:06.0654 0x1fd4  PEAUTH - ok
22:31:06.0686 0x1fd4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:31:06.0732 0x1fd4  PeerDistSvc - ok
22:31:06.0732 0x1fd4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:31:06.0748 0x1fd4  PerfHost - ok
22:31:06.0779 0x1fd4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:31:06.0842 0x1fd4  pla - ok
22:31:06.0857 0x1fd4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:31:06.0873 0x1fd4  PlugPlay - ok
22:31:06.0873 0x1fd4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:31:06.0873 0x1fd4  PNRPAutoReg - ok
22:31:06.0888 0x1fd4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:31:06.0904 0x1fd4  PNRPsvc - ok
22:31:06.0904 0x1fd4  [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64         C:\Windows\system32\DRIVERS\point64.sys
22:31:06.0904 0x1fd4  Point64 - ok
22:31:06.0920 0x1fd4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:31:06.0951 0x1fd4  PolicyAgent - ok
22:31:06.0966 0x1fd4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:31:06.0982 0x1fd4  Power - ok
22:31:06.0998 0x1fd4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:31:07.0013 0x1fd4  PptpMiniport - ok
22:31:07.0029 0x1fd4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:31:07.0029 0x1fd4  Processor - ok
22:31:07.0044 0x1fd4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:31:07.0060 0x1fd4  ProfSvc - ok
22:31:07.0060 0x1fd4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:31:07.0060 0x1fd4  ProtectedStorage - ok
22:31:07.0060 0x1fd4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:31:07.0091 0x1fd4  Psched - ok
22:31:07.0107 0x1fd4  qknfd - ok
22:31:07.0138 0x1fd4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:31:07.0169 0x1fd4  ql2300 - ok
22:31:07.0185 0x1fd4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:31:07.0185 0x1fd4  ql40xx - ok
22:31:07.0200 0x1fd4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:31:07.0216 0x1fd4  QWAVE - ok
22:31:07.0216 0x1fd4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:31:07.0232 0x1fd4  QWAVEdrv - ok
22:31:07.0232 0x1fd4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:31:07.0247 0x1fd4  RasAcd - ok
22:31:07.0263 0x1fd4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:31:07.0278 0x1fd4  RasAgileVpn - ok
22:31:07.0294 0x1fd4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:31:07.0310 0x1fd4  RasAuto - ok
22:31:07.0310 0x1fd4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:31:07.0341 0x1fd4  Rasl2tp - ok
22:31:07.0341 0x1fd4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:31:07.0372 0x1fd4  RasMan - ok
22:31:07.0388 0x1fd4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:31:07.0403 0x1fd4  RasPppoe - ok
22:31:07.0419 0x1fd4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:31:07.0434 0x1fd4  RasSstp - ok
22:31:07.0450 0x1fd4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:31:07.0481 0x1fd4  rdbss - ok
22:31:07.0497 0x1fd4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:31:07.0497 0x1fd4  rdpbus - ok
22:31:07.0512 0x1fd4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:31:07.0528 0x1fd4  RDPCDD - ok
22:31:07.0528 0x1fd4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:31:07.0544 0x1fd4  RDPDR - ok
22:31:07.0544 0x1fd4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:31:07.0575 0x1fd4  RDPENCDD - ok
22:31:07.0575 0x1fd4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:31:07.0606 0x1fd4  RDPREFMP - ok
22:31:07.0606 0x1fd4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:31:07.0606 0x1fd4  RdpVideoMiniport - ok
22:31:07.0622 0x1fd4  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:31:07.0637 0x1fd4  RDPWD - ok
22:31:07.0653 0x1fd4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:31:07.0668 0x1fd4  rdyboost - ok
22:31:07.0684 0x1fd4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:31:07.0715 0x1fd4  RemoteAccess - ok
22:31:07.0715 0x1fd4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:31:07.0746 0x1fd4  RemoteRegistry - ok
22:31:07.0746 0x1fd4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:31:07.0762 0x1fd4  RpcEptMapper - ok
22:31:07.0778 0x1fd4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:31:07.0778 0x1fd4  RpcLocator - ok
22:31:07.0793 0x1fd4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:31:07.0824 0x1fd4  RpcSs - ok
22:31:07.0840 0x1fd4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:31:07.0856 0x1fd4  rspndr - ok
22:31:07.0871 0x1fd4  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:31:07.0887 0x1fd4  RTL8167 - ok
22:31:07.0887 0x1fd4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:31:07.0902 0x1fd4  s3cap - ok
22:31:07.0918 0x1fd4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
22:31:07.0918 0x1fd4  SamSs - ok
22:31:07.0918 0x1fd4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:31:07.0934 0x1fd4  sbp2port - ok
22:31:07.0934 0x1fd4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:31:07.0965 0x1fd4  SCardSvr - ok
22:31:07.0980 0x1fd4  [ 0E3B268357B750D93584981766FA0816, CCDFF71FF75D6E062952E677290CDC98C56BE921B2B9B6B2B388F07A8A5AEC1F ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
22:31:07.0980 0x1fd4  SCDEmu - ok
22:31:07.0996 0x1fd4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:31:08.0012 0x1fd4  scfilter - ok
22:31:08.0027 0x1fd4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:31:08.0074 0x1fd4  Schedule - ok
22:31:08.0090 0x1fd4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:31:08.0105 0x1fd4  SCPolicySvc - ok
22:31:08.0136 0x1fd4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:31:08.0136 0x1fd4  SDRSVC - ok
22:31:08.0136 0x1fd4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:31:08.0168 0x1fd4  secdrv - ok
22:31:08.0168 0x1fd4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:31:08.0183 0x1fd4  seclogon - ok
22:31:08.0199 0x1fd4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:31:08.0214 0x1fd4  SENS - ok
22:31:08.0214 0x1fd4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:31:08.0230 0x1fd4  SensrSvc - ok
22:31:08.0246 0x1fd4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:31:08.0246 0x1fd4  Serenum - ok
22:31:08.0261 0x1fd4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:31:08.0277 0x1fd4  Serial - ok
22:31:08.0277 0x1fd4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:31:08.0277 0x1fd4  sermouse - ok
22:31:08.0292 0x1fd4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:31:08.0308 0x1fd4  SessionEnv - ok
22:31:08.0324 0x1fd4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:31:08.0324 0x1fd4  sffdisk - ok
22:31:08.0339 0x1fd4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:31:08.0339 0x1fd4  sffp_mmc - ok
22:31:08.0339 0x1fd4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:31:08.0355 0x1fd4  sffp_sd - ok
22:31:08.0355 0x1fd4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:31:08.0355 0x1fd4  sfloppy - ok
22:31:08.0370 0x1fd4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:31:08.0402 0x1fd4  SharedAccess - ok
22:31:08.0417 0x1fd4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:31:08.0433 0x1fd4  ShellHWDetection - ok
22:31:08.0448 0x1fd4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:31:08.0448 0x1fd4  SiSRaid2 - ok
22:31:08.0448 0x1fd4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:31:08.0464 0x1fd4  SiSRaid4 - ok
22:31:08.0480 0x1fd4  [ E15176399AF40B56AC09A823708B85D7, 463BEA1E1DD5AC1DE82D07C181388693B937745E4949A9010560B638303BE144 ] SlingAgentService C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
22:31:08.0480 0x1fd4  SlingAgentService - ok
22:31:08.0495 0x1fd4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:31:08.0511 0x1fd4  Smb - ok
22:31:08.0511 0x1fd4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:31:08.0526 0x1fd4  SNMPTRAP - ok
22:31:08.0526 0x1fd4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:31:08.0526 0x1fd4  spldr - ok
22:31:08.0558 0x1fd4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:31:08.0589 0x1fd4  Spooler - ok
22:31:08.0682 0x1fd4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:31:08.0792 0x1fd4  sppsvc - ok
22:31:08.0792 0x1fd4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:31:08.0823 0x1fd4  sppuinotify - ok
22:31:08.0823 0x1fd4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:31:08.0838 0x1fd4  srv - ok
22:31:08.0854 0x1fd4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:31:08.0870 0x1fd4  srv2 - ok
22:31:08.0870 0x1fd4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:31:08.0885 0x1fd4  srvnet - ok
22:31:08.0901 0x1fd4  [ 2F4595C0AFA2152D67AAE594DC461509, 7CD0C856EC11362EDA45779696EA670DF0047070515DDBDA65C4741EC401CB59 ] SSCBFS3         C:\Windows\system32\DRIVERS\sscbfs3.sys
22:31:08.0901 0x1fd4  SSCBFS3 - ok
22:31:08.0916 0x1fd4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:31:08.0948 0x1fd4  SSDPSRV - ok
22:31:08.0948 0x1fd4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:31:08.0963 0x1fd4  SstpSvc - ok
22:31:08.0979 0x1fd4  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:31:08.0994 0x1fd4  Stereo Service - ok
22:31:08.0994 0x1fd4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:31:09.0010 0x1fd4  stexstor - ok
22:31:09.0041 0x1fd4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:31:09.0057 0x1fd4  stisvc - ok
22:31:09.0057 0x1fd4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:31:09.0072 0x1fd4  storflt - ok
22:31:09.0072 0x1fd4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:31:09.0088 0x1fd4  storvsc - ok
22:31:09.0104 0x1fd4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:31:09.0104 0x1fd4  swenum - ok
22:31:09.0119 0x1fd4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:31:09.0150 0x1fd4  swprv - ok
22:31:09.0166 0x1fd4  Synth3dVsc - ok
22:31:09.0197 0x1fd4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:31:09.0244 0x1fd4  SysMain - ok
22:31:09.0260 0x1fd4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:31:09.0260 0x1fd4  TabletInputService - ok
22:31:09.0275 0x1fd4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:31:09.0306 0x1fd4  TapiSrv - ok
22:31:09.0306 0x1fd4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:31:09.0338 0x1fd4  TBS - ok
22:31:09.0369 0x1fd4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:31:09.0416 0x1fd4  Tcpip - ok
22:31:09.0447 0x1fd4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:31:09.0494 0x1fd4  TCPIP6 - ok
22:31:09.0494 0x1fd4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:31:09.0509 0x1fd4  tcpipreg - ok
22:31:09.0509 0x1fd4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:31:09.0509 0x1fd4  TDPIPE - ok
22:31:09.0540 0x1fd4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:31:09.0540 0x1fd4  TDTCP - ok
22:31:09.0572 0x1fd4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:31:09.0603 0x1fd4  tdx - ok
22:31:09.0618 0x1fd4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:31:09.0618 0x1fd4  TermDD - ok
22:31:09.0634 0x1fd4  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
22:31:09.0681 0x1fd4  TermService - ok
22:31:09.0696 0x1fd4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:31:09.0712 0x1fd4  Themes - ok
22:31:09.0712 0x1fd4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:31:09.0728 0x1fd4  THREADORDER - ok
22:31:09.0728 0x1fd4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:31:09.0759 0x1fd4  TrkWks - ok
22:31:09.0774 0x1fd4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:31:09.0806 0x1fd4  TrustedInstaller - ok
22:31:09.0806 0x1fd4  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:31:09.0806 0x1fd4  tssecsrv - ok
22:31:09.0821 0x1fd4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:31:09.0821 0x1fd4  TsUsbFlt - ok
22:31:09.0821 0x1fd4  tsusbhub - ok
22:31:09.0821 0x1fd4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:31:09.0852 0x1fd4  tunnel - ok
22:31:09.0852 0x1fd4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:31:09.0868 0x1fd4  uagp35 - ok
22:31:09.0868 0x1fd4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:31:09.0899 0x1fd4  udfs - ok
22:31:09.0915 0x1fd4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:31:09.0930 0x1fd4  UI0Detect - ok
22:31:09.0930 0x1fd4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:31:09.0946 0x1fd4  uliagpkx - ok
22:31:09.0946 0x1fd4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
22:31:09.0946 0x1fd4  umbus - ok
22:31:09.0962 0x1fd4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:31:09.0962 0x1fd4  UmPass - ok
22:31:09.0962 0x1fd4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:31:09.0977 0x1fd4  UmRdpService - ok
22:31:09.0993 0x1fd4  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:31:10.0008 0x1fd4  UMVPFSrv - ok
22:31:10.0008 0x1fd4  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
22:31:10.0024 0x1fd4  UnlockerDriver5 - ok
