Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with tons of adds, pop-ups and redirects - don't know how to remove


  • This topic is locked This topic is locked
8 replies to this topic

#1 fecomputerproblems

fecomputerproblems

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:37 PM

Posted 13 October 2014 - 10:06 PM

When I am on line I get lots of adds, pop-ups and then redirects.  When using Mozilla it keeps freezing and closing.    Not sure what to do to remove these adds. Any suggestions would be appreciated! 

Thanks!

Fe

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 11.0.9600.17280  BrowserJavaVersion: 10.45.2
Run by fkurkowski at 21:51:19 on 2014-10-13
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.2985.1700 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\WLANExt.exe
C:\ProgramData\IePluginServices\PluginService.exe
C:\Windows\system32\conhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Windows\system32\dleacoms.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\RealVNC\VNC Server\vncserver.exe
C:\Program Files\RealVNC\VNC Server\vncserver.exe
C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Dell V310-V510 Series\dleamon.exe
C:\Program Files\Dell V310-V510 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\RealVNC\VNC Server\vncserver.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\dynamiclinkmanager.exe
C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\Adobe QT32 Server.exe
C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.trovi.com/?gd=&ctid=CT3326582&octid=EB_ORIGINAL_CTID&ISID=M9F6911B9-9CB7-42CA-8AB6-2902D54B2BA7&SearchSource=55&CUI=&UM=6&UP=SPC782D62E-F2E0-4106-9506-99235E9E35A1&SSPV=
uDefault_Page_URL = about:blank
mStart Page = about:blank
mSearch Page = hxxp://www.istart123.com/web/?type=ds&ts=1406443370&from=irs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E91AUYFZAUYFZ&q={searchTerms}
mDefault_Page_URL = about:blank
mDefault_Search_URL = hxxp://www.istart123.com/web/?type=ds&ts=1406443370&from=irs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E91AUYFZAUYFZ&q={searchTerms}
uProxyServer = hxxp=127.0.0.1:63717;https=127.0.0.1:63717
uProxyOverride = <-loopback>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - <orphaned>
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Google Update] "c:\users\fkurkowski\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [CAHeadless] c:\program files\adobe\elements 11 organizer\caheadless\ElementsAutoAnalyzer.exe
uRun: [HLBackupScheduler] "c:\program files\verizon cloud\Verizon Cloud Service.exe"
uRun: [GoToMeeting] "c:\users\fkurkowski\appdata\local\citrix\gotomeeting\1350\g2mstart.exe" "/Trigger RunAtLogon"
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IntelPROSet] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [dleamon.exe] "c:\program files\dell v310-v510 series\dleamon.exe"
mRun: [EzPrint] "c:\program files\dell v310-v510 series\ezprint.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [VMM Mode Selection] c:\program files\htc\modeselection\VMMModeSelection.exe
mRun: [fst_us_167] <no file>
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{1ce60928-8325-49a8-8b06-633e48dd2b67}\Icon3E5562ED7.ico
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: ForceStartMenuLogOff = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4C1D2F9D-5CFE-4AC9-BE12-6269D0924FD9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4C1D2F9D-5CFE-4AC9-BE12-6269D0924FD9}\24F696E676F60284F6473707F647 : DHCPNameServer = 8.8.8.8 4.2.2.1
TCP: Interfaces\{4C1D2F9D-5CFE-4AC9-BE12-6269D0924FD9}\3456E6475627 : DHCPNameServer = 10.3.1.30 10.3.1.31
TCP: Interfaces\{4C1D2F9D-5CFE-4AC9-BE12-6269D0924FD9}\65562796A7F6E602D496649623230303025363548302355636572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4C1D2F9D-5CFE-4AC9-BE12-6269D0924FD9}\C496D65644565627 : DHCPNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{B932E337-8DDF-4123-A65F-0872DB43EF7B} : NameServer = 10.3.1.31,10.3.1.30
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll c:\progra~1\suptab\SEARCH~1.DLL
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\fkurkowski\appdata\roaming\mozilla\firefox\profiles\gl91feb1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3316071&CUI=UN19173901401673121&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Trovi search
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\anymeeting plug-in\npcnwplugin.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\users\fkurkowski\appdata\local\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\users\fkurkowski\appdata\local\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\users\fkurkowski\appdata\roaming\mozilla\firefox\profiles\gl91feb1.default\extensions\{9eb34849-81d3-4841-939d-666d522b889a}\plugins\npSlingPlayer.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;c:\windows\system32\drivers\nvpciflt.sys [2012-10-8 24936]
R1 nvkflt;nvkflt;c:\windows\system32\drivers\nvkflt.sys [2012-10-8 197480]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\adobe\elements 11 organizer\PhotoshopElementsFileAgent.exe [2012-9-17 171600]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 CltMngSvc;Search Protect Service;c:\progra~1\searchprotect\main\bin\CltMngSvc.exe [2014-9-2 2998232]
R2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe -service --> c:\windows\system32\dleacoms.exe -service [?]
R2 IePluginServices;IePlugin Services;c:\programdata\iepluginservices\pluginservice.exe -service --> c:\programdata\iepluginservices\PluginService.exe -service [?]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2013-1-25 375120]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2012-11-29 13624]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2013-2-22 47640]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2012-5-29 2656536]
R2 vncserver;VNC Server;c:\program files\realvnc\vnc server\vncserver.exe [2013-1-17 3602312]
R2 Wajam Internet Enhancer Service;Wajam Internet Enhancer Service;c:\program files\wajam\wajam internet enhancer\WajamInternetEnhancerService.exe [2014-9-25 305152]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\intel\wifi\bin\ZeroConfigService.exe [2012-3-29 2324752]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2012-5-29 147360]
R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-5-29 41088]
R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\Netwsn00.sys [2012-3-12 10339840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\dleaserv.exe [2013-2-23 193192]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2014-4-3 315008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2012-5-29 134144]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-9-12 108032]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-9-20 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2014-10-13 23:08:09 3231696 ----a-w- c:\program files\mozilla firefox\d3dcompiler_46.dll
2014-10-12 10:37:14 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c08414df-32a2-46ca-b5e9-2e72f3a7f845}\offreg.dll
2014-10-10 19:21:26 8806800 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c08414df-32a2-46ca-b5e9-2e72f3a7f845}\mpengine.dll
2014-10-05 18:48:23 -------- d-----w- c:\program files\Wajam
2014-09-30 17:15:55 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-23 22:09:03 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-23 13:22:49 -------- d-----w- c:\users\fkurkowski\appdata\local\SearchProtect
2014-09-23 13:22:30 -------- d-----w- c:\program files\SearchProtect
.
==================== Find3M  ====================
.
2014-09-25 18:32:56 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-25 18:32:56 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-15 14:06:04 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-09-02 09:08:14 224728 ----a-w- c:\windows\apppatch\spbin\SPVC64Loader.dll
2014-09-02 09:08:12 7443416 ----a-w- c:\windows\apppatch\spbin\SPVC32.dll
2014-09-02 09:08:12 4813272 ----a-w- c:\windows\apppatch\spbin\SPVC64.dll
2014-09-02 09:08:12 181720 ----a-w- c:\windows\apppatch\spbin\SPVC32Loader.dll
2014-09-02 09:08:12 1726936 ----a-w- c:\windows\apppatch\spbin\SPTool64.exe
2014-08-23 01:46:55 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 00:42:53 2352640 ----a-w- c:\windows\system32\win32k.sys
2014-08-18 22:08:55 4232704 ----a-w- c:\windows\system32\jscript9.dll
2014-08-18 21:57:44 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-08-18 21:57:30 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-08-18 21:46:26 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-08-18 21:44:44 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-08-18 21:36:05 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-08-18 21:35:24 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-08-18 21:30:29 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-08-18 21:22:48 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 21:08:54 2014208 ----a-w- c:\windows\system32\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- c:\windows\system32\wininet.dll
2014-08-01 11:35:06 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-07-25 07:35:46 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
.
============= FINISH: 21:52:17.36 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 14 October 2014 - 04:54 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 fecomputerproblems

fecomputerproblems
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:37 PM

Posted 14 October 2014 - 07:04 AM

Hello Marius. Thank you for your help.  

I have read everything.  

I have just run the FRST scan and posted the "FRST Notepad" and "Additional Notepad" 

I am going to Scan with Gmer rootkit scanner now.