22:31:10.0040 0x1fd4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:31:10.0071 0x1fd4  upnphost - ok
22:31:10.0071 0x1fd4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
22:31:10.0086 0x1fd4  USBAAPL64 - ok
22:31:10.0086 0x1fd4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:31:10.0102 0x1fd4  usbaudio - ok
22:31:10.0118 0x1fd4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:31:10.0118 0x1fd4  usbccgp - ok
22:31:10.0133 0x1fd4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:31:10.0133 0x1fd4  usbcir - ok
22:31:10.0133 0x1fd4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:31:10.0149 0x1fd4  usbehci - ok
22:31:10.0164 0x1fd4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:31:10.0164 0x1fd4  usbhub - ok
22:31:10.0196 0x1fd4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:31:10.0196 0x1fd4  usbohci - ok
22:31:10.0196 0x1fd4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:31:10.0211 0x1fd4  usbprint - ok
22:31:10.0227 0x1fd4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:31:10.0227 0x1fd4  usbscan - ok
22:31:10.0242 0x1fd4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:31:10.0258 0x1fd4  USBSTOR - ok
22:31:10.0258 0x1fd4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:31:10.0258 0x1fd4  usbuhci - ok
22:31:10.0274 0x1fd4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:31:10.0274 0x1fd4  usbvideo - ok
22:31:10.0274 0x1fd4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:31:10.0305 0x1fd4  UxSms - ok
22:31:10.0320 0x1fd4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
22:31:10.0320 0x1fd4  VaultSvc - ok
22:31:10.0320 0x1fd4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:31:10.0336 0x1fd4  vdrvroot - ok
22:31:10.0352 0x1fd4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:31:10.0383 0x1fd4  vds - ok
22:31:10.0398 0x1fd4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:31:10.0398 0x1fd4  vga - ok
22:31:10.0414 0x1fd4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:31:10.0430 0x1fd4  VgaSave - ok
22:31:10.0430 0x1fd4  VGPU - ok
22:31:10.0430 0x1fd4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:31:10.0445 0x1fd4  vhdmp - ok
22:31:10.0445 0x1fd4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:31:10.0461 0x1fd4  viaide - ok
22:31:10.0476 0x1fd4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:31:10.0492 0x1fd4  vmbus - ok
22:31:10.0492 0x1fd4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:31:10.0492 0x1fd4  VMBusHID - ok
22:31:10.0492 0x1fd4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:31:10.0508 0x1fd4  volmgr - ok
22:31:10.0523 0x1fd4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:31:10.0523 0x1fd4  volmgrx - ok
22:31:10.0539 0x1fd4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:31:10.0554 0x1fd4  volsnap - ok
22:31:10.0554 0x1fd4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:31:10.0570 0x1fd4  vsmraid - ok
22:31:10.0601 0x1fd4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:31:10.0664 0x1fd4  VSS - ok
22:31:10.0664 0x1fd4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:31:10.0679 0x1fd4  vwifibus - ok
22:31:10.0695 0x1fd4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:31:10.0726 0x1fd4  W32Time - ok
22:31:10.0742 0x1fd4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:31:10.0742 0x1fd4  WacomPen - ok
22:31:10.0757 0x1fd4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:31:10.0773 0x1fd4  WANARP - ok
22:31:10.0773 0x1fd4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:31:10.0804 0x1fd4  Wanarpv6 - ok
22:31:10.0820 0x1fd4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:31:10.0851 0x1fd4  WatAdminSvc - ok
22:31:10.0898 0x1fd4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:31:10.0944 0x1fd4  wbengine - ok
22:31:10.0960 0x1fd4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:31:10.0976 0x1fd4  WbioSrvc - ok
22:31:10.0976 0x1fd4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:31:10.0991 0x1fd4  wcncsvc - ok
22:31:11.0022 0x1fd4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:31:11.0022 0x1fd4  WcsPlugInService - ok
22:31:11.0038 0x1fd4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:31:11.0038 0x1fd4  Wd - ok
22:31:11.0054 0x1fd4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:31:11.0085 0x1fd4  Wdf01000 - ok
22:31:11.0100 0x1fd4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:31:11.0116 0x1fd4  WdiServiceHost - ok
22:31:11.0116 0x1fd4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:31:11.0132 0x1fd4  WdiSystemHost - ok
22:31:11.0147 0x1fd4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:31:11.0163 0x1fd4  WebClient - ok
22:31:11.0163 0x1fd4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:31:11.0194 0x1fd4  Wecsvc - ok
22:31:11.0194 0x1fd4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:31:11.0225 0x1fd4  wercplsupport - ok
22:31:11.0241 0x1fd4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:31:11.0256 0x1fd4  WerSvc - ok
22:31:11.0272 0x1fd4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:31:11.0288 0x1fd4  WfpLwf - ok
22:31:11.0303 0x1fd4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:31:11.0319 0x1fd4  WIMMount - ok
22:31:11.0319 0x1fd4  WinDefend - ok
22:31:11.0319 0x1fd4  WinHttpAutoProxySvc - ok
22:31:11.0319 0x1fd4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:31:11.0350 0x1fd4  Winmgmt - ok
22:31:11.0397 0x1fd4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:31:11.0459 0x1fd4  WinRM - ok
22:31:11.0475 0x1fd4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:31:11.0475 0x1fd4  WinUsb - ok
22:31:11.0490 0x1fd4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:31:11.0522 0x1fd4  Wlansvc - ok
22:31:11.0568 0x1fd4  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:31:11.0631 0x1fd4  wlidsvc - ok
22:31:11.0631 0x1fd4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:31:11.0646 0x1fd4  WmiAcpi - ok
22:31:11.0646 0x1fd4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:31:11.0662 0x1fd4  wmiApSrv - ok
22:31:11.0662 0x1fd4  WMPNetworkSvc - ok
22:31:11.0662 0x1fd4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:31:11.0678 0x1fd4  WPCSvc - ok
22:31:11.0678 0x1fd4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:31:11.0693 0x1fd4  WPDBusEnum - ok
22:31:11.0709 0x1fd4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:31:11.0724 0x1fd4  ws2ifsl - ok
22:31:11.0724 0x1fd4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:31:11.0740 0x1fd4  wscsvc - ok
22:31:11.0740 0x1fd4  WSearch - ok
22:31:11.0802 0x1fd4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:31:11.0849 0x1fd4  wuauserv - ok
22:31:11.0865 0x1fd4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:31:11.0865 0x1fd4  WudfPf - ok
22:31:11.0880 0x1fd4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:31:11.0896 0x1fd4  WUDFRd - ok
22:31:11.0896 0x1fd4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:31:11.0896 0x1fd4  wudfsvc - ok
22:31:11.0912 0x1fd4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:31:11.0927 0x1fd4  WwanSvc - ok
22:31:11.0943 0x1fd4  ================ Scan global ===============================
22:31:11.0943 0x1fd4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:31:11.0943 0x1fd4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:31:11.0958 0x1fd4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:31:11.0958 0x1fd4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:31:11.0974 0x1fd4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:31:11.0974 0x1fd4  [ Global ] - ok
22:31:11.0974 0x1fd4  ================ Scan MBR ==================================
22:31:11.0990 0x1fd4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:31:12.0208 0x1fd4  \Device\Harddisk0\DR0 - ok
22:31:12.0208 0x1fd4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:31:12.0286 0x1fd4  \Device\Harddisk1\DR1 - ok
22:31:12.0739 0x1fd4  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk6\DR6
22:31:12.0848 0x1fd4  \Device\Harddisk6\DR6 - ok
22:31:12.0848 0x1fd4  ================ Scan VBR ==================================
22:31:12.0848 0x1fd4  [ 046342F898994D99E166E174A1938CA3 ] \Device\Harddisk0\DR0\Partition1
22:31:12.0863 0x1fd4  \Device\Harddisk0\DR0\Partition1 - ok
22:31:12.0863 0x1fd4  [ 588BEB94AFDABF357059997CD310B3D7 ] \Device\Harddisk1\DR1\Partition1
22:31:12.0863 0x1fd4  \Device\Harddisk1\DR1\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
22:31:12.0863 0x1fd4  \Device\Harddisk1\DR1\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
22:31:15.0874 0x1fd4  [ D9B87E1D54F3D57287C9FC1464D53549 ] \Device\Harddisk6\DR6\Partition1
22:31:15.0905 0x1fd4  \Device\Harddisk6\DR6\Partition1 - ok
22:31:15.0905 0x1fd4  ================ Scan generic autorun ======================
22:31:15.0921 0x1fd4  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
22:31:15.0921 0x1fd4  BCSSync - ok
22:31:15.0952 0x1fd4  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
22:31:15.0968 0x1fd4  AdobeAAMUpdater-1.0 - ok
22:31:15.0983 0x1fd4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
22:31:15.0983 0x1fd4  ShadowPlay - ok
22:31:16.0077 0x1fd4  [ 05470C684B62C2F86325D8685E4513CB, EDE70A162AFA104D774AE1D8D3A077F2C12940851EC5BA785242F4032EEA902E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
22:31:16.0139 0x1fd4  NvBackend - ok
22:31:16.0202 0x1fd4  [ BCD9CBF0621F9A6767276A2E0BF1DD15, C0748AEE57A79D1AD8A4307D3ECB03A517464D047CD5CC64BAD299E0BFAEFB60 ] C:\Program Files (x86)\Google\Google Talk\googletalk.exe
22:31:16.0295 0x1fd4  googletalk - detected UnsignedFile.Multi.Generic ( 1 )
22:31:19.0150 0x1fd4  Detect skipped due to KSN trusted
22:31:19.0150 0x1fd4  googletalk - ok
22:31:19.0166 0x1fd4  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:31:19.0181 0x1fd4  avgnt - ok
22:31:19.0181 0x1fd4  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
22:31:19.0197 0x1fd4  APSDaemon - ok
22:31:19.0244 0x1fd4  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:31:19.0275 0x1fd4  Adobe ARM - ok
22:31:19.0306 0x1fd4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:31:19.0337 0x1fd4  Sidebar - ok
22:31:19.0353 0x1fd4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:31:19.0369 0x1fd4  mctadmin - ok
22:31:19.0415 0x1fd4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:31:19.0447 0x1fd4  Sidebar - ok
22:31:19.0462 0x1fd4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:31:19.0462 0x1fd4  mctadmin - ok
22:31:19.0743 0x1fd4  [ 3A0D949461B2706235BA283A9C9E63E9, 0B9A1C59EC5D9B74CD8BD66B9CBF9202F8C4074D41B13642544BDB75B326EABC ] C:\Program Files (x86)\SugarSync\SugarSync.exe
22:31:20.0008 0x1fd4  SugarSync - ok
22:31:20.0024 0x1fd4  GoogleDriveSync - ok
22:31:20.0071 0x1fd4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe
22:31:20.0086 0x1fd4  Google Update - ok
22:31:20.0149 0x1fd4  [ ADC55133E9D66939CFF779715E33B15E, CA7BB49B8F0D3AAE9133CAD18146922CEEC0583F0EBA11E71657C1A9F7D441E8 ] C:\Users\Isaac\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
22:31:20.0227 0x1fd4  Amazon Cloud Player - detected UnsignedFile.Multi.Generic ( 1 )
22:31:23.0487 0x1fd4  Detect skipped due to KSN trusted
22:31:23.0487 0x1fd4  Amazon Cloud Player - ok
22:31:23.0487 0x1fd4  [ 7E6870981D989AF191C99D325292ABC6, 8527296CD6D18FE3DECF639FB407F553D9C6A72F73195D9DAD707D2465F63033 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
22:31:23.0503 0x1fd4  Allway Sync - ok
22:31:23.0596 0x1fd4  [ BAB442AE1AEF7D7CFAB62344FCCCFEA7, 8B757713D0B298B1762A617D29B688E11D82EAD9DF1605A6FCFA93BBC52646B9 ] C:\Users\Isaac\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
22:31:23.0674 0x1fd4  Google+ Auto Backup - ok
22:31:23.0690 0x1fd4  [ AC08A03D7E579E2903925736E7AB48F2, B4350DFB5BF153D60C38835FD0D4A13A993B5FCEDE04F98750396EDF0070B3FE ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
22:31:23.0721 0x1fd4  GoogleChromeAutoLaunch_66D9B4593984BB5EE437F9BA7B8E9ADA - ok
22:31:23.0721 0x1fd4  Waiting for KSN requests completion. In queue: 15
22:31:24.0735 0x1fd4  Waiting for KSN requests completion. In queue: 15
22:31:25.0749 0x1fd4  Waiting for KSN requests completion. In queue: 15
22:31:26.0763 0x1fd4  Waiting for KSN requests completion. In queue: 15
22:31:27.0793 0x1fd4  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
22:31:27.0793 0x1fd4  Win FW state via NFP2: enabled
22:31:30.0710 0x1fd4  ============================================================
22:31:30.0710 0x1fd4  Scan finished
22:31:30.0710 0x1fd4  ============================================================
22:31:30.0741 0x1fcc  Detected object count: 1
22:31:30.0741 0x1fcc  Actual detected object count: 1
22:31:44.0937 0x1fcc  \Device\Harddisk1\DR1\Partition1 - copied to quarantine
22:31:44.0937 0x1fcc  \Device\Harddisk1\DR1\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Quarantine 