Thank you! Fe 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-10-2014 01
Ran by fkurkowski (administrator) on MOBILE01 on 14-10-2014 06:43:05
Running from C:\Users\fkurkowski\Downloads
Loaded Profile: fkurkowski (Available profiles: fkurkowski & admin & UpdatusUser)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
( ) C:\Windows\System32\dleacoms.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Wajam Internet Technologies Inc.) C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Client Connect LTD) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
() C:\Program Files\Dell V310-V510 Series\dleamon.exe
() C:\Program Files\Dell V310-V510 Series\ezprint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
(Google Inc.) C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
() C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Adobe Systems Incorporated ) C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\dynamiclinkmanager.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\Adobe QT32 Server.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Premiere Elements 11\Adobe Premiere Elements.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Wajam Internet Technologies Inc.) C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [505720 2011-07-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [3421456 2012-03-29] (Intel(R) Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1634112 2012-05-11] ()
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2012-11-29] (LogMeIn, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [dleamon.exe] => C:\Program Files\Dell V310-V510 Series\dleamon.exe [770728 2011-01-23] ()
HKLM\...\Run: [EzPrint] => C:\Program Files\Dell V310-V510 Series\ezprint.exe [139944 2011-01-23] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [VMM Mode Selection] => C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe [43520 2011-02-14] ()
HKLM\...\Run: [fst_us_167] => [X]
HKU\S-1-5-21-1691974619-3592505844-3685532063-1118\...\Run: [Google Update] => C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-20] (Google Inc.)
HKU\S-1-5-21-1691974619-3592505844-3685532063-1118\...\Run: [CAHeadless] => C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [545872 2012-09-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-1691974619-3592505844-3685532063-1118\...\Run: [HLBackupScheduler] => C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe [9384256 2014-02-26] ()
HKU\S-1-5-21-1691974619-3592505844-3685532063-1118\...\Run: [GoToMeeting] => C:\Users\fkurkowski\AppData\Local\Citrix\GoToMeeting\1350\g2mstart.exe [40304 2014-05-02] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-1691974619-3592505844-3685532063-1118\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\S-1-5-21-1691974619-3592505844-3685532063-1118\...\MountPoints2: {6d358b1a-bc05-11e2-8104-d4bed9325136} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-1691974619-3592505844-3685532063-1118\...\MountPoints2: {bf2132c8-f123-11e2-894a-d4bed9325136} - E:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [181720 2014-09-02] (Client Connect LTD)
AppInit_DLLs:  C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\PROGRA~1\SupTab\SEARCH~1.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:63717;https=127.0.0.1:63717
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com/?gd=&ctid=CT3326582&octid=EB_ORIGINAL_CTID&ISID=M9F6911B9-9CB7-42CA-8AB6-2902D54B2BA7&SearchSource=55&CUI=&UM=6&UP=SPC782D62E-F2E0-4106-9506-99235E9E35A1&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123.com/web/?type=ds&ts=1406443370&from=irs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E91AUYFZAUYFZ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istart123.com/web/?type=ds&ts=1406443370&from=irs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E91AUYFZAUYFZ&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.v9.com/?type=sc&ts=1401556275&from=irs&uid=WDCXWD5000BPKT-75PK4T0_WD-WXL1E91AUYFZAUYFZ&i=psd&t=343648404
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={377BD4C5-C8C1-11E2-AC54-D4BED9325136}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3326582&octid=EB_ORIGINAL_CTID&ISID=M9F6911B9-9CB7-42CA-8AB6-2902D54B2BA7&SearchSource=58&CUI=&UM=6&UP=SP5D235652-AA3A-4E97-A895-E12AE2589411&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3326582&octid=EB_ORIGINAL_CTID&ISID=M9F6911B9-9CB7-42CA-8AB6-2902D54B2BA7&SearchSource=58&CUI=&UM=6&UP=SP5D235652-AA3A-4E97-A895-E12AE2589411&q={searchTerms}&SSPV=
SearchScopes: HKCU - {3D942EDA-686B-477B-A0CA-FC24452942D3} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3316071&CUI=UN13464158648980428&UM=2
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpacks.com?src=6&q={searchTerms}&barid={377BD4C5-C8C1-11E2-AC54-D4BED9325136}&crg=3.5000006.10042&st=23
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C ->  No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
Tcpip\..\Interfaces\{B932E337-8DDF-4123-A65F-0872DB43EF7B}: [NameServer] 10.3.1.31,10.3.1.30

FireFox:
========
FF ProfilePath: C:\Users\fkurkowski\AppData\Roaming\Mozilla\Firefox\Profiles\gl91feb1.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3332201&octid=EB_ORIGINAL_CTID&ISID=MA9CCBE4F-049B-47F2-8A2E-CB0385BD7EAB&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP616E5149-40CF-499A-B7AC-CD03D0562738
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @cnw.com/cnwplugin -> C:\Program Files\AnyMeeting Plug-in\npcnwplugin.dll (AnyMeeting, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\fkurkowski\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\fkurkowski\AppData\Roaming\Mozilla\Firefox\Profiles\gl91feb1.default\Extensions\artur.dubovoy@gmail.com [2014-08-03]
FF Extension: WebSlingPlayer - C:\Users\fkurkowski\AppData\Roaming\Mozilla\Firefox\Profiles\gl91feb1.default\Extensions\{9EB34849-81D3-4841-939D-666D522B889A} [2013-06-01]
FF Extension: FreeHDSport TV 3 - C:\Users\fkurkowski\AppData\Roaming\Mozilla\Firefox\Profiles\gl91feb1.default\Extensions\fhdp3@freehdsp.tv.xpi [2013-06-30]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM\...\Firefox\Extensions: [DynamicPricer@dynamic-pricer.com] - C:\Users\fkurkowski\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi
FF Extension: No Name - C:\Users\fkurkowski\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi [2014-07-19]
FF HKLM\...\Firefox\Extensions: [search-snacks@search-snacks.com] - C:\Program Files\Mozilla Firefox\extensions\search-snacks@search-snacks.com