#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 19 September 2014 - 04:28 AM

Please rescan with TDSS-Killer and post the log.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 dadrivr

dadrivr
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 20 September 2014 - 05:22 PM

Here's the log.  I didn't 'cure' anything in the previous run on 9/18 (only copied to quarantine), so the threats still exist.  Just clicked skipped this time for all threats:

18:14:56.0340 0x1974  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:14:59.0170 0x1974  ============================================================
18:14:59.0170 0x1974  Current date / time: 2014/09/20 18:14:59.0170
18:14:59.0170 0x1974  SystemInfo:
18:14:59.0170 0x1974  
18:14:59.0170 0x1974  OS Version: 6.1.7601 ServicePack: 1.0
18:14:59.0170 0x1974  Product type: Workstation
18:14:59.0170 0x1974  ComputerName: ISAAC-PC
18:14:59.0170 0x1974  UserName: Isaac
18:14:59.0170 0x1974  Windows directory: C:\Windows
18:14:59.0170 0x1974  System windows directory: C:\Windows
18:14:59.0170 0x1974  Running under WOW64
18:14:59.0170 0x1974  Processor architecture: Intel x64
18:14:59.0170 0x1974  Number of processors: 8
18:14:59.0170 0x1974  Page size: 0x1000
18:14:59.0170 0x1974  Boot type: Normal boot
18:14:59.0170 0x1974  ============================================================
18:14:59.0789 0x1974  KLMD registered as C:\Windows\system32\drivers\57582809.sys
18:14:59.0871 0x1974  System UUID: {27BDAA6D-6EE6-DE23-8230-15158B360C4B}
18:15:00.0253 0x1974  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:15:00.0253 0x1974  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:15:00.0271 0x1974  Drive \Device\Harddisk6\DR6 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:15:00.0281 0x1974  ============================================================
18:15:00.0281 0x1974  \Device\Harddisk1\DR1:
18:15:00.0282 0x1974  MBR partitions:
18:15:00.0282 0x1974  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
18:15:00.0282 0x1974  \Device\Harddisk0\DR0:
18:15:00.0282 0x1974  MBR partitions:
18:15:00.0282 0x1974  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1AD40A71
18:15:00.0282 0x1974  \Device\Harddisk6\DR6:
18:15:00.0282 0x1974  MBR partitions:
18:15:00.0282 0x1974  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
18:15:00.0282 0x1974  ============================================================
18:15:00.0285 0x1974  C: <-> \Device\Harddisk0\DR0\Partition1
18:15:00.0440 0x1974  F: <-> \Device\Harddisk1\DR1\Partition1
18:15:00.0449 0x1974  K: <-> \Device\Harddisk6\DR6\Partition1
18:15:00.0449 0x1974  ============================================================
18:15:00.0449 0x1974  Initialize success
18:15:00.0449 0x1974  ============================================================
18:15:07.0991 0x1e38  ============================================================
18:15:07.0991 0x1e38  Scan started
18:15:07.0991 0x1e38  Mode: Manual; SigCheck; TDLFS; 
18:15:07.0991 0x1e38  ============================================================
18:15:07.0991 0x1e38  KSN ping started
18:15:10.0616 0x1e38  KSN ping finished: true
18:15:12.0744 0x1e38  ================ Scan system memory ========================
18:15:12.0744 0x1e38  System memory - ok
18:15:12.0744 0x1e38  ================ Scan services =============================
18:15:12.0782 0x1e38  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:15:12.0830 0x1e38  1394ohci - ok
18:15:12.0848 0x1e38  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:15:12.0866 0x1e38  ACPI - ok
18:15:12.0870 0x1e38  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:15:12.0888 0x1e38  AcpiPmi - ok
18:15:12.0894 0x1e38  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:15:12.0910 0x1e38  AdobeARMservice - ok
18:15:12.0939 0x1e38  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:15:12.0963 0x1e38  AdobeFlashPlayerUpdateSvc - ok
18:15:12.0980 0x1e38  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:15:13.0007 0x1e38  adp94xx - ok
18:15:13.0018 0x1e38  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:15:13.0041 0x1e38  adpahci - ok
18:15:13.0049 0x1e38  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:15:13.0067 0x1e38  adpu320 - ok
18:15:13.0095 0x1e38  [ CAC04FF26BD3D6521BE79B5B4EB2E53A, 35E48845D5C2D638130B8BD4E953C709C81B0B3AE1C89372A01484D0CC8094A3 ] AdvancedSystemCareService7 C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
18:15:13.0132 0x1e38  AdvancedSystemCareService7 - ok
18:15:13.0138 0x1e38  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:15:13.0214 0x1e38  AeLookupSvc - ok
18:15:13.0228 0x1e38  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:15:13.0254 0x1e38  AFD - ok
18:15:13.0259 0x1e38  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:15:13.0273 0x1e38  agp440 - ok
18:15:13.0278 0x1e38  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:15:13.0300 0x1e38  ALG - ok
18:15:13.0304 0x1e38  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:15:13.0318 0x1e38  aliide - ok
18:15:13.0322 0x1e38  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:15:13.0335 0x1e38  amdide - ok
18:15:13.0340 0x1e38  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:15:13.0356 0x1e38  AmdK8 - ok
18:15:13.0361 0x1e38  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:15:13.0379 0x1e38  AmdPPM - ok
18:15:13.0385 0x1e38  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:15:13.0404 0x1e38  amdsata - ok
18:15:13.0412 0x1e38  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:15:13.0429 0x1e38  amdsbs - ok
18:15:13.0433 0x1e38  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:15:13.0446 0x1e38  amdxata - ok
18:15:13.0462 0x1e38  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:15:13.0487 0x1e38  AntiVirSchedulerService - ok
18:15:13.0502 0x1e38  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:15:13.0524 0x1e38  AntiVirService - ok
18:15:13.0551 0x1e38  [ 8275A6F8857CB98F72CBAF75770E9E10, B945A8937E95269A84C4B0EA0E202EE564B457E32DE239DCCDF9F14D9CC204C7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:15:13.0592 0x1e38  AntiVirWebService - ok
18:15:13.0598 0x1e38  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
18:15:13.0635 0x1e38  AppID - ok
18:15:13.0639 0x1e38  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:15:13.0671 0x1e38  AppIDSvc - ok
18:15:13.0676 0x1e38  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:15:13.0695 0x1e38  Appinfo - ok
18:15:13.0699 0x1e38  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:15:13.0713 0x1e38  Apple Mobile Device - ok
18:15:13.0721 0x1e38  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:15:13.0743 0x1e38  AppMgmt - ok
18:15:13.0749 0x1e38  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:15:13.0767 0x1e38  arc - ok
18:15:13.0773 0x1e38  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:15:13.0790 0x1e38  arcsas - ok
18:15:13.0804 0x1e38  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:15:13.0823 0x1e38  aspnet_state - ok
18:15:13.0827 0x1e38  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:15:13.0859 0x1e38  AsyncMac - ok
18:15:13.0863 0x1e38  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:15:13.0873 0x1e38  atapi - ok
18:15:13.0893 0x1e38  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:15:13.0955 0x1e38  AudioEndpointBuilder - ok
18:15:13.0975 0x1e38  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:15:14.0020 0x1e38  AudioSrv - ok
18:15:14.0026 0x1e38  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:15:14.0045 0x1e38  avgntflt - ok
18:15:14.0051 0x1e38  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:15:14.0067 0x1e38  avipbb - ok
18:15:14.0074 0x1e38  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
18:15:14.0091 0x1e38  Avira.OE.ServiceHost - ok
18:15:14.0095 0x1e38  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:15:14.0106 0x1e38  avkmgr - ok
18:15:14.0111 0x1e38  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:15:14.0148 0x1e38  AxInstSV - ok
18:15:14.0162 0x1e38  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:15:14.0192 0x1e38  b06bdrv - ok
18:15:14.0202 0x1e38  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:15:14.0227 0x1e38  b57nd60a - ok
18:15:14.0234 0x1e38  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:15:14.0256 0x1e38  BDESVC - ok
18:15:14.0259 0x1e38  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:15:14.0290 0x1e38  Beep - ok
18:15:14.0313 0x1e38  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:15:14.0357 0x1e38  BFE - ok
18:15:14.0385 0x1e38  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:15:14.0437 0x1e38  BITS - ok
18:15:14.0442 0x1e38  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:15:14.0457 0x1e38  blbdrive - ok
18:15:14.0472 0x1e38  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:15:14.0496 0x1e38  Bonjour Service - ok
18:15:14.0499 0x1e38  BotkindSyncService - ok
18:15:14.0505 0x1e38  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:15:14.0522 0x1e38  bowser - ok
18:15:14.0526 0x1e38  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:15:14.0541 0x1e38  BrFiltLo - ok
18:15:14.0544 0x1e38  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:15:14.0560 0x1e38  BrFiltUp - ok
18:15:14.0566 0x1e38  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:15:14.0589 0x1e38  Browser - ok
18:15:14.0595 0x1e38  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
18:15:14.0609 0x1e38  BrSerIb - ok
18:15:14.0618 0x1e38  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:15:14.0649 0x1e38  Brserid - ok
18:15:14.0653 0x1e38  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:15:14.0670 0x1e38  BrSerWdm - ok
18:15:14.0675 0x1e38  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:15:14.0690 0x1e38  BrUsbMdm - ok
18:15:14.0693 0x1e38  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:15:14.0709 0x1e38  BrUsbSer - ok
18:15:14.0713 0x1e38  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
18:15:14.0726 0x1e38  BrUsbSIb - ok
18:15:14.0730 0x1e38  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:15:14.0748 0x1e38  BTHMODEM - ok
18:15:14.0756 0x1e38  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:15:14.0797 0x1e38  bthserv - ok
18:15:14.0802 0x1e38  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:15:14.0839 0x1e38  cdfs - ok
18:15:14.0846 0x1e38  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:15:14.0868 0x1e38  cdrom - ok
18:15:14.0873 0x1e38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:15:14.0908 0x1e38  CertPropSvc - ok
18:15:14.0912 0x1e38  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:15:14.0932 0x1e38  circlass - ok
18:15:14.0942 0x1e38  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:15:14.0959 0x1e38  CLFS - ok
18:15:14.0967 0x1e38  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:15:14.0986 0x1e38  clr_optimization_v2.0.50727_32 - ok
18:15:14.0993 0x1e38  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:15:15.0013 0x1e38  clr_optimization_v2.0.50727_64 - ok
18:15:15.0026 0x1e38  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:15:15.0055 0x1e38  clr_optimization_v4.0.30319_32 - ok
18:15:15.0061 0x1e38  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:15:15.0083 0x1e38  clr_optimization_v4.0.30319_64 - ok
18:15:15.0087 0x1e38  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:15:15.0101 0x1e38  CmBatt - ok
18:15:15.0104 0x1e38  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:15:15.0118 0x1e38  cmdide - ok
18:15:15.0129 0x1e38  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:15:15.0165 0x1e38  CNG - ok
18:15:15.0169 0x1e38  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:15:15.0184 0x1e38  Compbatt - ok
18:15:15.0188 0x1e38  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:15:15.0206 0x1e38  CompositeBus - ok
18:15:15.0209 0x1e38  COMSysApp - ok
18:15:15.0218 0x1e38  [ 2C0197886BB851E6589087434D890926, 345AC2F80DB3FB530F6AD89FDB1BFF0423E27EF59B2DC46B65F9E2DB0D9D2E89 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe
18:15:15.0234 0x1e38  CrashPlanService - detected UnsignedFile.Multi.Generic ( 1 )
18:15:17.0747 0x1e38  Detect skipped due to KSN trusted
18:15:17.0747 0x1e38  CrashPlanService - ok
18:15:17.0752 0x1e38  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:15:17.0772 0x1e38  crcdisk - ok
18:15:17.0781 0x1e38  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:15:17.0812 0x1e38  CryptSvc - ok
18:15:17.0837 0x1e38  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
18:15:17.0870 0x1e38  CSC - ok
18:15:17.0893 0x1e38  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
18:15:17.0925 0x1e38  CscService - ok
18:15:17.0945 0x1e38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:15:18.0000 0x1e38  DcomLaunch - ok
18:15:18.0012 0x1e38  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:15:18.0061 0x1e38  defragsvc - ok
18:15:18.0073 0x1e38  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:15:18.0118 0x1e38  DfsC - ok
18:15:18.0130 0x1e38  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:15:18.0166 0x1e38  Dhcp - ok
18:15:18.0172 0x1e38  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:15:18.0204 0x1e38  discache - ok
18:15:18.0210 0x1e38  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:15:18.0229 0x1e38  Disk - ok
18:15:18.0237 0x1e38  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:15:18.0265 0x1e38  Dnscache - ok
18:15:18.0275 0x1e38  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:15:18.0329 0x1e38  dot3svc - ok
18:15:18.0337 0x1e38  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:15:18.0373 0x1e38  DPS - ok
18:15:18.0379 0x1e38  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:15:18.0405 0x1e38  drmkaud - ok
18:15:18.0412 0x1e38  [ 0040A0132AAC1004E50055F8FBB14C08, A336CA41DA09AC749242852827C1F2FB645E8E81A707217C360C5E4ACD1760BA ] dsNcAdpt        C:\Windows\system32\DRIVERS\dsNcAdpt.sys
18:15:18.0428 0x1e38  dsNcAdpt - ok
18:15:18.0453 0x1e38  [ 004CE5DE82780E617639466180AE75E9, AFB2D694165ACD470C428D6415BD06A5C853572CB452A5866F61B2DDBDF196C3 ] dsNcService     C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
18:15:18.0487 0x1e38  dsNcService - ok
18:15:18.0519 0x1e38  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:15:18.0559 0x1e38  DXGKrnl - ok
18:15:18.0566 0x1e38  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:15:18.0612 0x1e38  EapHost - ok
18:15:18.0705 0x1e38  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:15:18.0817 0x1e38  ebdrv - ok
18:15:18.0825 0x1e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
18:15:18.0842 0x1e38  EFS - ok
18:15:18.0866 0x1e38  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:15:18.0909 0x1e38  ehRecvr - ok
18:15:18.0915 0x1e38  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:15:18.0938 0x1e38  ehSched - ok
18:15:18.0954 0x1e38  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:15:18.0985 0x1e38  elxstor - ok
18:15:18.0990 0x1e38  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:15:19.0004 0x1e38  ErrDev - ok
18:15:19.0029 0x1e38  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:15:19.0076 0x1e38  EventSystem - ok
18:15:19.0085 0x1e38  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:15:19.0126 0x1e38  exfat - ok
18:15:19.0133 0x1e38  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:15:19.0177 0x1e38  fastfat - ok
18:15:19.0198 0x1e38  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:15:19.0226 0x1e38  Fax - ok
18:15:19.0230 0x1e38  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:15:19.0245 0x1e38  fdc - ok
18:15:19.0249 0x1e38  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:15:19.0278 0x1e38  fdPHost - ok
18:15:19.0282 0x1e38  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:15:19.0325 0x1e38  FDResPub - ok
18:15:19.0329 0x1e38  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:15:19.0343 0x1e38  FileInfo - ok
18:15:19.0348 0x1e38  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:15:19.0381 0x1e38  Filetrace - ok
18:15:19.0386 0x1e38  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:15:19.0402 0x1e38  flpydisk - ok
18:15:19.0413 0x1e38  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:15:19.0434 0x1e38  FltMgr - ok
18:15:19.0469 0x1e38  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:15:19.0531 0x1e38  FontCache - ok
18:15:19.0539 0x1e38  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:15:19.0559 0x1e38  FontCache3.0.0.0 - ok
18:15:19.0565 0x1e38  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:15:19.0584 0x1e38  FsDepends - ok
18:15:19.0588 0x1e38  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:15:19.0605 0x1e38  Fs_Rec - ok
18:15:19.0615 0x1e38  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:15:19.0635 0x1e38  fvevol - ok
18:15:19.0640 0x1e38  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:15:19.0662 0x1e38  gagp30kx - ok
18:15:19.0666 0x1e38  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:15:19.0681 0x1e38  GEARAspiWDM - ok
18:15:19.0710 0x1e38  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:15:19.0781 0x1e38  gpsvc - ok
18:15:19.0790 0x1e38  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:15:19.0806 0x1e38  gupdate - ok
18:15:19.0811 0x1e38  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:15:19.0825 0x1e38  gupdatem - ok
18:15:19.0831 0x1e38  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:15:19.0858 0x1e38  gusvc - ok
18:15:19.0863 0x1e38  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:15:19.0879 0x1e38  hcw85cir - ok
18:15:19.0892 0x1e38  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:15:19.0925 0x1e38  HdAudAddService - ok
18:15:19.0931 0x1e38  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:15:19.0947 0x1e38  HDAudBus - ok
18:15:19.0952 0x1e38  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:15:19.0968 0x1e38  HidBatt - ok
18:15:19.0975 0x1e38  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:15:19.0998 0x1e38  HidBth - ok
18:15:20.0003 0x1e38  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:15:20.0025 0x1e38  HidIr - ok
18:15:20.0029 0x1e38  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:15:20.0060 0x1e38  hidserv - ok
18:15:20.0065 0x1e38  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
18:15:20.0079 0x1e38  HidUsb - ok
18:15:20.0085 0x1e38  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:15:20.0124 0x1e38  hkmsvc - ok
18:15:20.0133 0x1e38  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:15:20.0161 0x1e38  HomeGroupListener - ok
18:15:20.0174 0x1e38  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:15:20.0194 0x1e38  HomeGroupProvider - ok
18:15:20.0204 0x1e38  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:15:20.0220 0x1e38  HpSAMD - ok
18:15:20.0254 0x1e38  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:15:20.0296 0x1e38  HTTP - ok
18:15:20.0300 0x1e38  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:15:20.0311 0x1e38  hwpolicy - ok
18:15:20.0317 0x1e38  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:15:20.0336 0x1e38  i8042prt - ok
18:15:20.0351 0x1e38  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:15:20.0382 0x1e38  iaStorV - ok
18:15:20.0410 0x1e38  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:15:20.0462 0x1e38  idsvc - ok
18:15:20.0467 0x1e38  IEEtwCollectorService - ok
18:15:20.0473 0x1e38  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:15:20.0487 0x1e38  iirsp - ok
18:15:20.0511 0x1e38  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:15:20.0554 0x1e38  IKEEXT - ok
18:15:20.0560 0x1e38  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:15:20.0576 0x1e38  intelide - ok
18:15:20.0581 0x1e38  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:15:20.0593 0x1e38  intelppm - ok
18:15:20.0599 0x1e38  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:15:20.0644 0x1e38  IPBusEnum - ok