Chrome: 
=======
CHR Profile: C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-20]
CHR Extension: (Google Drive) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-20]
CHR Extension: (YouTube) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-20]
CHR Extension: (Google Search) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-20]
CHR Extension: (Kindle Cloud Reader) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-01-25]
CHR Extension: (SlingPlayer Web Plug-in) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lidgnhlbmoakdjkfhanbhfngcadpaiac [2013-05-29]
CHR Extension: (Skype Click to Call) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-01]
CHR Extension: (Google Wallet) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\fkurkowski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-20]
CHR Extension: (DynamicPricer) - C:\Users\fkurkowski\AppData\Local\DynamicPricer\Chrome [2014-03-19]
CHR HKLM\...\Chrome\Extension: [hchkdglnjoagfcnikmcebkjlfbcbkhnm] - C:\Users\fkurkowski\AppData\Local\CRE\hchkdglnjoagfcnikmcebkjlfbcbkhnm.crx []
CHR HKLM\...\Chrome\Extension: [kkfggacklibaabdomphfdpcodjgihgon] - C:\Program Files\FirstRowSportApp.com\stv10.crx []
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [llipdjclndbefakdjhpnmaafddddgnhk] - C:\Users\fkurkowski\AppData\Local\CRE\llipdjclndbefakdjhpnmaafddddgnhk.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [nbdbmopeebalgaeghmjoegpkngglikgn] - C:\Program Files\FreeHDSport.TV\freehdsporttv10.crx [2013-06-30]
CHR HKLM\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\fkurkowski\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx [2013-09-30]
CHR HKCU\...\Chrome\Extension: [hchkdglnjoagfcnikmcebkjlfbcbkhnm] - C:\Users\fkurkowski\AppData\Local\CRE\hchkdglnjoagfcnikmcebkjlfbcbkhnm.crx [2013-09-30]
CHR HKCU\...\Chrome\Extension: [llipdjclndbefakdjhpnmaafddddgnhk] - C:\Users\fkurkowski\AppData\Local\CRE\llipdjclndbefakdjhpnmaafddddgnhk.crx [2013-09-30]
CHR HKCU\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\fkurkowski\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx [2013-09-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-09-02] (Client Connect LTD)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
S2 dleaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\dleaserv.exe [193192 2010-05-21] ()
R2 dlea_device; C:\Windows\system32\dleacoms.exe [598696 2010-05-21] ( )
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-27] (Cherished Technololgy LIMITED)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [3602312 2012-10-02] (RealVNC Ltd)
R2 Wajam Internet Enhancer Service; C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [305152 2014-09-25] (Wajam Internet Technologies Inc.) [File not signed] <==== ATTENTION
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2324752 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [358224 2012-08-10] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn00.sys [10339840 2012-03-12] (Intel Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [197480 2012-10-08] (NVIDIA Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [24936 2012-10-08] (NVIDIA Corporation)
R0 PxHelp20; C:\Windows\System32\DRIVERS\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2012-10-02] (RealVNC Ltd.)
S4 LMIRfsClientNP; No ImagePath
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 06:43 - 2014-10-14 06:44 - 00021391 _____ () C:\Users\fkurkowski\Downloads\FRST.txt
2014-10-14 06:42 - 2014-10-14 06:43 - 00000000 ____D () C:\FRST
2014-10-14 06:41 - 2014-10-14 06:41 - 01101824 _____ (Farbar) C:\Users\fkurkowski\Downloads\FRST.exe
2014-10-14 06:40 - 2014-10-14 06:40 - 02110464 _____ (Farbar) C:\Users\fkurkowski\Downloads\FRST64.exe
2014-10-13 21:53 - 2014-10-13 21:54 - 00000000 ____D () C:\Users\fkurkowski\Desktop\Computer Problems
2014-10-13 21:52 - 2014-10-13 21:52 - 00017791 _____ () C:\Users\fkurkowski\Desktop\dds.txt
2014-10-13 21:52 - 2014-10-13 21:52 - 00012775 _____ () C:\Users\fkurkowski\Desktop\attach.txt
2014-10-13 21:49 - 2014-10-13 21:50 - 00688992 ____R (Swearware) C:\Users\fkurkowski\Downloads\dds.com
2014-10-13 12:04 - 2014-10-13 12:05 - 00049664 _____ () C:\Users\fkurkowski\Downloads\600 (1).xls
2014-10-13 10:50 - 2014-10-13 10:50 - 01626056 _____ () C:\Users\fkurkowski\Downloads\Setup (4).exe
2014-10-13 10:20 - 2014-10-13 10:20 - 01626048 _____ () C:\Users\fkurkowski\Downloads\Setup (3).exe
2014-10-05 13:48 - 2014-10-05 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-10-05 13:48 - 2014-10-05 13:48 - 00000000 ____D () C:\Program Files\Wajam
2014-10-03 21:40 - 2014-10-03 21:40 - 00001557 _____ () C:\Users\fkurkowski\Downloads\Holiday Inn Hotel & Suites-65995328.vcs
2014-09-30 12:15 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-24 15:57 - 2014-09-24 15:58 - 76230539 _____ () C:\Users\fkurkowski\Downloads\Thirty Million Words® Initiative.mp4
2014-09-23 17:09 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 08:22 - 2014-09-27 08:36 - 00000000 ____D () C:\Users\fkurkowski\AppData\Local\SearchProtect
2014-09-23 08:22 - 2014-09-26 13:34 - 00000000 ____D () C:\Program Files\SearchProtect

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 06:18 - 2012-05-29 09:21 - 02074258 _____ () C:\Windows\WindowsUpdate.log
2014-10-14 06:03 - 2014-05-10 07:03 - 00000000 ____D () C:\Users\fkurkowski\AppData\Local\Backup Assistant Plus
2014-10-14 06:03 - 2014-05-02 11:17 - 00000592 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1691974619-3592505844-3685532063-1118.job
2014-10-14 06:03 - 2013-02-20 21:06 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1691974619-3592505844-3685532063-1118UA.job
2014-10-13 22:37 - 2009-07-13 23:34 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-13 22:37 - 2009-07-13 23:34 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-13 22:36 - 2013-02-23 10:13 - 00116883 _____ () C:\ProgramData\dleascan.log
2014-10-13 22:34 - 2010-11-20 16:01 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-13 22:30 - 2013-01-17 15:26 - 00000000 ____D () C:\temp
2014-10-13 22:30 - 2012-10-29 13:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-13 22:30 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-13 22:30 - 2009-07-13 23:39 - 00219257 _____ () C:\Windows\setupact.log
2014-10-13 19:13 - 2013-04-09 12:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-13 19:13 - 2010-11-20 16:48 - 00130258 _____ () C:\Windows\PFRO.log
2014-10-13 17:31 - 2013-02-27 13:16 - 00000000 ____D () C:\Users\fkurkowski\Documents\Order Forms
2014-10-13 17:04 - 2013-01-17 15:51 - 00000152 _____ () C:\Windows\system32\config\netlogon.ftl
2014-10-13 14:03 - 2013-02-20 21:06 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1691974619-3592505844-3685532063-1118Core.job
2014-10-13 09:12 - 2013-05-31 13:10 - 00000000 ____D () C:\Users\fkurkowski\Desktop\Video Taping at PC
2014-10-12 17:09 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-10 15:09 - 2013-03-11 17:24 - 00491551 _____ () C:\ProgramData\dlea.log
2014-10-09 11:52 - 2013-02-22 15:53 - 00000000 ____D () C:\Users\fkurkowski\Documents\Review Stuff
2014-10-09 09:11 - 2013-02-22 11:05 - 00000000 ____D () C:\Users\fkurkowski\Documents\E-Blasts
2014-10-07 15:25 - 2013-02-22 11:06 - 00000000 ____D () C:\Users\fkurkowski\Documents\MRT
2014-10-07 13:29 - 2013-02-22 11:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-07 12:17 - 2013-02-22 11:04 - 00000000 ____D () C:\Users\fkurkowski\Documents\Data Base Info
2014-10-07 08:09 - 2013-02-22 11:05 - 00000000 ____D () C:\Users\fkurkowski\Documents\For Website - Poster
2014-10-03 12:54 - 2013-02-19 08:55 - 00063488 _____ () C:\Users\fkurkowski\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-03 12:17 - 2013-03-19 09:51 - 00000049 _____ () C:\Users\fkurkowski\Documents\tempFolderPath.dat
2014-10-01 16:36 - 2013-02-22 15:54 - 00000000 ____D () C:\Users\fkurkowski\Documents\Tummy Time
2014-10-01 16:34 - 2009-07-13 23:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-28 22:38 - 2013-10-01 15:18 - 00000000 ____D () C:\Users\fkurkowski\Documents\communication
2014-09-27 08:05 - 2014-08-04 20:05 - 00000000 ____D () C:\Users\fkurkowski\Documents\Feeding
2014-09-27 08:04 - 2013-02-22 15:53 - 00000000 ____D () C:\Users\fkurkowski\Documents\SI Stuff
2014-09-25 17:15 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-09-25 13:32 - 2013-04-17 15:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-25 13:32 - 2013-04-17 15:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-25 13:22 - 2013-02-22 15:53 - 00000000 ____D () C:\Users\fkurkowski\Documents\Staff Information
2014-09-25 13:13 - 2013-02-22 11:01 - 00000000 ____D () C:\Users\fkurkowski\Documents\Conferences
2014-09-24 11:39 - 2013-02-23 10:16 - 00000000 ____D () C:\ProgramData\Dl_cats
2014-09-22 10:59 - 2013-02-22 11:04 - 00000000 ____D () C:\Users\fkurkowski\Documents\Dinner
2014-09-17 17:05 - 2013-02-22 11:00 - 00000000 ____D () C:\Users\fkurkowski\Documents\Brochures & Translations
2014-09-15 18:19 - 2013-05-23 11:15 - 00000000 ____D () C:\Users\fkurkowski\Desktop\2-4-6 Month Motor Course to Go
2014-09-15 09:06 - 2012-05-29 10:27 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-14 13:34 - 2013-02-22 11:01 - 00000000 ____D () C:\Users\fkurkowski\Documents\Con't Ed
2014-09-14 13:13 - 2013-03-28 19:56 - 00000000 ____D () C:\Users\fkurkowski\Documents\Calendar

Some content of TEMP:
====================
C:\Users\fkurkowski\AppData\Local\Temp\1nfg40fe.pgn.exe
C:\Users\fkurkowski\AppData\Local\Temp\1p2ygnky.ytl.exe
C:\Users\fkurkowski\AppData\Local\Temp\1pe4wjlq.ay5.exe
C:\Users\fkurkowski\AppData\Local\Temp\2az04f2m.k23.exe
C:\Users\fkurkowski\AppData\Local\Temp\3rn13ym1.03q.exe
C:\Users\fkurkowski\AppData\Local\Temp\APNSetup.exe
C:\Users\fkurkowski\AppData\Local\Temp\bmxxcf4v.lml.exe
C:\Users\fkurkowski\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\fkurkowski\AppData\Local\Temp\fsl5tnbo.uvg.exe
C:\Users\fkurkowski\AppData\Local\Temp\GenericUninstall.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd5396EB270.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd5397093A0.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd539728F20.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd539858630.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd539900F80.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd5399A5690.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd539A4E0A0.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd539AF6C10.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd539B9F830.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd539C48410.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53C38D491.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53C4360D1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CACD8E1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CACD962.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CBB5D91.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CBB5EE2.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CBBE631.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CBBE6A2.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CCF2EB1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CCF2FB2.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CD9B711.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53CD9B712.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D03E711.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D03E722.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D03E733.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D1531F1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D153352.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D153353.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D2A4811.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D2A4842.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D2A4843.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D2A4844.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D49EC51.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D49EC82.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D49EC83.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D699011.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D699042.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D741C11.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D741C32.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D7EA821.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D7EA832.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D7EA833.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D837751.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D837762.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D837763.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D8E0291.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D8E02A2.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D8E1B81.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53D8E1BA2.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53DCD2411.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E04EC90.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E0E6ED0.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E11CEA0.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E26E510.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E3170E0.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E3BFD20.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E3D0830.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E3D8060.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E3D82B1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E3E0850.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E489210.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E531E10.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E5DAA10.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E683610.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E7D4E10.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E87DA00.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53E926640.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd53F957DB1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd541397C41.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd541592061.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd541633A21.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd5416C92E1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd541771C91.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd54181A891.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd54181A8C2.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd5418C3491.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd5418C34B2.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd541B66491.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd541C0F091.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd541CB7C91.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd541D60891.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd54200BDC1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd542173F91.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd5425B19B1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd5427ABDA1.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd542D9A991.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd543192251.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd543192282.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd543192283.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd543AFD211.exe
C:\Users\fkurkowski\AppData\Local\Temp\GPUpd543C9AB81.exe
C:\Users\fkurkowski\AppData\Local\Temp\hsbing_717_active.exe
C:\Users\fkurkowski\AppData\Local\Temp\hw30ij3z.ldz.exe
C:\Users\fkurkowski\AppData\Local\Temp\i1ophdmq.hwf.exe
C:\Users\fkurkowski\AppData\Local\Temp\jwx0ngcw.mvo.exe
C:\Users\fkurkowski\AppData\Local\Temp\mgsqlite3.dll
C:\Users\fkurkowski\AppData\Local\Temp\nsa11E2.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsa1F55.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsa958.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsb8692.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsb87E8.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsb8A89.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsbA47F.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsbE1B4.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsbF0CD.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsc6120.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsc6BCC.exe
C:\Users\fkurkowski\AppData\Local\Temp\nscC1B6.exe
C:\Users\fkurkowski\AppData\Local\Temp\nse154E.exe
C:\Users\fkurkowski\AppData\Local\Temp\nse6A9.exe
C:\Users\fkurkowski\AppData\Local\Temp\nse9B52.exe
C:\Users\fkurkowski\AppData\Local\Temp\nseE605.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsf24A3.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsf5EA1.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsf9FDC.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsfA5A7.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsfCEFC.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsfD341.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsfF852.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsg7534.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsg8640.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsg8D7C.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsgA3A0.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsgB733.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsgDCF2.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsgECF5.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsh116D.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsh2AAD.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsh2C59.exe
C:\Users\fkurkowski\AppData\Local\Temp\nshE335.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsi666F.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsiDDCA.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsj11A8.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsj5209.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsj8B05.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsjA1D9.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsjCC23.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsjD601.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsjE141.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsk1A16.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsk346E.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsk54FE.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsk5A2D.exe
C:\Users\fkurkowski\AppData\Local\Temp\nskE366.exe
C:\Users\fkurkowski\AppData\Local\Temp\nskE8E4.exe
C:\Users\fkurkowski\AppData\Local\Temp\nskF564.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsl2DA8.exe
C:\Users\fkurkowski\AppData\Local\Temp\nslB6B1.exe
C:\Users\fkurkowski\AppData\Local\Temp\nslBA0C.exe
C:\Users\fkurkowski\AppData\Local\Temp\nslCA95.exe
C:\Users\fkurkowski\AppData\Local\Temp\nslED87.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsm2494.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsm5948.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsm8C79.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsm8F86.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsm9DF5.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsmF292.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsn18D0.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsn6D33.exe
C:\Users\fkurkowski\AppData\Local\Temp\nso123C.exe
C:\Users\fkurkowski\AppData\Local\Temp\nso1A29.exe
C:\Users\fkurkowski\AppData\Local\Temp\nso9E9D.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsoDD1B.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsp4891.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsp570B.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsp9A4F.exe
C:\Users\fkurkowski\AppData\Local\Temp\nspCAA7.exe
C:\Users\fkurkowski\AppData\Local\Temp\nspF276.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsq82AA.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsq9082.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsqC2C5.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsr2C65.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsr3146.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsr4F57.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsr5438.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsr975F.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsrE8A1.exe
C:\Users\fkurkowski\AppData\Local\Temp\nst27B1.exe
C:\Users\fkurkowski\AppData\Local\Temp\nst8355.exe
C:\Users\fkurkowski\AppData\Local\Temp\nst9B31.exe
C:\Users\fkurkowski\AppData\Local\Temp\nstA012.exe
C:\Users\fkurkowski\AppData\Local\Temp\nstA457.exe
C:\Users\fkurkowski\AppData\Local\Temp\nstD859.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsu171D.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsu7642.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsv5759.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsvBDA5.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsvDCC.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsw35AA.exe
C:\Users\fkurkowski\AppData\Local\Temp\nswEA95.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsx2F02.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsx3347.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsy40F4.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsy876B.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsz548A.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsz78D2.exe
C:\Users\fkurkowski\AppData\Local\Temp\nsz7B43.exe
C:\Users\fkurkowski\AppData\Local\Temp\nszCCEB.exe
C:\Users\fkurkowski\AppData\Local\Temp\nszD17E.exe
C:\Users\fkurkowski\AppData\Local\Temp\p052xclj.vcm.exe
C:\Users\fkurkowski\AppData\Local\Temp\pn4nq3wc.4dh.exe
C:\Users\fkurkowski\AppData\Local\Temp\qbvdnqts.bqx.exe
C:\Users\fkurkowski\AppData\Local\Temp\qjzikuyl.pqr.exe
C:\Users\fkurkowski\AppData\Local\Temp\readSTILog.dll
C:\Users\fkurkowski\AppData\Local\Temp\rhaeimgx.kvk.exe
C:\Users\fkurkowski\AppData\Local\Temp\rmq0bwoq.iz1.exe
C:\Users\fkurkowski\AppData\Local\Temp\s2bmjdgn.g4o.exe
C:\Users\fkurkowski\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\fkurkowski\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\fkurkowski\AppData\Local\Temp\Shortcut_BundleSweetIMSetup.exe
C:\Users\fkurkowski\AppData\Local\Temp\sjeafzlo.bvh.exe
C:\Users\fkurkowski\AppData\Local\Temp\spemzyds.1mp.exe
C:\Users\fkurkowski\AppData\Local\Temp\SPStub.exe
C:\Users\fkurkowski\AppData\Local\Temp\SweetIMInstallValidator.exe
C:\Users\fkurkowski\AppData\Local\Temp\tbSwee.dll
C:\Users\fkurkowski\AppData\Local\Temp\tbVgra.dll
C:\Users\fkurkowski\AppData\Local\Temp\tk4sst3g.kfb.exe
C:\Users\fkurkowski\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\fkurkowski\AppData\Local\Temp\uchd04i5.hex.exe
C:\Users\fkurkowski\AppData\Local\Temp\uninstaller.exe
C:\Users\fkurkowski\AppData\Local\Temp\ur1heqh1.ekd.exe
C:\Users\fkurkowski\AppData\Local\Temp\vubpvpsc.00r.exe
C:\Users\fkurkowski\AppData\Local\Temp\WSSetup.exe
C:\Users\fkurkowski\AppData\Local\Temp\y2zqoxuw.lvv.exe
C:\Users\fkurkowski\AppData\Local\Temp\ynexv311.yfe.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 00:16