18:15:20.0650 0x1e38  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:15:20.0691 0x1e38  IpFilterDriver - ok
18:15:20.0711 0x1e38  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:15:20.0741 0x1e38  iphlpsvc - ok
18:15:20.0748 0x1e38  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:15:20.0770 0x1e38  IPMIDRV - ok
18:15:20.0776 0x1e38  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:15:20.0818 0x1e38  IPNAT - ok
18:15:20.0838 0x1e38  [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:15:20.0861 0x1e38  iPod Service - ok
18:15:20.0865 0x1e38  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:15:20.0884 0x1e38  IRENUM - ok
18:15:20.0888 0x1e38  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:15:20.0906 0x1e38  isapnp - ok
18:15:20.0918 0x1e38  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:15:20.0946 0x1e38  iScsiPrt - ok
18:15:20.0951 0x1e38  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:15:21.0004 0x1e38  kbdclass - ok
18:15:21.0008 0x1e38  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:15:21.0023 0x1e38  kbdhid - ok
18:15:21.0027 0x1e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
18:15:21.0038 0x1e38  KeyIso - ok
18:15:21.0044 0x1e38  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:15:21.0060 0x1e38  KSecDD - ok
18:15:21.0067 0x1e38  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:15:21.0087 0x1e38  KSecPkg - ok
18:15:21.0092 0x1e38  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:15:21.0130 0x1e38  ksthunk - ok
18:15:21.0142 0x1e38  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:15:21.0193 0x1e38  KtmRm - ok
18:15:21.0204 0x1e38  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:15:21.0264 0x1e38  LanmanServer - ok
18:15:21.0276 0x1e38  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:15:21.0324 0x1e38  LanmanWorkstation - ok
18:15:21.0402 0x1e38  [ D69FDDADA5CF0097966C4F52C2E6FEBA, 35FA7E4658AFCCE293F31E66B695D45D31A0ADF4C837DA1C801F7577B73754AC ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
18:15:21.0460 0x1e38  LiveUpdateSvc - ok
18:15:21.0468 0x1e38  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:15:21.0506 0x1e38  lltdio - ok
18:15:21.0518 0x1e38  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:15:21.0572 0x1e38  lltdsvc - ok
18:15:21.0576 0x1e38  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:15:21.0622 0x1e38  lmhosts - ok
18:15:21.0630 0x1e38  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:15:21.0651 0x1e38  LSI_FC - ok
18:15:21.0662 0x1e38  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:15:21.0683 0x1e38  LSI_SAS - ok
18:15:21.0689 0x1e38  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:15:21.0706 0x1e38  LSI_SAS2 - ok
18:15:21.0717 0x1e38  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:15:21.0735 0x1e38  LSI_SCSI - ok
18:15:21.0741 0x1e38  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:15:21.0785 0x1e38  luafv - ok
18:15:21.0790 0x1e38  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:15:21.0802 0x1e38  LVPr2M64 - ok
18:15:21.0807 0x1e38  [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
18:15:21.0815 0x1e38  LVPr2Mon - ok
18:15:21.0824 0x1e38  [ 9CD0DC863BE5D40A762F7D84F11A8471, 5824EF34618CA613C63684DBFD7D7DB743A92D632888095B9062A52B512034D9 ] LVPrcS64        C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
18:15:21.0835 0x1e38  LVPrcS64 - ok
18:15:21.0849 0x1e38  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
18:15:21.0875 0x1e38  LVRS64 - ok
18:15:22.0029 0x1e38  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
18:15:22.0194 0x1e38  LVUVC64 - ok
18:15:22.0204 0x1e38  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:15:22.0227 0x1e38  Mcx2Svc - ok
18:15:22.0232 0x1e38  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:15:22.0249 0x1e38  megasas - ok
18:15:22.0262 0x1e38  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:15:22.0287 0x1e38  MegaSR - ok
18:15:22.0299 0x1e38  Microsoft SharePoint Workspace Audit Service - ok
18:15:22.0305 0x1e38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:15:22.0349 0x1e38  MMCSS - ok
18:15:22.0353 0x1e38  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:15:22.0396 0x1e38  Modem - ok
18:15:22.0400 0x1e38  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:15:22.0416 0x1e38  monitor - ok
18:15:22.0422 0x1e38  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:15:22.0437 0x1e38  mouclass - ok
18:15:22.0442 0x1e38  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:15:22.0460 0x1e38  mouhid - ok
18:15:22.0466 0x1e38  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:15:22.0480 0x1e38  mountmgr - ok
18:15:22.0487 0x1e38  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:15:22.0512 0x1e38  mpio - ok
18:15:22.0519 0x1e38  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:15:22.0558 0x1e38  mpsdrv - ok
18:15:22.0588 0x1e38  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:15:22.0664 0x1e38  MpsSvc - ok
18:15:22.0673 0x1e38  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:15:22.0699 0x1e38  MRxDAV - ok
18:15:22.0709 0x1e38  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:15:22.0736 0x1e38  mrxsmb - ok
18:15:22.0750 0x1e38  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:15:22.0779 0x1e38  mrxsmb10 - ok
18:15:22.0787 0x1e38  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:15:22.0809 0x1e38  mrxsmb20 - ok
18:15:22.0814 0x1e38  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:15:22.0829 0x1e38  msahci - ok
18:15:22.0836 0x1e38  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:15:22.0859 0x1e38  msdsm - ok
18:15:22.0866 0x1e38  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:15:22.0891 0x1e38  MSDTC - ok
18:15:22.0899 0x1e38  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:15:22.0940 0x1e38  Msfs - ok
18:15:22.0945 0x1e38  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:15:22.0988 0x1e38  mshidkmdf - ok
18:15:22.0993 0x1e38  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:15:23.0009 0x1e38  msisadrv - ok
18:15:23.0017 0x1e38  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:15:23.0065 0x1e38  MSiSCSI - ok
18:15:23.0068 0x1e38  msiserver - ok
18:15:23.0073 0x1e38  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:15:23.0113 0x1e38  MSKSSRV - ok
18:15:23.0116 0x1e38  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:15:23.0156 0x1e38  MSPCLOCK - ok
18:15:23.0165 0x1e38  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:15:23.0203 0x1e38  MSPQM - ok
18:15:23.0217 0x1e38  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:15:23.0252 0x1e38  MsRPC - ok
18:15:23.0259 0x1e38  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:15:23.0279 0x1e38  mssmbios - ok
18:15:23.0284 0x1e38  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:15:23.0321 0x1e38  MSTEE - ok
18:15:23.0326 0x1e38  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:15:23.0343 0x1e38  MTConfig - ok
18:15:23.0348 0x1e38  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:15:23.0366 0x1e38  Mup - ok
18:15:23.0385 0x1e38  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:15:23.0437 0x1e38  napagent - ok
18:15:23.0450 0x1e38  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:15:23.0485 0x1e38  NativeWifiP - ok
18:15:23.0515 0x1e38  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:15:23.0550 0x1e38  NDIS - ok
18:15:23.0556 0x1e38  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:15:23.0595 0x1e38  NdisCap - ok
18:15:23.0600 0x1e38  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:15:23.0636 0x1e38  NdisTapi - ok
18:15:23.0641 0x1e38  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:15:23.0681 0x1e38  Ndisuio - ok
18:15:23.0690 0x1e38  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:15:23.0738 0x1e38  NdisWan - ok
18:15:23.0744 0x1e38  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:15:23.0787 0x1e38  NDProxy - ok
18:15:23.0792 0x1e38  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:15:23.0830 0x1e38  NetBIOS - ok
18:15:23.0843 0x1e38  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:15:23.0886 0x1e38  NetBT - ok
18:15:23.0890 0x1e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
18:15:23.0903 0x1e38  Netlogon - ok
18:15:23.0917 0x1e38  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:15:23.0963 0x1e38  Netman - ok
18:15:23.0972 0x1e38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:15:24.0000 0x1e38  NetMsmqActivator - ok
18:15:24.0009 0x1e38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:15:24.0024 0x1e38  NetPipeActivator - ok
18:15:24.0041 0x1e38  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:15:24.0101 0x1e38  netprofm - ok
18:15:24.0116 0x1e38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:15:24.0132 0x1e38  NetTcpActivator - ok
18:15:24.0140 0x1e38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:15:24.0155 0x1e38  NetTcpPortSharing - ok
18:15:24.0161 0x1e38  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:15:24.0179 0x1e38  nfrd960 - ok
18:15:24.0196 0x1e38  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:15:24.0218 0x1e38  NlaSvc - ok
18:15:24.0224 0x1e38  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:15:24.0267 0x1e38  Npfs - ok
18:15:24.0272 0x1e38  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:15:24.0318 0x1e38  nsi - ok
18:15:24.0322 0x1e38  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:15:24.0361 0x1e38  nsiproxy - ok
18:15:24.0414 0x1e38  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:15:24.0490 0x1e38  Ntfs - ok
18:15:24.0496 0x1e38  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:15:24.0538 0x1e38  Null - ok
18:15:24.0909 0x1e38  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:15:25.0259 0x1e38  nvlddmkm - ok
18:15:25.0324 0x1e38  [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:15:25.0398 0x1e38  NvNetworkService - ok
18:15:25.0408 0x1e38  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:15:25.0433 0x1e38  nvraid - ok
18:15:25.0438 0x1e38  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:15:25.0463 0x1e38  nvstor - ok
18:15:25.0468 0x1e38  [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:15:25.0483 0x1e38  NvStreamKms - ok
18:15:25.0993 0x1e38  [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:15:26.0438 0x1e38  NvStreamSvc - ok
18:15:26.0478 0x1e38  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:15:26.0503 0x1e38  nvsvc - ok
18:15:26.0508 0x1e38  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:15:26.0523 0x1e38  nvvad_WaveExtensible - ok
18:15:26.0528 0x1e38  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:15:26.0543 0x1e38  nv_agp - ok
18:15:26.0548 0x1e38  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:15:26.0563 0x1e38  ohci1394 - ok
18:15:26.0568 0x1e38  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:15:26.0588 0x1e38  ose64 - ok
18:15:26.0698 0x1e38  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:15:26.0843 0x1e38  osppsvc - ok
18:15:26.0858 0x1e38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:15:26.0878 0x1e38  p2pimsvc - ok
18:15:26.0893 0x1e38  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:15:26.0923 0x1e38  p2psvc - ok
18:15:26.0928 0x1e38  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:15:26.0943 0x1e38  Parport - ok
18:15:26.0948 0x1e38  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:15:26.0968 0x1e38  partmgr - ok
18:15:26.0973 0x1e38  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:15:26.0998 0x1e38  PcaSvc - ok
18:15:27.0003 0x1e38  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:15:27.0023 0x1e38  pci - ok
18:15:27.0028 0x1e38  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:15:27.0043 0x1e38  pciide - ok
18:15:27.0048 0x1e38  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:15:27.0073 0x1e38  pcmcia - ok
18:15:27.0073 0x1e38  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:15:27.0093 0x1e38  pcw - ok
18:15:27.0108 0x1e38  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:15:27.0158 0x1e38  PEAUTH - ok
18:15:27.0193 0x1e38  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:15:27.0238 0x1e38  PeerDistSvc - ok
18:15:27.0258 0x1e38  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:15:27.0278 0x1e38  PerfHost - ok
18:15:27.0313 0x1e38  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:15:27.0388 0x1e38  pla - ok
18:15:27.0403 0x1e38  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:15:27.0433 0x1e38  PlugPlay - ok
18:15:27.0438 0x1e38  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:15:27.0463 0x1e38  PNRPAutoReg - ok
18:15:27.0473 0x1e38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:15:27.0504 0x1e38  PNRPsvc - ok
18:15:27.0509 0x1e38  [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64         C:\Windows\system32\DRIVERS\point64.sys
18:15:27.0534 0x1e38  Point64 - ok
18:15:27.0549 0x1e38  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:15:27.0604 0x1e38  PolicyAgent - ok
18:15:27.0614 0x1e38  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:15:27.0644 0x1e38  Power - ok
18:15:27.0654 0x1e38  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:15:27.0699 0x1e38  PptpMiniport - ok
18:15:27.0704 0x1e38  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:15:27.0724 0x1e38  Processor - ok
18:15:27.0734 0x1e38  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:15:27.0759 0x1e38  ProfSvc - ok
18:15:27.0764 0x1e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:15:27.0779 0x1e38  ProtectedStorage - ok
18:15:27.0784 0x1e38  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:15:27.0819 0x1e38  Psched - ok
18:15:27.0824 0x1e38  qknfd - ok
18:15:27.0864 0x1e38  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:15:27.0924 0x1e38  ql2300 - ok
18:15:27.0934 0x1e38  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:15:27.0959 0x1e38  ql40xx - ok
18:15:27.0974 0x1e38  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:15:28.0014 0x1e38  QWAVE - ok
18:15:28.0019 0x1e38  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:15:28.0039 0x1e38  QWAVEdrv - ok
18:15:28.0044 0x1e38  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:15:28.0084 0x1e38  RasAcd - ok
18:15:28.0089 0x1e38  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:15:28.0139 0x1e38  RasAgileVpn - ok
18:15:28.0149 0x1e38  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:15:28.0199 0x1e38  RasAuto - ok
18:15:28.0204 0x1e38  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:15:28.0249 0x1e38  Rasl2tp - ok
18:15:28.0264 0x1e38  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:15:28.0323 0x1e38  RasMan - ok
18:15:28.0329 0x1e38  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:15:28.0377 0x1e38  RasPppoe - ok
18:15:28.0383 0x1e38  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:15:28.0423 0x1e38  RasSstp - ok
18:15:28.0435 0x1e38  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:15:28.0485 0x1e38  rdbss - ok
18:15:28.0489 0x1e38  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:15:28.0510 0x1e38  rdpbus - ok
18:15:28.0513 0x1e38  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:15:28.0553 0x1e38  RDPCDD - ok
18:15:28.0563 0x1e38  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:15:28.0589 0x1e38  RDPDR - ok
18:15:28.0592 0x1e38  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:15:28.0630 0x1e38  RDPENCDD - ok
18:15:28.0634 0x1e38  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:15:28.0674 0x1e38  RDPREFMP - ok
18:15:28.0680 0x1e38  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:15:28.0695 0x1e38  RdpVideoMiniport - ok
18:15:28.0705 0x1e38  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:15:28.0727 0x1e38  RDPWD - ok
18:15:28.0736 0x1e38  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:15:28.0763 0x1e38  rdyboost - ok
18:15:28.0769 0x1e38  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:15:28.0817 0x1e38  RemoteAccess - ok
18:15:28.0825 0x1e38  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:15:28.0876 0x1e38  RemoteRegistry - ok
18:15:28.0881 0x1e38  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:15:28.0922 0x1e38  RpcEptMapper - ok
18:15:28.0925 0x1e38  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:15:28.0940 0x1e38  RpcLocator - ok
18:15:28.0956 0x1e38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:15:29.0003 0x1e38  RpcSs - ok
18:15:29.0009 0x1e38  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:15:29.0048 0x1e38  rspndr - ok
18:15:29.0064 0x1e38  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:15:29.0090 0x1e38  RTL8167 - ok
18:15:29.0094 0x1e38  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:15:29.0108 0x1e38  s3cap - ok
18:15:29.0112 0x1e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
18:15:29.0123 0x1e38  SamSs - ok
18:15:29.0129 0x1e38  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:15:29.0149 0x1e38  sbp2port - ok
18:15:29.0157 0x1e38  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:15:29.0204 0x1e38  SCardSvr - ok
18:15:29.0210 0x1e38  [ 0E3B268357B750D93584981766FA0816, CCDFF71FF75D6E062952E677290CDC98C56BE921B2B9B6B2B388F07A8A5AEC1F ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
18:15:29.0226 0x1e38  SCDEmu - ok
18:15:29.0231 0x1e38  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:15:29.0273 0x1e38  scfilter - ok
18:15:29.0309 0x1e38  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:15:29.0383 0x1e38  Schedule - ok
18:15:29.0389 0x1e38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:15:29.0424 0x1e38  SCPolicySvc - ok
18:15:29.0432 0x1e38  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:15:29.0459 0x1e38  SDRSVC - ok
18:15:29.0463 0x1e38  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:15:29.0501 0x1e38  secdrv - ok
18:15:29.0504 0x1e38  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:15:29.0541 0x1e38  seclogon - ok
18:15:29.0552 0x1e38  [ 90DD3E2FF88431F103EED6C550CB9158, 03B3748ED54C68E95199B97C9AE0DD9FE9CD8A850F76860F5C79A1D5EB1B52A6 ] SecurityCenterServer653676718 C:\Windows\SysWOW64\vuognah.exe
18:15:29.0565 0x1e38  SecurityCenterServer653676718 - detected UnsignedFile.Multi.Generic ( 1 )
18:15:32.0437 0x1e38  SecurityCenterServer653676718 ( UnsignedFile.Multi.Generic ) - warning
18:15:35.0035 0x1e38  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:15:35.0065 0x1e38  SENS - ok
18:15:35.0065 0x1e38  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:15:35.0085 0x1e38  SensrSvc - ok
18:15:35.0085 0x1e38  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:15:35.0100 0x1e38  Serenum - ok
18:15:35.0105 0x1e38  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:15:35.0120 0x1e38  Serial - ok
18:15:35.0125 0x1e38  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:15:35.0140 0x1e38  sermouse - ok
18:15:35.0145 0x1e38  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:15:35.0180 0x1e38  SessionEnv - ok
18:15:35.0185 0x1e38  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:15:35.0200 0x1e38  sffdisk - ok
18:15:35.0200 0x1e38  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:15:35.0220 0x1e38  sffp_mmc - ok
18:15:35.0220 0x1e38  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:15:35.0235 0x1e38  sffp_sd - ok
18:15:35.0240 0x1e38  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:15:35.0250 0x1e38  sfloppy - ok
18:15:35.0265 0x1e38  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:15:35.0305 0x1e38  SharedAccess - ok
18:15:35.0320 0x1e38  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:15:35.0360 0x1e38  ShellHWDetection - ok
18:15:35.0365 0x1e38  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:15:35.0380 0x1e38  SiSRaid2 - ok
18:15:35.0385 0x1e38  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:15:35.0400 0x1e38  SiSRaid4 - ok
18:15:35.0405 0x1e38  [ E15176399AF40B56AC09A823708B85D7, 463BEA1E1DD5AC1DE82D07C181388693B937745E4949A9010560B638303BE144 ] SlingAgentService C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