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-10-2014 01
Ran by fkurkowski at 2014-10-14 06:44:59
Running from C:\Users\fkurkowski\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 8.1.4 - Hewlett-Packard) Hidden
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,9,966,0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AnyMeeting Plug-in (HKLM\...\{CC322A28-34BF-47F3-B2F0-69DBFC46A9F3}) (Version: 2.1.0 - AnyMeeting, Inc.)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cisco Systems VPN Client 5.0.07.0410 (HKLM\...\{1CE60928-8325-49A8-8B06-633E48DD2B67}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Dell Client System Update (HKLM\...\{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}) (Version: 1.2.3 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.125 - ALPS ELECTRIC CO., LTD.)
Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version:  - Dell, Inc.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd)
Elements 11 Organizer (Version: 11.0 - Adobe Systems Incorporated) Hidden
Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FileZilla Client 3.6.0.2 (HKLM\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
GoToMeeting 6.4.4.1831 (HKCU\...\GoToMeeting) (Version: 6.4.4.1831 - CitrixOnline)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Mega Codec Pack 9.7.5 (HKLM\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
LogMeIn (HKLM\...\{36E0F777-19FE-4454-BB2D-84206758EA85}) (Version: 4.1.2651 - LogMeIn, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Control Panel 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA nView 136.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.28 - NVIDIA Corporation)
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PRE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Search Protect (HKLM\...\SearchProtect) (Version: 2.17.2.3 - Client Connect LTD) <==== ATTENTION
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Verizon Cloud (HKLM\...\Verizon Cloud) (Version:  - Verizon Wireless)
VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.)
VNC Server 5.0.3 (HKLM\...\RealVNC_is1) (Version: 5.0.3 - RealVNC Ltd)
Wajam (HKLM\...\Wajam) (Version: 2.15 (i2.5) - Wajam) <==== ATTENTION
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WModem Driver Installer (HKLM\...\HTC_WModemDriver) (Version: 2.0.6.13 - HTC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\fkurkowski\AppData\Local\Google\Chrome\Application\36.0.1985.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Citrix\GoToMeeting\1350\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1691974619-3592505844-3685532063-1118_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\fkurkowski\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

19-09-2014 18:50:55 Windows Update
23-09-2014 22:09:12 Windows Update
24-09-2014 12:06:24 Windows Update
30-09-2014 17:15:57 Windows Update
01-10-2014 08:00:18 Windows Update
07-10-2014 08:43:48 Windows Update
10-10-2014 19:19:57 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-03-08 13:02 - 2014-07-23 20:19 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0DAC71AA-074B-42BD-9213-35A9DEA39A51} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1691974619-3592505844-3685532063-1118Core => C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-20] (Google Inc.)
Task: {3B4E0213-7641-43E8-8F3B-0FC084590192} - System32\Tasks\GPUpdateCheck => C:\Program Files\GetPrivate\gpup.exe [2014-06-09] ()
Task: {9035ED66-95E6-49D2-B60F-2FAA4E54972A} - System32\Tasks\GPUpdate => C:\Program Files\GetPrivate\gpup.exe [2014-06-09] ()
Task: {C3502CBF-B938-49D6-9B43-BB7E646A9BE9} - System32\Tasks\AdobeAAMUpdater-1.0-PATHWAYSCENTER-fkurkowski => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {C71CCD8D-9748-401B-BB1D-479DBD3BB5E5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1691974619-3592505844-3685532063-1118UA => C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-20] (Google Inc.)
Task: {CB950540-80D5-4104-B050-892BFD371E25} - System32\Tasks\G2MUpdateTask-S-1-5-21-1691974619-3592505844-3685532063-1118 => C:\Users\fkurkowski\AppData\Local\Citrix\GoToMeeting\1831\g2mupdate.exe [2014-10-11] (Citrix Online, a division of Citrix Systems, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1691974619-3592505844-3685532063-1118.job => C:\Users\fkurkowski\AppData\Local\Citrix\GoToMeeting\1831\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1691974619-3592505844-3685532063-1118Core.job => C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1691974619-3592505844-3685532063-1118UA.job => C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-29 13:01 - 2012-10-02 14:28 - 00079208 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-02-23 10:14 - 2009-11-04 08:14 - 00157696 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dleadrpp.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-09-27 13:03 - 2010-09-27 13:03 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2012-11-29 16:59 - 2012-11-29 16:59 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-03-19 04:31 - 2014-03-12 10:51 - 00055296 _____ () C:\Users\fkurkowski\AppData\Local\DynamicPricer\IE\DynamicPricer.dll
2012-05-29 10:01 - 2011-06-10 17:36 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2013-02-23 10:12 - 2011-01-23 20:22 - 00770728 _____ () C:\Program Files\Dell V310-V510 Series\dleamon.exe
2013-02-23 10:12 - 2009-11-26 03:49 - 00086180 _____ () C:\Program Files\Dell V310-V510 Series\dleacfg.dll
2013-02-23 10:12 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files\Dell V310-V510 Series\dleascw.dll
2013-02-23 10:13 - 2009-05-27 07:16 - 00192512 _____ () C:\Windows\system32\spool\drivers\w32x86\3\dleadatr.dll
2013-02-23 10:12 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files\Dell V310-V510 Series\dleaDRS.dll
2013-02-23 10:12 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files\Dell V310-V510 Series\dleacaps.dll
2013-02-23 10:12 - 2009-03-05 12:55 - 00059904 _____ () C:\Program Files\Dell V310-V510 Series\dleacnv4.dll
2013-02-23 10:11 - 2009-02-20 03:49 - 00299008 _____ () C:\Windows\system32\dleasm.dll
2013-02-23 10:11 - 2009-02-20 03:50 - 00028672 _____ () C:\Windows\system32\dleasmr.dll
2013-02-23 10:12 - 2011-01-23 20:22 - 00139944 _____ () C:\Program Files\Dell V310-V510 Series\ezprint.exe
2013-02-23 10:12 - 2009-06-22 08:08 - 00708608 _____ () C:\Program Files\Dell V310-V510 Series\Epwizard.DLL
2013-02-23 10:12 - 2009-06-22 08:06 - 00159744 _____ () C:\Program Files\Dell V310-V510 Series\customui.dll
2013-02-23 10:12 - 2009-06-22 08:06 - 00114688 _____ () C:\Program Files\Dell V310-V510 Series\Eputil.DLL
2013-02-23 10:12 - 2009-06-22 08:05 - 00139264 _____ () C:\Program Files\Dell V310-V510 Series\Imagutil.DLL
2013-02-23 10:12 - 2009-06-22 08:06 - 00061440 _____ () C:\Program Files\Dell V310-V510 Series\Epfunct.DLL
2013-02-23 10:12 - 2009-06-22 08:08 - 02203648 _____ () C:\Program Files\Dell V310-V510 Series\EPWizRes.dll
2013-02-23 10:12 - 2009-06-22 08:08 - 00045056 _____ () C:\Program Files\Dell V310-V510 Series\epstring.dll
2013-02-23 10:12 - 2009-06-22 08:08 - 00196608 _____ () C:\Program Files\Dell V310-V510 Series\EPOEMDll.dll
2013-02-23 10:12 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files\Dell V310-V510 Series\iptk.dll
2013-02-23 10:12 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files\Dell V310-V510 Series\dleaptp.dll
2014-05-10 06:59 - 2011-02-14 08:55 - 00043520 ____R () C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
2012-09-17 07:11 - 2012-09-17 07:11 - 02721360 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\AMocWrapper.dll
2012-09-17 07:23 - 2012-09-17 07:23 - 01841232 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ImageRenderer.dll
2012-09-17 07:17 - 2012-09-17 07:17 - 00075344 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\BravoInitializer.dll
2012-09-17 07:17 - 2012-09-17 07:17 - 00181840 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ContentAnalysisHost.dll
2012-09-17 07:13 - 2012-09-17 07:13 - 00139856 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\CAFilters\AudioCAFilter.dll
2012-09-17 07:16 - 2012-09-17 07:16 - 00095312 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\CAFilters\BlurCAFilter.dll
2012-09-17 07:17 - 2012-09-17 07:17 - 00090704 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\CAFilters\BrightnessContrastCAFilter.dll
2012-09-17 07:22 - 2012-09-17 07:22 - 00115792 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\CAFilters\FaceDetectionCAFilter.dll
2012-09-17 07:33 - 2012-09-17 07:33 - 00102480 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\CAFilters\MotionCAFilter.dll
2012-09-17 07:43 - 2012-09-17 07:43 - 00092752 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\CAFilters\ShakeCAFilter.dll
2012-09-17 07:43 - 2012-09-17 07:43 - 00083024 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\CAFilters\SceneDetectCAFilter.sd
2012-09-17 07:17 - 2012-09-17 07:17 - 00199248 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ContentAnalysisData.dll
2012-09-17 07:17 - 2012-09-17 07:17 - 00039504 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ContentAnalysisDBCache.dll
2012-09-17 07:18 - 2012-09-17 07:18 - 00477776 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\Descriptors.dll
2012-09-17 07:26 - 2012-09-17 07:26 - 00040528 _____ () C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\IPLibrary.dll
2014-02-26 02:23 - 2014-02-26 02:23 - 09384256 _____ () C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
2014-02-26 02:21 - 2014-02-26 02:21 - 00684032 _____ () C:\Program Files\Verizon Cloud\libexpat.dll
2014-02-26 02:21 - 2014-02-26 02:21 - 13698048 _____ () C:\Program Files\Verizon Cloud\avcodec-53.dll
2014-02-26 02:21 - 2014-02-26 02:21 - 00139776 _____ () C:\Program Files\Verizon Cloud\avutil-51.dll
2014-02-26 02:21 - 2014-02-26 02:21 - 02523136 _____ () C:\Program Files\Verizon Cloud\avformat-53.dll
2014-02-26 02:21 - 2014-02-26 02:21 - 00302592 _____ () C:\Program Files\Verizon Cloud\swscale-2.dll
2012-09-17 14:48 - 2012-09-17 14:48 - 00124376 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\PreRegistration.dll
2012-09-17 12:06 - 2012-09-17 12:06 - 00073688 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\BravoInitializer.dll
2012-09-17 12:16 - 2012-09-17 12:16 - 00542680 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\EUIFramework.dll
2012-09-17 12:16 - 2012-09-17 12:16 - 00039384 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\HeadlightsWrapper.dll
2012-09-17 14:49 - 2012-09-17 14:49 - 10611160 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\UIFramework.dll
2012-09-17 12:16 - 2012-09-17 12:16 - 19319256 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\HSL.dll
2012-09-17 12:32 - 2012-09-17 12:32 - 00437720 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\Workspace.dll
2012-09-17 14:48 - 2012-09-17 14:48 - 00218584 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\TitlerUI.dll
2012-09-17 14:48 - 2012-09-17 14:48 - 00887256 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\TitlerCreator.dll
2012-09-17 14:49 - 2012-09-17 14:49 - 07543256 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\Mezzanine.dll
2012-09-17 12:06 - 2012-09-17 12:06 - 02720216 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\AMocWrapper.dll
2012-09-17 12:15 - 2012-09-17 12:15 - 00069080 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\DVDStructures.dll
2012-09-17 12:15 - 2012-09-17 12:15 - 00865752 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\DVDCreator.dll
2012-09-17 11:37 - 2012-09-17 11:37 - 00138712 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\AdobeASWrapperClient.dll
2012-09-17 12:06 - 2012-09-17 12:06 - 00035288 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\BackendLegacyLib.dll
2012-09-17 11:10 - 2012-09-17 11:10 - 00030312 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\Localeresources\en_US\Mezzanine_en_US.DLL
2012-09-17 11:10 - 2012-09-17 11:10 - 00022632 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\Localeresources\en_US\HSL_en_US.DLL
2012-09-17 11:10 - 2012-09-17 11:10 - 00043624 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\Localeresources\en_US\HandlerDVDLayout_en_US.DLL
2012-09-17 12:16 - 2012-09-17 12:16 - 01840088 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\ImageRenderer.dll
2012-09-17 14:48 - 2012-09-17 14:48 - 00016344 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\ObjectTrackingWrapper.dll
2013-02-22 11:54 - 2008-12-19 18:26 - 02625536 _____ () C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax
2012-05-29 10:01 - 2011-06-10 17:49 - 13906944 _____ () C:\Windows\system32\ig4icd32.dll
2012-09-17 12:16 - 2012-09-17 12:16 - 02143192 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 11\HandlerSceneline.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