18:15:35.0420 0x1e38  SlingAgentService - ok
18:15:35.0420 0x1e38  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:15:35.0455 0x1e38  Smb - ok
18:15:35.0460 0x1e38  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:15:35.0475 0x1e38  SNMPTRAP - ok
18:15:35.0480 0x1e38  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:15:35.0490 0x1e38  spldr - ok
18:15:35.0505 0x1e38  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:15:35.0530 0x1e38  Spooler - ok
18:15:35.0610 0x1e38  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:15:35.0720 0x1e38  sppsvc - ok
18:15:35.0725 0x1e38  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:15:35.0765 0x1e38  sppuinotify - ok
18:15:35.0775 0x1e38  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:15:35.0805 0x1e38  srv - ok
18:15:35.0815 0x1e38  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:15:35.0845 0x1e38  srv2 - ok
18:15:35.0850 0x1e38  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:15:35.0870 0x1e38  srvnet - ok
18:15:35.0880 0x1e38  [ 2F4595C0AFA2152D67AAE594DC461509, 7CD0C856EC11362EDA45779696EA670DF0047070515DDBDA65C4741EC401CB59 ] SSCBFS3         C:\Windows\system32\DRIVERS\sscbfs3.sys
18:15:35.0890 0x1e38  SSCBFS3 - ok
18:15:35.0900 0x1e38  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:15:35.0945 0x1e38  SSDPSRV - ok
18:15:35.0950 0x1e38  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:15:35.0985 0x1e38  SstpSvc - ok
18:15:35.0995 0x1e38  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:15:36.0020 0x1e38  Stereo Service - ok
18:15:36.0020 0x1e38  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:15:36.0035 0x1e38  stexstor - ok
18:15:36.0055 0x1e38  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:15:36.0090 0x1e38  stisvc - ok
18:15:36.0095 0x1e38  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:15:36.0110 0x1e38  storflt - ok
18:15:36.0115 0x1e38  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:15:36.0125 0x1e38  storvsc - ok
18:15:36.0130 0x1e38  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:15:36.0140 0x1e38  swenum - ok
18:15:36.0155 0x1e38  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:15:36.0200 0x1e38  swprv - ok
18:15:36.0200 0x1e38  Synth3dVsc - ok
18:15:36.0245 0x1e38  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:15:36.0315 0x1e38  SysMain - ok
18:15:36.0325 0x1e38  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:15:36.0345 0x1e38  TabletInputService - ok
18:15:36.0355 0x1e38  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:15:36.0390 0x1e38  TapiSrv - ok
18:15:36.0395 0x1e38  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:15:36.0430 0x1e38  TBS - ok
18:15:36.0475 0x1e38  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:15:36.0540 0x1e38  Tcpip - ok
18:15:36.0580 0x1e38  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:15:36.0625 0x1e38  TCPIP6 - ok
18:15:36.0635 0x1e38  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:15:36.0650 0x1e38  tcpipreg - ok
18:15:36.0655 0x1e38  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:15:36.0665 0x1e38  TDPIPE - ok
18:15:36.0670 0x1e38  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:15:36.0685 0x1e38  TDTCP - ok
18:15:36.0690 0x1e38  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:15:36.0720 0x1e38  tdx - ok
18:15:36.0725 0x1e38  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:15:36.0740 0x1e38  TermDD - ok
18:15:36.0755 0x1e38  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
18:15:36.0815 0x1e38  TermService - ok
18:15:36.0820 0x1e38  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:15:36.0840 0x1e38  Themes - ok
18:15:36.0845 0x1e38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:15:36.0870 0x1e38  THREADORDER - ok
18:15:36.0875 0x1e38  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:15:36.0915 0x1e38  TrkWks - ok
18:15:36.0920 0x1e38  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:15:36.0950 0x1e38  TrustedInstaller - ok
18:15:36.0955 0x1e38  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:15:36.0970 0x1e38  tssecsrv - ok
18:15:36.0975 0x1e38  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:15:36.0990 0x1e38  TsUsbFlt - ok
18:15:36.0990 0x1e38  tsusbhub - ok
18:15:36.0995 0x1e38  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:15:37.0040 0x1e38  tunnel - ok
18:15:37.0045 0x1e38  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:15:37.0060 0x1e38  uagp35 - ok
18:15:37.0071 0x1e38  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:15:37.0106 0x1e38  udfs - ok
18:15:37.0116 0x1e38  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:15:37.0131 0x1e38  UI0Detect - ok
18:15:37.0136 0x1e38  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:15:37.0151 0x1e38  uliagpkx - ok
18:15:37.0156 0x1e38  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
18:15:37.0171 0x1e38  umbus - ok
18:15:37.0171 0x1e38  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:15:37.0186 0x1e38  UmPass - ok
18:15:37.0191 0x1e38  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:15:37.0216 0x1e38  UmRdpService - ok
18:15:37.0231 0x1e38  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:15:37.0256 0x1e38  UMVPFSrv - ok
18:15:37.0261 0x1e38  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
18:15:37.0271 0x1e38  UnlockerDriver5 - ok
18:15:37.0281 0x1e38  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:15:37.0321 0x1e38  upnphost - ok
18:15:37.0326 0x1e38  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:15:37.0341 0x1e38  USBAAPL64 - ok
18:15:37.0346 0x1e38  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:15:37.0361 0x1e38  usbaudio - ok
18:15:37.0366 0x1e38  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:15:37.0381 0x1e38  usbccgp - ok
18:15:37.0386 0x1e38  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:15:37.0406 0x1e38  usbcir - ok
18:15:37.0406 0x1e38  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:15:37.0421 0x1e38  usbehci - ok
18:15:37.0436 0x1e38  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:15:37.0461 0x1e38  usbhub - ok
18:15:37.0461 0x1e38  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:15:37.0476 0x1e38  usbohci - ok
18:15:37.0481 0x1e38  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:15:37.0501 0x1e38  usbprint - ok
18:15:37.0506 0x1e38  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:15:37.0526 0x1e38  usbscan - ok
18:15:37.0531 0x1e38  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:15:37.0551 0x1e38  USBSTOR - ok
18:15:37.0556 0x1e38  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:15:37.0576 0x1e38  usbuhci - ok
18:15:37.0581 0x1e38  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:15:37.0606 0x1e38  usbvideo - ok
18:15:37.0611 0x1e38  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:15:37.0651 0x1e38  UxSms - ok
18:15:37.0656 0x1e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
18:15:37.0671 0x1e38  VaultSvc - ok
18:15:37.0671 0x1e38  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:15:37.0691 0x1e38  vdrvroot - ok
18:15:37.0706 0x1e38  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:15:37.0761 0x1e38  vds - ok
18:15:37.0771 0x1e38  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:15:37.0791 0x1e38  vga - ok
18:15:37.0791 0x1e38  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:15:37.0831 0x1e38  VgaSave - ok
18:15:37.0836 0x1e38  VGPU - ok
18:15:37.0846 0x1e38  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:15:37.0871 0x1e38  vhdmp - ok
18:15:37.0871 0x1e38  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:15:37.0886 0x1e38  viaide - ok
18:15:37.0896 0x1e38  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:15:37.0916 0x1e38  vmbus - ok
18:15:37.0921 0x1e38  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:15:37.0936 0x1e38  VMBusHID - ok
18:15:37.0936 0x1e38  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:15:37.0956 0x1e38  volmgr - ok
18:15:37.0966 0x1e38  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:15:37.0996 0x1e38  volmgrx - ok
18:15:38.0011 0x1e38  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:15:38.0046 0x1e38  volsnap - ok
18:15:38.0056 0x1e38  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:15:38.0086 0x1e38  vsmraid - ok
18:15:38.0126 0x1e38  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:15:38.0201 0x1e38  VSS - ok
18:15:38.0206 0x1e38  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:15:38.0221 0x1e38  vwifibus - ok
18:15:38.0231 0x1e38  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:15:38.0281 0x1e38  W32Time - ok
18:15:38.0286 0x1e38  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:15:38.0306 0x1e38  WacomPen - ok
18:15:38.0311 0x1e38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:15:38.0366 0x1e38  WANARP - ok
18:15:38.0376 0x1e38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:15:38.0416 0x1e38  Wanarpv6 - ok
18:15:38.0451 0x1e38  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:15:38.0511 0x1e38  WatAdminSvc - ok
18:15:38.0551 0x1e38  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:15:38.0616 0x1e38  wbengine - ok
18:15:38.0626 0x1e38  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:15:38.0666 0x1e38  WbioSrvc - ok
18:15:38.0681 0x1e38  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:15:38.0726 0x1e38  wcncsvc - ok
18:15:38.0731 0x1e38  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:15:38.0751 0x1e38  WcsPlugInService - ok
18:15:38.0756 0x1e38  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:15:38.0771 0x1e38  Wd - ok
18:15:38.0791 0x1e38  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:15:38.0836 0x1e38  Wdf01000 - ok
18:15:38.0846 0x1e38  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:15:38.0881 0x1e38  WdiServiceHost - ok
18:15:38.0886 0x1e38  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:15:38.0916 0x1e38  WdiSystemHost - ok
18:15:38.0926 0x1e38  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:15:38.0951 0x1e38  WebClient - ok
18:15:38.0961 0x1e38  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:15:39.0016 0x1e38  Wecsvc - ok
18:15:39.0021 0x1e38  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:15:39.0066 0x1e38  wercplsupport - ok
18:15:39.0071 0x1e38  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:15:39.0126 0x1e38  WerSvc - ok
18:15:39.0131 0x1e38  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:15:39.0161 0x1e38  WfpLwf - ok
18:15:39.0166 0x1e38  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:15:39.0181 0x1e38  WIMMount - ok
18:15:39.0186 0x1e38  WinDefend - ok
18:15:39.0191 0x1e38  WinHttpAutoProxySvc - ok
18:15:39.0201 0x1e38  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:15:39.0246 0x1e38  Winmgmt - ok
18:15:39.0291 0x1e38  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:15:39.0381 0x1e38  WinRM - ok
18:15:39.0391 0x1e38  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:15:39.0411 0x1e38  WinUsb - ok
18:15:39.0436 0x1e38  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:15:39.0496 0x1e38  Wlansvc - ok
18:15:39.0561 0x1e38  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:15:39.0641 0x1e38  wlidsvc - ok
18:15:39.0651 0x1e38  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:15:39.0666 0x1e38  WmiAcpi - ok
18:15:39.0676 0x1e38  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:15:39.0706 0x1e38  wmiApSrv - ok
18:15:39.0711 0x1e38  WMPNetworkSvc - ok
18:15:39.0716 0x1e38  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:15:39.0736 0x1e38  WPCSvc - ok
18:15:39.0741 0x1e38  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:15:39.0766 0x1e38  WPDBusEnum - ok
18:15:39.0771 0x1e38  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:15:39.0801 0x1e38  ws2ifsl - ok
18:15:39.0806 0x1e38  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:15:39.0831 0x1e38  wscsvc - ok
18:15:39.0831 0x1e38  WSearch - ok
18:15:39.0891 0x1e38  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:15:39.0956 0x1e38  wuauserv - ok
18:15:39.0966 0x1e38  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:15:39.0986 0x1e38  WudfPf - ok
18:15:39.0996 0x1e38  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:15:40.0016 0x1e38  WUDFRd - ok
18:15:40.0026 0x1e38  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:15:40.0046 0x1e38  wudfsvc - ok
18:15:40.0056 0x1e38  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:15:40.0081 0x1e38  WwanSvc - ok
18:15:40.0086 0x1e38  ================ Scan global ===============================
18:15:40.0091 0x1e38  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:15:40.0101 0x1e38  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:15:40.0121 0x1e38  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:15:40.0126 0x1e38  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:15:40.0136 0x1e38  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:15:40.0151 0x1e38  [ Global ] - ok
18:15:40.0151 0x1e38  ================ Scan MBR ==================================
18:15:40.0161 0x1e38  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:15:40.0396 0x1e38  \Device\Harddisk1\DR1 - ok
18:15:40.0396 0x1e38  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:15:40.0486 0x1e38  \Device\Harddisk0\DR0 - ok
18:15:40.0501 0x1e38  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk6\DR6
18:15:40.0601 0x1e38  \Device\Harddisk6\DR6 - ok
18:15:40.0601 0x1e38  ================ Scan VBR ==================================
18:15:40.0606 0x1e38  [ 046342F898994D99E166E174A1938CA3 ] \Device\Harddisk1\DR1\Partition1
18:15:40.0641 0x1e38  \Device\Harddisk1\DR1\Partition1 - ok
18:15:40.0641 0x1e38  [ 588BEB94AFDABF357059997CD310B3D7 ] \Device\Harddisk0\DR0\Partition1
18:15:40.0641 0x1e38  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
18:15:40.0641 0x1e38  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
18:15:43.0911 0x1e38  [ D9B87E1D54F3D57287C9FC1464D53549 ] \Device\Harddisk6\DR6\Partition1
18:15:43.0951 0x1e38  \Device\Harddisk6\DR6\Partition1 - ok
18:15:43.0956 0x1e38  ================ Scan generic autorun ======================
18:15:43.0961 0x1e38  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
18:15:43.0966 0x1e38  BCSSync - ok
18:15:43.0981 0x1e38  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:15:43.0996 0x1e38  AdobeAAMUpdater-1.0 - ok
18:15:44.0001 0x1e38  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:15:44.0011 0x1e38  ShadowPlay - ok
18:15:44.0056 0x1e38  [ 05470C684B62C2F86325D8685E4513CB, EDE70A162AFA104D774AE1D8D3A077F2C12940851EC5BA785242F4032EEA902E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:15:44.0111 0x1e38  NvBackend - ok
18:15:44.0121 0x1e38  [ 90DD3E2FF88431F103EED6C550CB9158, 03B3748ED54C68E95199B97C9AE0DD9FE9CD8A850F76860F5C79A1D5EB1B52A6 ] C:\Users\Isaac\AppData\Roaming\Voleawud\ymybe.exe
18:15:44.0131 0x1e38  Yvulylezvoohg - detected UnsignedFile.Multi.Generic ( 1 )
18:15:44.0131 0x1e38  Yvulylezvoohg ( UnsignedFile.Multi.Generic ) - warning
18:15:47.0246 0x1e38  [ BCD9CBF0621F9A6767276A2E0BF1DD15, C0748AEE57A79D1AD8A4307D3ECB03A517464D047CD5CC64BAD299E0BFAEFB60 ] C:\Program Files (x86)\Google\Google Talk\googletalk.exe
18:15:47.0326 0x1e38  googletalk - detected UnsignedFile.Multi.Generic ( 1 )
18:15:50.0662 0x1e38  Detect skipped due to KSN trusted
18:15:50.0662 0x1e38  googletalk - ok
18:15:50.0687 0x1e38  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:15:50.0707 0x1e38  avgnt - ok
18:15:50.0707 0x1e38  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:15:50.0722 0x1e38  APSDaemon - ok
18:15:50.0742 0x1e38  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:15:50.0772 0x1e38  Adobe ARM - ok
18:15:50.0797 0x1e38  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:15:50.0852 0x1e38  Sidebar - ok
18:15:50.0857 0x1e38  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:15:50.0882 0x1e38  mctadmin - ok
18:15:50.0907 0x1e38  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:15:50.0947 0x1e38  Sidebar - ok
18:15:50.0952 0x1e38  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:15:50.0967 0x1e38  mctadmin - ok
18:15:51.0223 0x1e38  [ 3A0D949461B2706235BA283A9C9E63E9, 0B9A1C59EC5D9B74CD8BD66B9CBF9202F8C4074D41B13642544BDB75B326EABC ] C:\Program Files (x86)\SugarSync\SugarSync.exe
18:15:51.0498 0x1e38  SugarSync - ok
18:15:51.0508 0x1e38  GoogleDriveSync - ok
18:15:51.0513 0x1e38  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe
18:15:51.0523 0x1e38  Google Update - ok
18:15:51.0583 0x1e38  [ ADC55133E9D66939CFF779715E33B15E, CA7BB49B8F0D3AAE9133CAD18146922CEEC0583F0EBA11E71657C1A9F7D441E8 ] C:\Users\Isaac\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
18:15:51.0658 0x1e38  Amazon Cloud Player - detected UnsignedFile.Multi.Generic ( 1 )
18:15:54.0998 0x1e38  Detect skipped due to KSN trusted
18:15:54.0998 0x1e38  Amazon Cloud Player - ok
18:15:54.0998 0x1e38  [ 7E6870981D989AF191C99D325292ABC6, 8527296CD6D18FE3DECF639FB407F553D9C6A72F73195D9DAD707D2465F63033 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
18:15:55.0008 0x1e38  Allway Sync - ok
18:15:55.0083 0x1e38  [ BAB442AE1AEF7D7CFAB62344FCCCFEA7, 8B757713D0B298B1762A617D29B688E11D82EAD9DF1605A6FCFA93BBC52646B9 ] C:\Users\Isaac\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
18:15:55.0163 0x1e38  Google+ Auto Backup - ok
18:15:55.0183 0x1e38  [ AC08A03D7E579E2903925736E7AB48F2, B4350DFB5BF153D60C38835FD0D4A13A993B5FCEDE04F98750396EDF0070B3FE ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:15:55.0203 0x1e38  GoogleChromeAutoLaunch_66D9B4593984BB5EE437F9BA7B8E9ADA - ok
18:15:55.0213 0x1e38  [ 90DD3E2FF88431F103EED6C550CB9158, 03B3748ED54C68E95199B97C9AE0DD9FE9CD8A850F76860F5C79A1D5EB1B52A6 ] C:\Users\Isaac\AppData\Roaming\Voleawud\ymybe.exe
18:15:55.0218 0x1e38  Yvulylezvoohg - detected UnsignedFile.Multi.Generic ( 1 )
18:15:55.0218 0x1e38  Yvulylezvoohg ( UnsignedFile.Multi.Generic ) - warning
18:16:06.0307 0x1e38  [ 55344B38486A04BD2476C061BF922A1A, B046281ED6A65CD715361ACCB650AA896B57323C21A60A3381B5034CE1C9EFD2 ] C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate\DeviceProperties.exe
18:16:06.0317 0x1e38  Suspicious file ( NoAccess ): C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate\DeviceProperties.exe. md5: 55344B38486A04BD2476C061BF922A1A, sha256: B046281ED6A65CD715361ACCB650AA896B57323C21A60A3381B5034CE1C9EFD2
18:16:06.0317 0x1e38  DeviceProperties - detected LockedFile.Multi.Generic ( 1 )
18:16:16.0321 0x1e38  DeviceProperties ( LockedFile.Multi.Generic ) - warning
18:16:19.0483 0x1e38  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41010 ( enabled : outofdate )
18:16:19.0498 0x1e38  Win FW state via NFP2: enabled
18:16:22.0564 0x1e38  ============================================================
18:16:22.0564 0x1e38  Scan finished
18:16:22.0564 0x1e38  ============================================================
18:16:22.0569 0x1e98  Detected object count: 5
18:16:22.0569 0x1e98  Actual detected object count: 5
18:17:11.0356 0x1e98  SecurityCenterServer653676718 ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:11.0356 0x1e98  SecurityCenterServer653676718 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:17:11.0356 0x1e98  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
18:17:11.0356 0x1e98  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip 
18:17:11.0356 0x1e98  Yvulylezvoohg ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:11.0356 0x1e98  Yvulylezvoohg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:17:11.0356 0x1e98  Yvulylezvoohg ( UnsignedFile.Multi.Generic ) - skipped by user
18:17:11.0356 0x1e98  Yvulylezvoohg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:17:11.0356 0x1e98  DeviceProperties ( LockedFile.Multi.Generic ) - skipped by user
18:17:11.0356 0x1e98  DeviceProperties ( LockedFile.Multi.Generic ) - User select action: Skip 
18:17:14.0001 0x1744  Deinitialize success


#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 22 September 2014 - 04:56 AM

Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • If any threats are found, don´t click the Cleanup button - rather save the log and post it up in your topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 dadrivr

dadrivr
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 22 September 2014 - 05:42 PM

My computer was becoming non-functional and wouldn't stay on for more than a minute without going to a blue screen.  Because I had to get work done, I had to start removing threats (sorry).  The following posts have logs from TDSSKiller and MalwareBytes:

13:00:04.0856 0x092c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:00:08.0886 0x092c  ============================================================
13:00:08.0886 0x092c  Current date / time: 2014/09/21 13:00:08.0886
13:01:50.0743 0x18c8  ============================================================
13:01:50.0743 0x18c8  Scan finished
13:01:50.0743 0x18c8  ============================================================
13:01:50.0748 0x0bf0  Detected object count: 4
13:01:50.0748 0x0bf0  Actual detected object count: 4
13:02:01.0979 0x0bf0  C:\Windows\SysWOW64\vuognah.exe - copied to quarantine
13:02:01.0979 0x0bf0  HKLM\SYSTEM\ControlSet001\services\SecurityCenterServer653676718 - will be deleted on reboot
13:02:01.0979 0x0bf0  HKLM\SYSTEM\ControlSet002\services\SecurityCenterServer653676718 - will be deleted on reboot
13:02:01.0984 0x0bf0  C:\Windows\SysWOW64\vuognah.exe - will be deleted on reboot
13:02:01.0984 0x0bf0  SecurityCenterServer653676718 ( LockedFile.Multi.Generic ) - User select action: Delete 
13:02:06.0004 0x0bf0  C:\Users\Isaac\AppData\Roaming\Voleawud\ymybe.exe - copied to quarantine
13:02:06.0004 0x0bf0  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:Yvulylezvoohg - will be deleted on reboot
13:02:06.0009 0x0bf0  C:\Users\Isaac\AppData\Roaming\Voleawud\ymybe.exe - will be deleted on reboot
13:02:06.0009 0x0bf0  Yvulylezvoohg ( LockedFile.Multi.Generic ) - User select action: Delete 
13:02:10.0044 0x0bf0  C:\Users\Isaac\AppData\Roaming\Voleawud\ymybe.exe - copied to quarantine
13:02:10.0044 0x0bf0  HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Run:Yvulylezvoohg - will be deleted on reboot
13:02:10.0049 0x0bf0  C:\Users\Isaac\AppData\Roaming\Voleawud\ymybe.exe - will be deleted on reboot
13:02:10.0049 0x0bf0  Yvulylezvoohg ( LockedFile.Multi.Generic ) - User select action: Delete 
13:02:14.0080 0x0bf0  C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate\DeviceProperties.exe - copied to quarantine
13:02:14.0080 0x0bf0  HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Run:DeviceProperties - will be deleted on reboot
13:02:14.0080 0x0bf0  C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate\DeviceProperties.exe - will be deleted on reboot
13:02:14.0080 0x0bf0  DeviceProperties ( LockedFile.Multi.Generic ) - User select action: Delete 
13:02:14.0135 0x0bf0  KLMD registered as C:\Windows\system32\drivers\33152093.sys
13:03:39.0617 0x101c  Deinitialize success
13:04:50.0000 0x0cf4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:04:50.0000 0x0cf4  ============================================================
13:04:50.0000 0x0cf4  Current date / time: 2014/09/21 13:04:50.0000
13:07:55.0662 0x1464  ============================================================
13:07:55.0662 0x1464  Scan finished
13:07:55.0662 0x1464  ============================================================
13:07:55.0665 0x1854  Detected object count: 3
13:07:55.0665 0x1854  Actual detected object count: 3
13:08:01.0967 0x1854  C:\Program Files\CrashPlan\CrashPlanService.exe - copied to quarantine
13:08:01.0968 0x1854  HKLM\SYSTEM\ControlSet001\services\CrashPlanService - will be deleted on reboot
13:08:01.0969 0x1854  HKLM\SYSTEM\ControlSet002\services\CrashPlanService - will be deleted on reboot
13:08:01.0978 0x1854  C:\Program Files\CrashPlan\CrashPlanService.exe - will be deleted on reboot
13:08:01.0978 0x1854  CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Delete 
13:08:02.0111 0x1854  C:\Program Files (x86)\Google\Google Talk\googletalk.exe - copied to quarantine
13:08:02.0112 0x1854  HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run:googletalk - will be deleted on reboot
13:08:02.0112 0x1854  C:\Program Files (x86)\Google\Google Talk\googletalk.exe - will be deleted on reboot
13:08:02.0112 0x1854  googletalk ( UnsignedFile.Multi.Generic ) - User select action: Delete 
13:08:02.0223 0x1854  C:\Users\Isaac\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe - copied to quarantine
13:08:02.0224 0x1854  HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Run:Amazon Cloud Player - will be deleted on reboot
13:08:02.0224 0x1854  C:\Users\Isaac\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe - will be deleted on reboot
13:08:02.0224 0x1854  Amazon Cloud Player ( UnsignedFile.Multi.Generic ) - User select action: Delete 
13:08:02.0303 0x1854  KLMD registered as C:\Windows\system32\drivers\32453719.sys
13:08:03.0567 0x0cc4  Deinitialize success

18:25:18.0735 0x1150  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:25:23.0139 0x1150  ============================================================
18:25:23.0139 0x1150  Current date / time: 2014/09/22 18:25:23.0139
18:26:14.0202 0x0d84  ============================================================
18:26:14.0202 0x0d84  Scan finished
18:26:14.0202 0x0d84  ============================================================
18:26:14.0207 0x1ba0  Detected object count: 1
18:26:14.0207 0x1ba0  Actual detected object count: 1
18:26:54.0699 0x1ba0  C:\Users\Isaac\AppData\Local\Ipwvsoft\tmpC8F9.exe - copied to quarantine
18:26:54.0700 0x1ba0  HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Run:Ipwvsoft - will be deleted on reboot
18:26:54.0700 0x1ba0  C:\Users\Isaac\AppData\Local\Ipwvsoft\tmpC8F9.exe - will be deleted on reboot
18:26:54.0700 0x1ba0  Ipwvsoft ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete 
18:26:54.0804 0x1ba0  KLMD registered as C:\Windows\system32\drivers\89121412.sys
18:27:24.0490 0x0ce8  Deinitialize success

18:31:03.0817 0x07d8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:31:05.0650 0x07d8  ============================================================
18:31:05.0650 0x07d8  Current date / time: 2014/09/22 18:31:05.0650
18:31:36.0171 0x178c  ============================================================
18:31:36.0171 0x178c  Scan finished
18:31:36.0171 0x178c  ============================================================
18:31:36.0176 0x0f90  Detected object count: 0
18:31:36.0176 0x0f90  Actual detected object count: 0
18:31:41.0716 0x06d4  Deinitialize success

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/09/21 13:13:50 -0400</date>
<logfile>mbam-log-2014-09-21 (13-13-49).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.09.21.06</malware-database>
<rootkit-database>v2014.09.19.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Isaac</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>316399</objects>
<time>349</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>1</values>
<datas>0</datas>
<folders>0</folders>
<files>2</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>warn</pup>
<pum>enabled</pum>
</options>
<items>
<value><path>HKU\S-1-5-21-58656305-2653736570-3729509596-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\COMMAND PROCESSOR</path><valuename>AutoRun</valuename><vendor>Hijack.Autorun</vendor><action>delete-on-reboot</action><valuedata>&quot;C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate\DeviceProperties.exe&quot;</valuedata><hash>ad9d539df388ea4c34bae158e0232bd5</hash></value>
<file><path>C:\Users\Isaac\AppData\Roaming\PowerISO\Upgrade\PowerISO6.exe</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>0a40a44c6a111e185adcf7367b8acf31</hash></file>
<file><path>C:\Windows\Tasks\Security Center Update - 653676718.job</path><vendor>Trojan.Agent.RvGen</vendor><action>success</action><hash>9dad925e0774290d642284b881838c74</hash></file>
</items>
</mbam-log>
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/09/22 18:31:36 -0400</date>
<logfile>mbam-log-2014-09-22 (18-31-34).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.09.22.08</malware-database>
<rootkit-database>v2014.09.19.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Isaac</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>317773</objects>
<time>369</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>warn</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>

Note, however, that Avira is detecting TR/Crypt.ZPACK.95071.


Edited by dadrivr, 22 September 2014 - 06:26 PM.


#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 23 September 2014 - 07:48 AM

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 dadrivr

dadrivr
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 23 September 2014 - 07:17 PM

Here's FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Isaac (administrator) on ISAAC-PC on 23-09-2014 20:14:40
Running from F:\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Code 42 Software) C:\Program Files\CrashPlan\CrashPlanService.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Logitech Inc.) C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sling Media Inc.) C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Google Inc.) C:\Users\Isaac\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe
(Nemesis][) C:\BTGUARD\myentunnel.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Simon Tatham) C:\BTGUARD\plink.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sensible Vision ) C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [Paosqu] => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [365056 2014-02-16] (Sensible Vision )
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-21] (Power Software Ltd)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Paosqu] => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [365056 2014-02-16] (Sensible Vision )
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [SugarSync] => C:\Program Files (x86)\SugarSync\SugarSync.exe [13119328 2014-05-06] (SugarSync, Inc.)
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Google Update] => C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-06] (Google Inc.)
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2013-12-12] ()
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Google+ Auto Backup] => C:\Users\Isaac\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [GoogleChromeAutoLaunch_66D9B4593984BB5EE437F9BA7B8E9ADA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-03] (Google Inc.)
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Ipwvsoft] => C:\Users\Isaac\AppData\Local\Ipwvsoft\tmpC8F9.exe
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Edkction] => regsvr32.exe
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Ocqcics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Isaac\AppData\Local\Ipwvsoft\MetaSupport.dll
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Paosqu] => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [365056 2014-02-16] (Sensible Vision )
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Policies\Explorer: [Run] "C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate\DeviceProperties.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
Startup: C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTGuard Encryption.lnk
ShortcutTarget: BTGuard Encryption.lnk -> C:\BTGUARD\myentunnel.exe (Nemesis][)
Startup: C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTGuard Updates.lnk
ShortcutTarget: BTGuard Updates.lnk -> C:\BTGUARD\settings.exe ()
Startup: C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Scrobbler.lnk
ShortcutTarget: Last.fm Scrobbler.lnk -> C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe (Last.fm)
Startup: C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 1SecureIconsProvider -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
ShellIconOverlayIdentifiers: EldosIconOverlay -> {69925D1B-6A0F-4413-861A-81AB98039DB9} => C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {39D54CC2-69CF-43b4-B167-577D25E7F496} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncSharedPending -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {69925D1B-6A0F-4413-861A-81AB98039DB9} => C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0A24243C9192CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{31521130-CF41-40BE-81D1-D899C1514B2C}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{A1E2FA8A-02D0-4E54-B269-0A2A898C42A5}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{FF14FEED-76A4-4737-B34F-14AB3AB94B16}: [NameServer] 8.8.8.8,8.8.8.8

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Isaac\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Isaac\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Isaac\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Isaac\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Isaac\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Isaac\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-08-06]

Chrome: 
=======
CHR Profile: C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7
CHR Extension: (Google Drive) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-15]
CHR Extension: (WOT) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-09-15]
CHR Extension: (FutureAdvisor) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\bibdkifndgmakdmmfofkgfecdmnkhcoi [2014-09-15]
CHR Extension: (YouTube) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-15]
CHR Extension: (Honey) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2014-09-15]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-15]
CHR Extension: (Google Search) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-15]
CHR Extension: (Google News) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-09-15]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-09-15]
CHR Extension: (Gmail Offline) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-09-15]
CHR Extension: (Google Calendar) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-09-15]
CHR Extension: (Pandora) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\fbangkleohkafngihneedemihgfeikcl [2014-09-15]
CHR Extension: (Avira Browser Safety) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-15]
CHR Extension: (HTTPS Everywhere) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-09-15]
CHR Extension: (AdBlock) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-15]
CHR Extension: (Hola Better Internet) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-09-15]
CHR Extension: (SuperSorter) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2014-09-15]
CHR Extension: (The Weather Channel for Chrome) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2014-09-15]
CHR Extension: (Music Plus for Google Play Music) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ipfnecmlncaiipncipkgijboddcdmego [2014-09-15]
CHR Extension: (Disconnect) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-09-15]
CHR Extension: (Load today's links) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\keepgbcgekdilbnpklfknmkfmehppaag [2014-09-15]
CHR Extension: (The Great Suspender) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2014-09-15]
CHR Extension: (Google Play) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-09-15]
CHR Extension: (InvisibleHand) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko [2014-09-15]
CHR Extension: (Google Maps) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-09-15]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2014-09-15]
CHR Extension: (Mint) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\mhgffcfekbglhpcdjkhhjekhdnddkflg [2014-09-15]
CHR Extension: (Ghostery) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-09-15]
CHR Extension: (Google Wallet) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-15]
CHR Extension: (Spot - Date Clipper for Google Calendar™) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ogalaicobgnjddfiiananilkfdecfcki [2014-09-15]
CHR Extension: (Picasa) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-09-15]
CHR Extension: (Gmail) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-15]
CHR Extension: (Page One - Banish Multipage Articles) - C:\Users\Isaac\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pojkjlgamiogkhagabbejodnkcnnbfdb [2014-09-15]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Isaac\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-12-12] () [File not signed]
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [223232 2014-06-26] (Code 42 Software) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 SecurityCenterServer2474388848; C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [365056 2014-02-16] (Sensible Vision ) [File not signed]
R2 SlingAgentService; C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe [94024 2010-11-03] (Sling Media Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2013-02-04] (GEAR Software Inc.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SSCBFS3; C:\Windows\System32\DRIVERS\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S1 qknfd; system32\drivers\qknfd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 20:14 - 2014-09-23 20:14 - 00000000 ____D () C:\FRST
2014-09-23 20:13 - 2014-09-23 20:13 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 2474388848
2014-09-23 20:13 - 2014-09-23 20:13 - 00000804 _____ () C:\Windows\Tasks\Security Center Update - 2474388848.job
2014-09-23 20:13 - 2014-09-23 20:13 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Ebemseyf
2014-09-23 20:13 - 2014-02-16 05:48 - 00365056 _____ (Sensible Vision ) C:\Windows\SysWOW64\feuwisixo.exe
2014-09-22 18:22 - 2014-09-22 18:28 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Ipwvsoft
2014-09-22 18:22 - 2014-09-22 18:23 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Edkction
2014-09-21 20:32 - 2014-09-21 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrashPlan
2014-09-21 20:32 - 2014-09-21 20:32 - 00000000 ____D () C:\Program Files\CrashPlan
2014-09-21 20:28 - 2014-09-21 20:28 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-21 13:28 - 2014-09-23 20:10 - 00001960 _____ () C:\Windows\setupact.log
2014-09-21 13:28 - 2014-09-22 18:07 - 00000000 ____D () C:\Users\Isaac\AppData\Local\SugarSync
2014-09-21 13:28 - 2014-09-21 18:03 - 00012718 _____ () C:\Windows\PFRO.log
2014-09-21 13:28 - 2014-09-21 13:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 13:27 - 2014-09-21 13:27 - 00000000 _____ () C:\asc_rdflag
2014-09-18 22:45 - 2014-09-18 22:45 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-09-18 22:31 - 2014-09-22 18:26 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-18 22:31 - 2014-09-21 13:02 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Voleawud
2014-09-16 20:27 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Isaac\Desktop\TDSSKiller.exe
2014-09-15 18:59 - 2014-09-15 18:59 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-15 18:59 - 2014-09-15 18:59 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-15 18:44 - 2014-09-22 22:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 18:44 - 2014-09-15 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 18:44 - 2014-09-15 18:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 18:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-15 18:44 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-13 09:43 - 2014-09-13 09:43 - 00000219 _____ () C:\Users\Isaac\Desktop\Citation.enw
2014-09-13 09:12 - 2014-09-13 09:12 - 00003023 _____ () C:\Users\Isaac\Desktop\Citation.RIS
2014-09-09 22:26 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-09 22:26 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-09 22:26 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-09 22:26 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-09 22:26 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-09 22:26 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-09 22:26 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-09 22:26 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-09 22:26 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-09 22:26 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-09 22:26 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-09 22:26 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-09 22:26 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-09 22:26 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-09 22:26 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-09 22:26 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-09 22:26 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-09 22:26 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-09 22:26 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-09 22:26 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-09 22:26 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-09 22:26 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-09 22:26 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-09 22:26 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-09 22:26 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-09 22:26 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-09 22:26 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-09 22:26 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-09 22:26 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-09 22:26 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-09 22:26 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-09 22:26 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-09 22:26 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-09 22:26 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-09 22:26 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-09 22:26 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-09 22:26 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-09 22:26 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-09 22:26 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-09 22:26 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-09 22:26 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-09 22:26 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-09 22:26 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-09 22:26 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-09 22:26 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-09 22:26 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-09 22:26 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-09 22:26 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-09 22:26 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-09 22:26 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-09 22:26 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-09 22:26 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-09 22:26 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-09 22:26 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-09 22:26 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-09 22:26 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-09 22:21 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-09 22:21 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 22:14 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 22:14 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 22:14 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 22:14 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 22:14 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 22:14 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 22:14 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-09 22:14 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-09 22:14 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\Program Files\iTunes
2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\Program Files\iPod
2014-08-27 17:53 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 17:53 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 17:53 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 05:18 - 2014-08-27 05:18 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-27 04:34 - 2014-08-27 17:51 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Adobe
2014-08-25 18:36 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-25 18:36 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-25 18:36 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-25 18:36 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-25 18:36 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-25 18:36 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-25 18:36 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-25 18:36 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-25 18:36 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-25 18:36 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-25 18:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-25 18:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-25 18:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-25 18:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-24 11:04 - 2014-08-24 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFA Draft Tools
2014-08-24 11:03 - 2014-08-24 18:15 - 00000000 ____D () C:\Program Files (x86)\FFA Draft Tools
2014-08-24 10:41 - 2014-08-24 10:42 - 00000000 ____D () C:\Users\Isaac\.android
2014-08-24 10:23 - 2014-08-24 10:41 - 00000000 ____D () C:\android-sdk-win
2014-08-24 10:21 - 2014-08-24 10:51 - 00000000 ____D () C:\Users\Isaac\.titanium
2014-08-24 10:21 - 2014-08-24 10:21 - 00000000 ____D () C:\bbndk
2014-08-24 10:20 - 2014-08-24 10:20 - 00000000 ____D () C:\Users\Isaac\.node-gyp
2014-08-24 10:16 - 2014-08-24 10:51 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\npm-cache
2014-08-24 10:16 - 2014-08-24 10:20 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\npm
2014-08-24 10:16 - 2014-08-24 10:18 - 00000000 ____D () C:\ProgramData\Titanium
2014-08-24 10:16 - 2014-08-24 10:16 - 00000000 ____D () C:\Users\Isaac\Aptana Rubles
2014-08-24 10:16 - 2014-08-24 10:16 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Research In Motion
2014-08-24 10:16 - 2014-08-24 10:16 - 00000000 ____D () C:\Users\Isaac\.eclipse
2014-08-24 09:39 - 2014-08-24 09:39 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Caphyon
2014-08-24 09:37 - 2014-08-24 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-08-24 09:36 - 2014-08-24 09:37 - 00000000 ____D () C:\Program Files (x86)\Git
2014-08-24 09:36 - 2014-08-24 09:36 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2014-08-24 09:36 - 2014-08-24 09:36 - 00000000 ____D () C:\Program Files (x86)\nodejs
2014-08-24 09:35 - 2014-08-24 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-24 09:32 - 2014-08-24 10:59 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Appcelerator
2014-08-24 08:52 - 2014-08-24 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inno Setup 5
2014-08-24 08:52 - 2014-08-24 08:52 - 00000000 ____D () C:\Program Files (x86)\Inno Setup 5