admin (S-1-5-21-4252102916-1871638122-3214160065-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-4252102916-1871638122-3214160065-500 - Administrator - Disabled)
Guest (S-1-5-21-4252102916-1871638122-3214160065-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-4252102916-1871638122-3214160065-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: ssnfd
Description: ssnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ssnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom USH
Description: Broadcom USH
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mass Storage Controller
Description: Mass Storage Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2014 06:03:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3439027

Error: (10/14/2014 06:03:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3439027

Error: (10/14/2014 06:03:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/14/2014 06:03:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3438028

Error: (10/14/2014 06:03:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3438028

Error: (10/14/2014 06:03:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/14/2014 06:03:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3437030

Error: (10/14/2014 06:03:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3437030

Error: (10/14/2014 06:03:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/14/2014 06:03:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3436031


System errors:
=============
Error: (10/14/2014 06:17:36 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain PATHWAYSCENTER due to the following: 
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (10/14/2014 06:05:35 AM) (Source: TermService) (EventID: 1067) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (10/13/2014 10:36:29 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: PATHWAYSCENTER)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/13/2014 10:32:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069

Error: (10/13/2014 10:32:35 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (10/13/2014 10:32:34 PM) (Source: TermService) (EventID: 1067) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (10/13/2014 10:31:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/13/2014 10:30:40 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/13/2014 10:30:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ssnfd

Error: (10/13/2014 10:30:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The dleaCATSCustConnectService service failed to start due to the following error: 
%%1053


Microsoft Office Sessions:
=========================
Error: (08/25/2014 05:33:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 28053 seconds with 4440 seconds of active time.  This session ended with a crash.

Error: (06/10/2014 10:42:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/04/2014 01:49:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 85 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (11/25/2013 02:46:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32436 seconds with 15840 seconds of active time.  This session ended with a crash.

Error: (04/02/2013 11:00:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4382 seconds with 2700 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-06-01 13:18:37.387
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 2985.02 MB
Available physical RAM: 939.84 MB
Total Pagefile: 5968.32 MB
Available Pagefile: 2762.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:151.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 17F3112B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================


#4 fecomputerproblems

fecomputerproblems
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:37 PM

Posted 14 October 2014 - 07:24 AM

Hello again Marius, 

I have run the scan with Gmer rootkit scanner.  

I've posted the report.

Thank you!!!

Fe 

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-10-14 07:18:54
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465.76GB
Running: dicmfm0y.exe; Driver: C:\Users\FKURKO~1\AppData\Local\Temp\pwloypod.sys


---- Devices - GMER 2.1 ----

Device  \Driver\BTHUSB \Device\00000090                                                                  bthport.sys
Device  \Driver\BTHUSB \Device\00000092                                                                  bthport.sys

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\9cb70ded5053                      
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\9cb70ded5053 (not active ControlSet)  

---- EOF - GMER 2.1 ----



#5 fecomputerproblems

fecomputerproblems
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:37 PM

Posted 14 October 2014 - 07:33 AM

Hello Marius - 

I just completed teh Scan with TDSS-Killer

Here is the report.  

Please let me know the next steps. 

Thank you!!

Fe

07:26:27.0230 0x112c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
07:26:43.0253 0x112c  ============================================================
07:26:43.0253 0x112c  Current date / time: 2014/10/14 07:26:43.0253
07:26:43.0253 0x112c  SystemInfo:
07:26:43.0253 0x112c  
07:26:43.0253 0x112c  OS Version: 6.1.7601 ServicePack: 1.0
07:26:43.0253 0x112c  Product type: Workstation
07:26:43.0253 0x112c  ComputerName: MOBILE01
07:26:43.0254 0x112c  UserName: fkurkowski
07:26:43.0254 0x112c  Windows directory: C:\Windows
07:26:43.0254 0x112c  System windows directory: C:\Windows
07:26:43.0254 0x112c  Processor architecture: Intel x86
07:26:43.0254 0x112c  Number of processors: 4
07:26:43.0254 0x112c  Page size: 0x1000
07:26:43.0254 0x112c  Boot type: Normal boot
07:26:43.0254 0x112c  ============================================================
07:26:44.0760 0x112c  KLMD registered as C:\Windows\system32\drivers\62292100.sys
07:26:45.0052 0x112c  System UUID: {7096321F-1566-D5D8-76FB-FBA98E855DC4}
07:26:45.0402 0x112c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:26:45.0404 0x112c  ============================================================
07:26:45.0404 0x112c  \Device\Harddisk0\DR0:
07:26:45.0405 0x112c  MBR partitions:
07:26:45.0405 0x112c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
07:26:45.0405 0x112c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
07:26:45.0405 0x112c  ============================================================
07:26:45.0420 0x112c  C: <-> \Device\Harddisk0\DR0\Partition2
07:26:45.0421 0x112c  ============================================================
07:26:45.0421 0x112c  Initialize success
07:26:45.0421 0x112c  ============================================================
07:26:50.0452 0x1004  ============================================================
07:26:50.0452 0x1004  Scan started
07:26:50.0452 0x1004  Mode: Manual; 
07:26:50.0452 0x1004  ============================================================
07:26:50.0452 0x1004  KSN ping started
07:26:52.0000 0x1004  KSN ping finished: true
07:26:53.0282 0x1004  ================ Scan system memory ========================
07:26:53.0282 0x1004  System memory - ok
07:26:53.0283 0x1004  ================ Scan services =============================
07:26:53.0422 0x1004  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
07:26:53.0430 0x1004  1394ohci - ok
07:26:53.0471 0x1004  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
07:26:53.0479 0x1004  ACPI - ok
07:26:53.0490 0x1004  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
07:26:53.0491 0x1004  AcpiPmi - ok
07:26:53.0630 0x1004  [ BF3818B441955E4D438EC72F06F1FE61, 091A80D6A8887B4B5AFF8D12CB5A96AF4A04B125C13BED815B3A776778CD3190 ] AdobeActiveFileMonitor11.0 C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
07:26:53.0641 0x1004  AdobeActiveFileMonitor11.0 - ok
07:26:53.0740 0x1004  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:26:53.0744 0x1004  AdobeARMservice - ok
07:26:53.0771 0x1004  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:26:53.0784 0x1004  adp94xx - ok
07:26:53.0805 0x1004  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:26:53.0813 0x1004  adpahci - ok
07:26:53.0820 0x1004  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:26:53.0823 0x1004  adpu320 - ok
07:26:53.0848 0x1004  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:26:53.0849 0x1004  AeLookupSvc - ok
07:26:53.0909 0x1004  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
07:26:53.0917 0x1004  AFD - ok
07:26:53.0922 0x1004  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
07:26:53.0924 0x1004  agp440 - ok
07:26:53.0939 0x1004  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
07:26:53.0941 0x1004  aic78xx - ok
07:26:53.0966 0x1004  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
07:26:53.0968 0x1004  ALG - ok
07:26:54.0012 0x1004  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:26:54.0014 0x1004  aliide - ok
07:26:54.0025 0x1004  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
07:26:54.0029 0x1004  amdagp - ok
07:26:54.0062 0x1004  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
07:26:54.0063 0x1004  amdide - ok
07:26:54.0069 0x1004  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:26:54.0071 0x1004  AmdK8 - ok
07:26:54.0077 0x1004  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
07:26:54.0079 0x1004  AmdPPM - ok
07:26:54.0125 0x1004  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
07:26:54.0131 0x1004  amdsata - ok
07:26:54.0155 0x1004  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
07:26:54.0160 0x1004  amdsbs - ok
07:26:54.0174 0x1004  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
07:26:54.0175 0x1004  amdxata - ok
07:26:54.0199 0x1004  [ 476A6EFB2BB338D2854B3751367F8F71, 48DCCE8278EA7B5B37E974302DE5E6B1173A000F704DD789375FBDAB5DA84830 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
07:26:54.0204 0x1004  ApfiltrService - ok
07:26:54.0220 0x1004  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
07:26:54.0221 0x1004  AppID - ok
07:26:54.0236 0x1004  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
07:26:54.0236 0x1004  AppIDSvc - ok
07:26:54.0273 0x1004  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
07:26:54.0277 0x1004  Appinfo - ok
07:26:54.0332 0x1004  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:26:54.0337 0x1004  Apple Mobile Device - ok
07:26:54.0388 0x1004  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
07:26:54.0396 0x1004  AppMgmt - ok
07:26:54.0418 0x1004  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
07:26:54.0422 0x1004  arc - ok
07:26:54.0429 0x1004  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:26:54.0432 0x1004  arcsas - ok
07:26:54.0500 0x1004  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
07:26:54.0524 0x1004  aspnet_state - ok
07:26:54.0554 0x1004  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:26:54.0556 0x1004  AsyncMac - ok
07:26:54.0608 0x1004  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
07:26:54.0610 0x1004  atapi - ok
07:26:54.0657 0x1004  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:26:54.0671 0x1004  AudioEndpointBuilder - ok
07:26:54.0699 0x1004  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
07:26:54.0710 0x1004  Audiosrv - ok
07:26:54.0725 0x1004  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
07:26:54.0727 0x1004  AxInstSV - ok
07:26:54.0751 0x1004  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
07:26:54.0758 0x1004  b06bdrv - ok
07:26:54.0787 0x1004  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
07:26:54.0791 0x1004  b57nd60x - ok
07:26:54.0814 0x1004  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
07:26:54.0816 0x1004  BDESVC - ok
07:26:54.0824 0x1004  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:26:54.0825 0x1004  Beep - ok
07:26:54.0855 0x1004  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
07:26:54.0868 0x1004  BFE - ok
07:26:54.0904 0x1004  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
07:26:54.0930 0x1004  BITS - ok
07:26:54.0941 0x1004  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
07:26:54.0943 0x1004  blbdrive - ok
07:26:55.0030 0x1004  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:26:55.0063 0x1004  Bonjour Service - ok
07:26:55.0093 0x1004  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:26:55.0096 0x1004  bowser - ok
07:26:55.0105 0x1004  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
07:26:55.0106 0x1004  BrFiltLo - ok
07:26:55.0114 0x1004  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
07:26:55.0115 0x1004  BrFiltUp - ok
07:26:55.0154 0x1004  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
07:26:55.0157 0x1004  Browser - ok
07:26:55.0167 0x1004  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
07:26:55.0173 0x1004  Brserid - ok
07:26:55.0179 0x1004  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
07:26:55.0180 0x1004  BrSerWdm - ok
07:26:55.0191 0x1004  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
07:26:55.0192 0x1004  BrUsbMdm - ok
07:26:55.0204 0x1004  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
07:26:55.0205 0x1004  BrUsbSer - ok
07:26:55.0237 0x1004  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
07:26:55.0238 0x1004  BthEnum - ok
07:26:55.0248 0x1004  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:26:55.0249 0x1004  BTHMODEM - ok
07:26:55.0298 0x1004  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
07:26:55.0300 0x1004  BthPan - ok
07:26:55.0346 0x1004  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
07:26:55.0355 0x1004  BTHPORT - ok
07:26:55.0375 0x1004  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
07:26:55.0377 0x1004  bthserv - ok
07:26:55.0408 0x1004  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
07:26:55.0410 0x1004  BTHUSB - ok
07:26:55.0665 0x1004  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
07:26:55.0699 0x1004  c2cautoupdatesvc - ok
07:26:55.0805 0x1004  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
07:26:56.0037 0x1004  c2cpnrsvc - ok
07:26:56.0199 0x1004  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:26:56.0204 0x1004  cdfs - ok
07:26:56.0228 0x1004  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:26:56.0233 0x1004  cdrom - ok
07:26:56.0269 0x1004  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
07:26:56.0272 0x1004  CertPropSvc - ok
07:26:56.0284 0x1004  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
07:26:56.0287 0x1004  circlass - ok