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 20:14 - 2014-09-23 20:14 - 00000000 ____D () C:\FRST
2014-09-23 20:14 - 2014-03-10 23:48 - 01247319 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 20:13 - 2014-09-23 20:13 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 2474388848
2014-09-23 20:13 - 2014-09-23 20:13 - 00000804 _____ () C:\Windows\Tasks\Security Center Update - 2474388848.job
2014-09-23 20:13 - 2014-09-23 20:13 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Ebemseyf
2014-09-23 20:11 - 2013-08-05 22:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-23 20:10 - 2014-09-21 13:28 - 00001960 _____ () C:\Windows\setupact.log
2014-09-23 20:10 - 2013-08-07 18:34 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-09-23 20:10 - 2013-08-06 20:16 - 00000000 ____D () C:\Windows\SysWOW64\logishrd
2014-09-23 20:10 - 2013-08-06 20:16 - 00000000 ____D () C:\Windows\system32\logishrd
2014-09-23 20:10 - 2013-08-05 22:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-23 20:10 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 22:32 - 2014-03-30 09:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 22:17 - 2013-08-06 21:38 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-58656305-2653736570-3729509596-1000UA.job
2014-09-22 22:14 - 2009-07-14 00:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 22:14 - 2009-07-14 00:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 22:13 - 2009-07-14 01:13 - 00817526 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 22:10 - 2014-09-15 18:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-22 22:08 - 2013-12-01 21:28 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-22 22:05 - 2013-08-05 22:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-22 21:59 - 2013-08-06 21:21 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Last.fm
2014-09-22 21:19 - 2013-08-06 19:39 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\GitHub
2014-09-22 21:19 - 2013-08-06 19:39 - 00000000 ____D () C:\Users\Isaac\AppData\Local\GitHub
2014-09-22 21:17 - 2013-08-06 19:34 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Deployment
2014-09-22 18:28 - 2014-09-22 18:22 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Ipwvsoft
2014-09-22 18:26 - 2014-09-18 22:31 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-22 18:23 - 2014-09-22 18:22 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Edkction
2014-09-22 18:17 - 2013-08-05 22:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 18:07 - 2014-09-21 13:28 - 00000000 ____D () C:\Users\Isaac\AppData\Local\SugarSync
2014-09-22 18:07 - 2013-08-06 21:32 - 00000000 ____D () C:\BTGUARD
2014-09-21 22:32 - 2009-07-14 01:08 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-21 21:30 - 2013-08-11 22:55 - 00000600 _____ () C:\Users\Isaac\AppData\Local\PUTTY.RND
2014-09-21 21:26 - 2013-08-18 15:27 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\vlc
2014-09-21 21:20 - 2013-08-11 22:49 - 00000600 _____ () C:\Users\Isaac\AppData\Roaming\winscp.rnd
2014-09-21 20:32 - 2014-09-21 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrashPlan
2014-09-21 20:32 - 2014-09-21 20:32 - 00000000 ____D () C:\Program Files\CrashPlan
2014-09-21 20:32 - 2013-08-06 17:24 - 00000000 ____D () C:\ProgramData\CrashPlan
2014-09-21 20:28 - 2014-09-21 20:28 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-21 18:03 - 2014-09-21 13:28 - 00012718 _____ () C:\Windows\PFRO.log
2014-09-21 16:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Registration
2014-09-21 15:25 - 2013-08-06 21:38 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-58656305-2653736570-3729509596-1000Core.job
2014-09-21 13:28 - 2014-09-21 13:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 13:27 - 2014-09-21 13:27 - 00000000 _____ () C:\asc_rdflag
2014-09-21 13:27 - 2013-12-02 19:20 - 79978496 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-09-21 13:27 - 2013-12-02 19:20 - 52858880 _____ () C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-09-21 13:27 - 2013-12-02 19:20 - 00307200 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-09-21 13:27 - 2013-12-02 19:20 - 00032768 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-09-21 13:27 - 2013-12-02 19:20 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-09-21 13:27 - 2013-11-18 19:42 - 00000000 ____D () C:\Windows\Minidump
2014-09-21 13:27 - 2013-08-05 21:26 - 00000000 ____D () C:\Users\Isaac
2014-09-21 13:21 - 2013-08-05 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
2014-09-21 13:08 - 2013-09-01 19:12 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Amazon Cloud Player
2014-09-21 13:02 - 2014-09-18 22:31 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Voleawud
2014-09-20 19:24 - 2013-08-06 08:12 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-09-20 19:24 - 2013-08-06 08:12 - 00002210 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-09-20 19:24 - 2013-08-06 08:12 - 00002049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-09-18 22:45 - 2014-09-18 22:45 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-09-15 19:04 - 2009-07-14 00:45 - 00415032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-15 18:59 - 2014-09-15 18:59 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-15 18:59 - 2014-09-15 18:59 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-15 18:59 - 2014-09-15 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-15 18:55 - 2013-08-05 22:54 - 00109704 _____ () C:\Users\Isaac\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-15 18:54 - 2014-05-12 23:10 - 00002886 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-09-15 18:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\security
2014-09-15 18:53 - 2013-12-01 21:28 - 00002854 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_Isaac
2014-09-15 18:53 - 2013-12-01 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-09-15 18:46 - 2013-08-06 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-15 18:46 - 2013-08-06 21:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-15 18:44 - 2014-09-15 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 18:44 - 2014-09-15 18:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 18:44 - 2013-09-07 12:06 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Malwarebytes
2014-09-15 18:36 - 2013-10-26 19:16 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Media Player Classic
2014-09-13 09:43 - 2014-09-13 09:43 - 00000219 _____ () C:\Users\Isaac\Desktop\Citation.enw
2014-09-13 09:12 - 2014-09-13 09:12 - 00003023 _____ () C:\Users\Isaac\Desktop\Citation.RIS
2014-09-11 22:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-10 00:33 - 2014-08-12 20:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 00:32 - 2013-08-05 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-10 00:32 - 2013-08-05 23:01 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-09 22:26 - 2013-08-06 07:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-09 22:26 - 2013-08-06 07:22 - 00809648 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-09 22:25 - 2013-08-06 00:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-09 22:21 - 2013-08-05 22:44 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-09 20:32 - 2014-03-30 09:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 20:32 - 2014-03-30 09:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 20:32 - 2014-03-30 09:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\Program Files\iTunes
2014-09-09 20:29 - 2014-09-09 20:29 - 00000000 ____D () C:\Program Files\iPod
2014-09-09 20:29 - 2013-08-06 07:50 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-27 17:51 - 2014-08-27 04:34 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Adobe
2014-08-27 05:18 - 2014-08-27 05:18 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 18:15 - 2014-08-24 11:03 - 00000000 ____D () C:\Program Files (x86)\FFA Draft Tools
2014-08-24 13:35 - 2013-08-06 19:40 - 00000000 ____D () C:\Users\Isaac\.ssh
2014-08-24 11:11 - 2014-08-24 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FFA Draft Tools
2014-08-24 10:59 - 2014-08-24 09:32 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Appcelerator
2014-08-24 10:51 - 2014-08-24 10:21 - 00000000 ____D () C:\Users\Isaac\.titanium
2014-08-24 10:51 - 2014-08-24 10:16 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\npm-cache
2014-08-24 10:42 - 2014-08-24 10:41 - 00000000 ____D () C:\Users\Isaac\.android
2014-08-24 10:41 - 2014-08-24 10:23 - 00000000 ____D () C:\android-sdk-win
2014-08-24 10:21 - 2014-08-24 10:21 - 00000000 ____D () C:\bbndk
2014-08-24 10:20 - 2014-08-24 10:20 - 00000000 ____D () C:\Users\Isaac\.node-gyp
2014-08-24 10:20 - 2014-08-24 10:16 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\npm
2014-08-24 10:18 - 2014-08-24 10:16 - 00000000 ____D () C:\ProgramData\Titanium
2014-08-24 10:16 - 2014-08-24 10:16 - 00000000 ____D () C:\Users\Isaac\Aptana Rubles
2014-08-24 10:16 - 2014-08-24 10:16 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Research In Motion
2014-08-24 10:16 - 2014-08-24 10:16 - 00000000 ____D () C:\Users\Isaac\.eclipse
2014-08-24 09:39 - 2014-08-24 09:39 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Caphyon
2014-08-24 09:37 - 2014-08-24 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-08-24 09:37 - 2014-08-24 09:36 - 00000000 ____D () C:\Program Files (x86)\Git
2014-08-24 09:36 - 2014-08-24 09:36 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2014-08-24 09:36 - 2014-08-24 09:36 - 00000000 ____D () C:\Program Files (x86)\nodejs
2014-08-24 09:35 - 2014-08-24 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-24 09:35 - 2013-08-05 22:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-24 08:52 - 2014-08-24 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inno Setup 5
2014-08-24 08:52 - 2014-08-24 08:52 - 00000000 ____D () C:\Program Files (x86)\Inno Setup 5

Some content of TEMP:
====================
C:\Users\Isaac\AppData\Local\Temp\avgnt.exe
C:\Users\Isaac\AppData\Local\Temp\UpdateFlashPlayer_0a34bb54.exe
C:\Users\Isaac\AppData\Local\Temp\UpdateFlashPlayer_b7ad15c7.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-22 19:56

==================== End Of Log ============================

Here's Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014
Ran by Isaac at 2014-09-23 20:15:06
Running from F:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Allway Sync version 14.0.1 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 1.5.0.341 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-7840W (HKLM-x32\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
BTGuard 2.6 (HKCU\...\BTGuard 2.6) (Version:  - )
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CrashPlan (HKLM\...\{F80817FB-59A8-4591-AFB3-A8949D573B87}) (Version: 3.6.3 - Code 42 Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.1.0.7705 - Thomson Reuters)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
File Renamer - Basic (HKLM-x32\...\File Renamer - Basic) (Version: 6.3 - Sherrod Computers)
G*Power 3.1.7 (HKLM-x32\...\{80A4F598-7460-41BC-AC15-B7E4545838E4}) (Version: 3.1.7 - Franz Faul, Uni Kiel, Germany)
Git version 1.8.4-preview20130916 (HKLM-x32\...\Git_is1) (Version: 1.8.4-preview20130916 - The Git Development Community)
GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 2.3.1.1 - GitHub, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
Inno Setup version 5.5.5 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.5 - jrsoftware.org)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Juniper Networks Network Connect 7.3.1 (HKLM-x32\...\Juniper Network Connect 7.3.1) (Version: 7.3.1.21949 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.3.1.26369 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.00.1778.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.00.1774.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.00.1774.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Lyrics Plugin for iTunes (HKLM-x32\...\{5B0E58BD-1F06-4A17-80FB-7C93C5FD039B}) (Version: 0.4 - Lyrics Plugin)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mplus Version 6.11 Base Program and Multilevel Add-On (64-bit) (HKLM\...\{6D5F124D-78E4-4ABD-8423-452E8FDC98E6}) (Version: 6.1.1000 - Muthen & Muthen)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Node.js (HKLM-x32\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.7 - Power Software Ltd)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
R for Windows 3.0.2 (HKLM\...\R for Windows 3.0.2_is1) (Version: 3.0.2 - R Core Team)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.507 - RStudio)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.9 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.9.106 - Skype Technologies S.A.)
SlingPlayer (HKLM-x32\...\InstallShield_{3D08333C-C366-425D-8C2D-D05630D68A46}) (Version: 2.0.4522 - Sling Media)
SlingPlayer (x32 Version: 2.0.4522 - Sling Media) Hidden
Songbird 2.2.0 (Build 2453) (HKLM-x32\...\Songbird-release-2453) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
SugarSync (HKLM-x32\...\SugarSync) (Version: 2.0.46.127183 - SugarSync, Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TagScanner 5.1.643 (HKLM-x32\...\TagScanner_is1) (Version:  - Sergey Serkov)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
theRenamer 7.66 (HKLM-x32\...\{55B6344C-AE4F-4DA8-BF32-D7AE0CB4D2BE}_is1) (Version:  - theRenamer)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{AC36E3B7-5095-43B9-9A74-928420F88714}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{DBAC8ED2-9287-499E-AD66-590C7413C7DE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{393B360E-62F8-463D-B914-1ECDC1359A46}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-58656305-2653736570-3729509596-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Isaac\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-58656305-2653736570-3729509596-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-58656305-2653736570-3729509596-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Isaac\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

15-09-2014 22:58:35 Windows Modules Installer
21-09-2014 20:21:21 Installed CrashPlan
21-09-2014 23:00:04 Windows Backup
22-09-2014 00:27:28 Removed CrashPlan
22-09-2014 00:32:17 Installed CrashPlan
22-09-2014 01:31:58 Windows Backup
22-09-2014 01:34:50 Windows Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-09-18 22:45 - 00001394 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
107.181.174.68 www.google-analytics.com.
107.181.174.68 google-analytics.com.
107.181.174.68 connect.facebook.net.
188.40.62.184 www.google-analytics.com.
188.40.62.184 google-analytics.com.
188.40.62.184 connect.facebook.net.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0371F5CC-CD7D-497D-A725-D4A5935092A5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-58656305-2653736570-3729509596-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {0A0B3DE5-7E57-474B-B2B6-C4398BE226BB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {0F02BD9F-DA21-4D0C-A49B-6AA68BDDF59E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-58656305-2653736570-3729509596-1000UA => C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
Task: {1459A811-4DBD-4FB2-8631-FFC8DBE7876F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {257827AA-BE58-47A4-AF57-104AA50A5FB4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {26ADA955-08B9-492B-A4DD-A8B5698525C4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-58656305-2653736570-3729509596-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3137D5AE-547F-4738-BF61-F111BB22A4E4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-58656305-2653736570-3729509596-1000Core => C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
Task: {3B59D9B9-7C57-4B4F-9A98-A5A0E46635E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {3DBD103C-AF0A-4AE9-B586-4CF4AFF02DFF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {4999FC40-B4D1-48D8-A12E-128E5CD924B7} - System32\Tasks\Amazon Music Helper => C:\Users\Isaac\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {7289688B-69DE-4D63-BD90-5347363E9B93} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {8552FEC4-FBA6-4636-BE95-5FF0C7852C6A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {9CFB449E-E824-4490-AC1F-060E3C03FB72} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-05] (Google Inc.)
Task: {A164A4B7-99CC-45E8-8C14-CACAB60BA2B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-05] (Google Inc.)
Task: {A581CD9E-A5B5-41A3-A1EB-7E2C0653C2BA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {B02ED1E4-51FD-453C-A2F0-A2A37033D0AB} - System32\Tasks\Security Center Update - 2474388848 => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [2014-02-16] (Sensible Vision ) <==== ATTENTION
Task: {B0BD1D1B-A87F-459D-ABEF-FD46FF683523} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B2E69086-C28A-43A1-A988-180462B72711} - System32\Tasks\ASC7_SkipUac_Isaac => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {D9BEFC6F-C6F1-4A26-AC28-EF9A05801D80} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit)
Task: {DD2DB2FC-3012-44E8-B789-95E880FAE98D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-58656305-2653736570-3729509596-1000Core.job => C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-58656305-2653736570-3729509596-1000UA.job => C:\Users\Isaac\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Security Center Update - 2474388848.job => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-08-05 22:40 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-07 11:33 - 2013-12-12 17:02 - 00182784 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
2014-06-26 15:07 - 2014-06-26 15:07 - 00014848 _____ () C:\Program Files\CrashPlan\md564.dll
2014-06-26 15:07 - 2014-06-26 15:07 - 00230400 _____ () C:\Program Files\CrashPlan\cpnative64.dll
2014-09-15 18:34 - 2014-09-15 18:34 - 03140096 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-15 18:34 - 2014-09-15 18:34 - 02498560 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2013-10-11 01:31 - 2014-05-06 14:03 - 00301920 _____ () C:\Program Files (x86)\SugarSync\x64\SugarSyncVFSNamespace64.dll
2013-09-07 11:33 - 2013-12-12 14:48 - 00094416 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2013-12-01 21:28 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-09-07 11:33 - 2013-10-10 11:21 - 00043520 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncHook.dll
2013-08-20 20:28 - 2014-05-06 11:24 - 00013824 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2013-12-08 21:38 - 2014-05-19 20:20 - 00103424 _____ () C:\Program Files (x86)\Samsung Magician\PAL.dll
2013-12-08 21:38 - 2014-05-19 20:20 - 00039424 _____ () C:\Program Files (x86)\Samsung Magician\SATA.dll
2013-12-08 21:38 - 2014-05-19 20:19 - 00038400 _____ () C:\Program Files (x86)\Samsung Magician\SAT.dll
2013-12-08 21:38 - 2014-05-19 20:20 - 00031232 _____ () C:\Program Files (x86)\Samsung Magician\SMINI.dll
2013-12-08 21:38 - 2014-05-19 20:19 - 00029696 _____ () C:\Program Files (x86)\Samsung Magician\SAS.dll
2013-10-03 18:28 - 2013-10-03 18:28 - 00052736 _____ () C:\Program Files (x86)\SugarSync\librsync.dll
2013-10-11 01:56 - 2014-05-06 14:35 - 00238944 _____ () C:\Program Files (x86)\SugarSync\SugarSyncVFSNamespace32.dll
2013-09-07 11:33 - 2013-12-12 17:02 - 08206336 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2014-08-12 18:29 - 2014-08-12 18:29 - 03219456 _____ () C:\Users\Isaac\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-22 18:22 - 2014-09-22 18:22 - 00052736 _____ () C:\Users\Isaac\AppData\Local\Ipwvsoft\MetaSupport.dll
2014-09-20 18:14 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Isaac\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-08-06 21:21 - 2013-09-03 14:01 - 00736768 _____ () C:\Program Files (x86)\Last.fm\unicorn.dll
2013-08-06 21:21 - 2013-09-03 14:01 - 00032768 _____ () C:\Program Files (x86)\Last.fm\logger.dll
2013-08-06 21:21 - 2013-09-03 10:54 - 00351232 _____ () C:\Program Files (x86)\Last.fm\lastfm.dll
2013-08-06 21:21 - 2013-09-03 14:01 - 00126976 _____ () C:\Program Files (x86)\Last.fm\listener.dll
2013-08-06 21:21 - 2013-01-18 12:39 - 00302592 _____ () C:\Program Files (x86)\Last.fm\phonon.dll
2013-09-04 16:36 - 2013-01-18 12:49 - 00182784 _____ () C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
2013-08-06 21:21 - 2012-12-13 01:12 - 00111104 _____ () C:\Program Files (x86)\Last.fm\libvlc.dll
2013-08-06 21:21 - 2012-12-13 01:13 - 02286592 _____ () C:\Program Files (x86)\Last.fm\libvlccore.dll
2013-09-04 16:36 - 2012-12-13 01:13 - 00049664 _____ () C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
2010-05-07 18:35 - 2010-05-07 18:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2010-05-07 18:35 - 2010-05-07 18:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2010-05-07 18:36 - 2010-05-07 18:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2010-05-07 18:37 - 2010-05-07 18:37 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2010-05-07 18:37 - 2010-05-07 18:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2014-09-13 09:07 - 2014-09-03 23:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-13 09:07 - 2014-09-03 23:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2013-08-06 21:23 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-09-23 20:11 - 2014-09-23 20:11 - 00098816 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32api.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00110080 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\pywintypes27.dll
2014-09-23 20:11 - 2014-09-23 20:11 - 00364544 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\pythoncom27.dll
2014-09-23 20:11 - 2014-09-23 20:11 - 00045568 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\_socket.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 01160704 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\_ssl.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00320512 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32com.shell.shell.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00713216 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\_hashlib.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 01175040 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\wx._core_.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00805888 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\wx._gdi_.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00811008 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\wx._windows_.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 01062400 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\wx._controls_.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00735232 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\wx._misc_.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00128512 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\_elementtree.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00127488 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\pyexpat.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00557056 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\pysqlite2._sqlite.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00007168 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\hashobjs_ext.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00087552 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\_ctypes.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00119808 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32file.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00108544 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32security.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00018432 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32event.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00038912 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32inet.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00070656 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\wx._html2.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00167936 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32gui.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00011264 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32crypt.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00027136 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\_multiprocessing.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00686080 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\unicodedata.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00122368 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\wx._wizard.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00010240 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\select.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00024064 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32pipe.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00025600 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32pdh.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00525640 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\windows._lib_cacheinvalidation.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00035840 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32process.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00017408 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32profile.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00022528 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\win32ts.pyd
2014-09-23 20:11 - 2014-09-23 20:11 - 00078336 _____ () C:\Users\Isaac\AppData\Local\Temp\_MEI49442\wx._animate.pyd
2014-09-13 09:07 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-13 09:07 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-13 09:07 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Edkction => regsvr32.exe
MSCONFIG\startupreg: Ocqcics => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Isaac\AppData\Local\Ipwvsoft\bridgeHelper.dll

==================== Faulty Device Manager Devices =============

Name: qknfd
Description: qknfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: qknfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2014 10:07:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program regsvr32.exe version 6.1.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 131c

Start Time: 01cfd6d31f7303af

Termination Time: 4

Application Path: C:\Windows\System32\regsvr32.exe

Report Id:

Error: (09/22/2014 09:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(20:7d:74:7e:08:a7@fe80::227d:74ff:fe7e:8a7._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17


System errors:
=============
Error: (09/23/2014 08:13:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Security Center Server - 2474388848 service failed to start due to the following error: 
%%1053

Error: (09/23/2014 08:13:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Security Center Server - 2474388848 service to connect.

Error: (09/23/2014 08:11:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (09/23/2014 08:11:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (09/23/2014 08:11:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535

Error: (09/23/2014 08:11:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (09/23/2014 08:11:38 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (09/23/2014 08:11:38 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (09/23/2014 08:11:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535

Error: (09/23/2014 08:11:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (09/22/2014 10:07:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: regsvr32.exe6.1.7600.16385131c01cfd6d31f7303af4C:\Windows\System32\regsvr32.exe

Error: (09/22/2014 09:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(20:7d:74:7e:08:a7@fe80::227d:74ff:fe7e:8a7._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (09/22/2014 09:10:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Percentage of memory in use: 36%
Total physical RAM: 12279.18 MB
Available physical RAM: 7803.94 MB
Total Pagefile: 12477.36 MB
Available Pagefile: 7547.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:214.63 GB) (Free:139.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: () (Fixed) (Total:931.51 GB) (Free:166.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive k: () (Fixed) (Total:931.51 GB) (Free:150.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 14F814F7)
Partition 1: (Active) - (Size=214.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 406987BE)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: 469D60DF)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================


#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 24 September 2014 - 07:42 AM

IObit software products are installed on your system!

The company behind this product was found to be stealing other vendor´s products. Personally I would not trust installing any software from a company that resorts to stealing someone's technology to sell their product.

Please see the following links and make up your own mind if you want to keep this on your system. If needed I can help you remove it.
 

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 dadrivr

dadrivr
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 25 September 2014 - 07:45 PM

Deleted IOBit software.  Here's my Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-09-2014
Ran by Isaac at 2014-09-25 20:29:15 Run:1
Running from F:\Downloads\FRST
Loaded Profile: Isaac (Available profiles: Isaac)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
(Sensible Vision ) C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe

Task: C:\Windows\Tasks\Security Center Update - 2474388848.job => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe <==== ATTENTION
Task: {B02ED1E4-51FD-453C-A2F0-A2A37033D0AB} - System32\Tasks\Security Center Update - 2474388848 => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [2014-02-16] (Sensible Vision ) <==== ATTENTION

HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Ipwvsoft] => C:\Users\Isaac\AppData\Local\Ipwvsoft\tmpC8F9.exe
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Edkction] => regsvr32.exe
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Ocqcics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Isaac\AppData\Local\Ipwvsoft\MetaSupport.dll
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Run: [Paosqu] => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [365056 2014-02-16] (Sensible Vision )
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\...\Policies\Explorer: [Run] "C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate\DeviceProperties.exe"
HKLM-x32\...\Run: [Paosqu] => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [365056 2014-02-16] (Sensible Vision )
HKLM\...\Run: [Paosqu] => C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [365056 2014-02-16] (Sensible Vision )

S1 qknfd; system32\drivers\qknfd.sys [X]
R2 SlingAgentService; C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe [94024 2010-11-03] (Sling Media Inc.)
S2 SecurityCenterServer2474388848; C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe [365056 2014-02-16] (Sensible Vision ) [File not signed]

C:\windows\system32\drivers\qknfd.sys
2014-09-23 20:13 - 2014-02-16 05:48 - 00365056 _____ (Sensible Vision ) C:\Windows\SysWOW64\feuwisixo.exe
2014-09-23 20:13 - 2014-09-23 20:13 - 00003816 _____ () C:\Windows\System32\Tasks\Security Center Update - 2474388848
2014-09-23 20:13 - 2014-09-23 20:13 - 00000804 _____ () C:\Windows\Tasks\Security Center Update - 2474388848.job
2014-09-23 20:13 - 2014-09-23 20:13 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Ebemseyf
2014-09-22 18:23 - 2014-09-22 18:22 - 00000000 ____D () C:\Users\Isaac\AppData\Local\Edkction
2014-09-21 13:02 - 2014-09-18 22:31 - 00000000 ____D () C:\Users\Isaac\AppData\Roaming\Voleawud
C:\Users\Isaac\AppData\Local\Ipwvsoft
C:\Users\Isaac\AppData\Roaming\Ebemseyf
C:\Program Files (x86)\Sling Media
C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate

EmptyTemp:
Reboot:
*****************

C:\Users\Isaac\AppData\Roaming\Ebemseyf\ylitt.exe => No running process found
C:\Windows\Tasks\Security Center Update - 2474388848.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B02ED1E4-51FD-453C-A2F0-A2A37033D0AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B02ED1E4-51FD-453C-A2F0-A2A37033D0AB}" => Key deleted successfully.
C:\Windows\System32\Tasks\Security Center Update - 2474388848 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Security Center Update - 2474388848" => Key deleted successfully.
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ipwvsoft => value deleted successfully.
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Edkction => value deleted successfully.
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ocqcics => value deleted successfully.
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Paosqu => Value not found.
HKU\S-1-5-21-58656305-2653736570-3729509596-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\Run => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Paosqu => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Paosqu => Value not found.
qknfd => Service deleted successfully.
SlingAgentService => Service stopped successfully.
SlingAgentService => Service deleted successfully.
SecurityCenterServer2474388848 => Service not found.
"C:\windows\system32\drivers\qknfd.sys" => File/Directory not found.
"C:\Windows\SysWOW64\feuwisixo.exe" => File/Directory not found.
"C:\Windows\System32\Tasks\Security Center Update - 2474388848" => File/Directory not found.
"C:\Windows\Tasks\Security Center Update - 2474388848.job" => File/Directory not found.
C:\Users\Isaac\AppData\Roaming\Ebemseyf => Moved successfully.
"C:\Users\Isaac\AppData\Local\Edkction" => File/Directory not found.
"C:\Users\Isaac\AppData\Roaming\Voleawud" => File/Directory not found.
"C:\Users\Isaac\AppData\Local\Ipwvsoft" => File/Directory not found.
"C:\Users\Isaac\AppData\Roaming\Ebemseyf" => File/Directory not found.
C:\Program Files (x86)\Sling Media => Moved successfully.
C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate => Moved successfully.
EmptyTemp: => Removed 943 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

Here's my Malwarebytes log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/25/2014
Scan Time: 8:32:34 PM
Logfile: 
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.25.11
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Isaac

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 317201
Time Elapsed: 6 min, 4 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 1
Trojan.Dorkbot.ED, C:\ProgramData\Microsoft\Secure\Icons\temp\tmp6759.exe, 7564, Delete-on-Reboot, [e4fb27ca413a072f4659447f19e822de]

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 2
Trojan.Dorkbot.ED, HKU\S-1-5-21-58656305-2653736570-3729509596-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Ipwvsoft, C:\Users\Isaac\AppData\Local\Ipwvsoft\tmp6759.exe, Delete-on-Reboot, [dc035b96cfac87afd8c7f9ca966be818]
Hijack.Autorun, HKU\S-1-5-21-58656305-2653736570-3729509596-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\COMMAND PROCESSOR|AutoRun, "C:\Users\Isaac\AppData\Roaming\Microsoft\Windows\IEUpdate\systeminfo.exe", Delete-on-Reboot, [8857c72a9ae194a2050ffe4148bb4eb2]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
Trojan.Dorkbot.ED, C:\ProgramData\Microsoft\Secure\Icons\temp\tmp6759.exe, Delete-on-Reboot, [e4fb27ca413a072f4659447f19e822de], 
Trojan.Dorkbot.ED, C:\Users\Isaac\AppData\Local\Ipwvsoft\tmp6759.exe, Quarantined, [dc035b96cfac87afd8c7f9ca966be818], 

Physical Sectors: 0
(No malicious items detected)


(end)


#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 26 September 2014 - 06:07 AM

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 dadrivr

dadrivr
  • Topic Starter

  • Members
  • 73 posts
  • OFFLINE
  •  
  • Local time:03:53 PM

Posted 27 September 2014 - 08:10 AM

Please don't lock the thread if I haven't posted the log within 3 days---the ESET scan has been running for over 24 hours and it's only 31% complete!  It has currently identified 10 infected files including:

-Win32/Sefnit.DC trojan

-Win32/Kryptik.CMCU trojan

-Win32/BMFW trojan

-Win64/Sathurbot.A trojan

-Win32/Toolbar.Widgi.B potentially unwanted application

-Win32/Kryptik.CMCU trojan

...

 

Just wanted to give you an update and to say please don't close the thread if I haven't posted the log within 3 days because the scan is taking forever!


Edited by dadrivr, 27 September 2014 - 08:10 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users