07:26:56.0317 0x1004  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
07:26:56.0333 0x1004  CLFS - ok
07:26:56.0386 0x1004  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:26:56.0390 0x1004  clr_optimization_v2.0.50727_32 - ok
07:26:56.0428 0x1004  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:26:56.0492 0x1004  clr_optimization_v4.0.30319_32 - ok
07:26:56.0654 0x1004  [ 3D07FF372150CCBEE52F58DA87D3AC4A, BDBBB3E3406F6CEDAA8B350213981B314F94F6913C38241D22BFC384C12C1884 ] CltMngSvc       C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
07:26:56.0739 0x1004  CltMngSvc - ok
07:26:56.0755 0x1004  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
07:26:56.0756 0x1004  CmBatt - ok
07:26:56.0782 0x1004  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:26:56.0783 0x1004  cmdide - ok
07:26:56.0843 0x1004  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
07:26:56.0910 0x1004  CNG - ok
07:26:56.0929 0x1004  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
07:26:56.0930 0x1004  Compbatt - ok
07:26:56.0958 0x1004  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
07:26:56.0959 0x1004  CompositeBus - ok
07:26:56.0973 0x1004  COMSysApp - ok
07:26:56.0992 0x1004  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:26:56.0993 0x1004  crcdisk - ok
07:26:57.0039 0x1004  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:26:57.0045 0x1004  CryptSvc - ok
07:26:57.0087 0x1004  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
07:26:57.0120 0x1004  CSC - ok
07:26:57.0152 0x1004  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
07:26:57.0173 0x1004  CscService - ok
07:26:57.0206 0x1004  [ 0F538DF1673E5216F3BAACB6911D9D0F, 640A0BA1F897E7F927A01E44408202EF4884D2FE68E4CCB185F315D2B6F2E262 ] CtAudDrv        C:\Windows\system32\Drivers\CtAudDrv.sys
07:26:57.0210 0x1004  CtAudDrv - ok
07:26:57.0230 0x1004  [ 01725C2F2757B985CD171C0480AB86B0, 948300C766BC39C7F55A16BDDA11745E6FC5E0EC444CFE3DC6EA5684C4C8FF1B ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
07:26:57.0235 0x1004  CtClsFlt - ok
07:26:57.0274 0x1004  [ B5ECADF7708960F1818C7FA015F4C239, A58BA71B08A9D46EB79EB3DF0858F553A11DE3461E13B6D926E25D21D4CBB2D8 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
07:26:57.0275 0x1004  CVirtA - ok
07:26:57.0405 0x1004  [ 30443EEF52F5FB043654859EAA8E5247, 887ED8C4FE2259542E05A17973FE1549B636DA2C6888CC3A66F97D7D2600DC49 ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
07:26:57.0483 0x1004  CVPND - ok
07:26:57.0518 0x1004  [ CB90B2762B1A1D0B40496400C55B6ADE, 7A8D86B223FD8A2C4A75AD0849041D56255277D491387C613E62BC76E6730F06 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
07:26:57.0524 0x1004  CVPNDRVA - ok
07:26:57.0554 0x1004  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:26:57.0562 0x1004  DcomLaunch - ok
07:26:57.0584 0x1004  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
07:26:57.0589 0x1004  defragsvc - ok
07:26:57.0618 0x1004  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:26:57.0620 0x1004  DfsC - ok
07:26:57.0651 0x1004  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
07:26:57.0657 0x1004  Dhcp - ok
07:26:57.0669 0x1004  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
07:26:57.0670 0x1004  discache - ok
07:26:57.0693 0x1004  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
07:26:57.0695 0x1004  Disk - ok
07:26:57.0779 0x1004  [ 0C5A4D127B888863B19908E2F7C49ECB, 292754D8B27A7D646938A60A41BC432A31B9E3F5A1B0E8C7DF74422CA5028791 ] dleaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\dleaserv.exe
07:26:57.0830 0x1004  dleaCATSCustConnectService - ok
07:26:57.0846 0x1004  dlea_device - ok
07:26:57.0875 0x1004  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
07:26:57.0880 0x1004  dmvsc - ok
07:26:57.0920 0x1004  [ B5AA5AA5AC327BD7C1AEC0C58F0C1144, 14C147B79786C5DCEC54AF191E8815D871906E30DE90B00C7929F0E6CC025E6A ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
07:26:57.0930 0x1004  DNE - ok
07:26:57.0978 0x1004  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:26:57.0990 0x1004  Dnscache - ok
07:26:58.0004 0x1004  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
07:26:58.0011 0x1004  dot3svc - ok
07:26:58.0042 0x1004  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
07:26:58.0047 0x1004  DPS - ok
07:26:58.0097 0x1004  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:26:58.0099 0x1004  drmkaud - ok
07:26:58.0181 0x1004  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:26:58.0229 0x1004  DXGKrnl - ok
07:26:58.0253 0x1004  [ 884870CD3BF7BA07E57605685AAC3785, 407419F6EC3EDBAEC853E9745EACFE0606377022F15DC1BE778BDD7B02A0CA1C ] e1cexpress      C:\Windows\system32\DRIVERS\e1c6232.sys
07:26:58.0261 0x1004  e1cexpress - ok
07:26:58.0278 0x1004  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
07:26:58.0281 0x1004  EapHost - ok
07:26:58.0402 0x1004  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
07:26:58.0524 0x1004  ebdrv - ok
07:26:58.0556 0x1004  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
07:26:58.0557 0x1004  EFS - ok
07:26:58.0627 0x1004  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:26:58.0667 0x1004  ehRecvr - ok
07:26:58.0682 0x1004  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
07:26:58.0684 0x1004  ehSched - ok
07:26:58.0707 0x1004  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:26:58.0716 0x1004  elxstor - ok
07:26:58.0732 0x1004  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
07:26:58.0733 0x1004  ErrDev - ok
07:26:58.0763 0x1004  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
07:26:58.0770 0x1004  EventSystem - ok
07:26:58.0844 0x1004  [ 4F4AA60C3A6030D71E1F073DC5271170, 9376D27C2B6BB0CD9973C23C1A109FD59528CA69801B3BF032AF999BCC83D7E1 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
07:26:58.0899 0x1004  EvtEng - ok
07:26:58.0938 0x1004  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
07:26:58.0944 0x1004  exfat - ok
07:26:58.0976 0x1004  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:26:58.0983 0x1004  fastfat - ok
07:26:59.0034 0x1004  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
07:26:59.0058 0x1004  Fax - ok
07:26:59.0076 0x1004  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
07:26:59.0077 0x1004  fdc - ok
07:26:59.0089 0x1004  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
07:26:59.0091 0x1004  fdPHost - ok
07:26:59.0098 0x1004  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:26:59.0099 0x1004  FDResPub - ok
07:26:59.0114 0x1004  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:26:59.0116 0x1004  FileInfo - ok
07:26:59.0131 0x1004  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:26:59.0132 0x1004  Filetrace - ok
07:26:59.0145 0x1004  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
07:26:59.0146 0x1004  flpydisk - ok
07:26:59.0167 0x1004  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:26:59.0172 0x1004  FltMgr - ok
07:26:59.0230 0x1004  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
07:26:59.0281 0x1004  FontCache - ok
07:26:59.0335 0x1004  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:26:59.0338 0x1004  FontCache3.0.0.0 - ok
07:26:59.0359 0x1004  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
07:26:59.0364 0x1004  FsDepends - ok
07:26:59.0408 0x1004  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:26:59.0410 0x1004  Fs_Rec - ok
07:26:59.0463 0x1004  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
07:26:59.0474 0x1004  fvevol - ok
07:26:59.0497 0x1004  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:26:59.0499 0x1004  gagp30kx - ok
07:26:59.0530 0x1004  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:26:59.0532 0x1004  GEARAspiWDM - ok
07:26:59.0585 0x1004  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
07:26:59.0643 0x1004  gpsvc - ok
07:26:59.0658 0x1004  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
07:26:59.0659 0x1004  hcw85cir - ok
07:26:59.0690 0x1004  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:26:59.0697 0x1004  HdAudAddService - ok
07:26:59.0720 0x1004  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:26:59.0723 0x1004  HDAudBus - ok
07:26:59.0737 0x1004  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
07:26:59.0739 0x1004  HidBatt - ok
07:26:59.0756 0x1004  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:26:59.0758 0x1004  HidBth - ok
07:26:59.0774 0x1004  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
07:26:59.0776 0x1004  HidIr - ok
07:26:59.0788 0x1004  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
07:26:59.0790 0x1004  hidserv - ok
07:26:59.0826 0x1004  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:26:59.0829 0x1004  HidUsb - ok
07:26:59.0856 0x1004  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:26:59.0863 0x1004  hkmsvc - ok
07:26:59.0882 0x1004  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:26:59.0890 0x1004  HomeGroupListener - ok
07:26:59.0913 0x1004  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:26:59.0920 0x1004  HomeGroupProvider - ok
07:26:59.0941 0x1004  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
07:26:59.0943 0x1004  HpSAMD - ok
07:26:59.0975 0x1004  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:26:59.0999 0x1004  HTTP - ok
07:27:00.0006 0x1004  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
07:27:00.0007 0x1004  hwpolicy - ok
07:27:00.0025 0x1004  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
07:27:00.0028 0x1004  i8042prt - ok
07:27:00.0057 0x1004  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
07:27:00.0064 0x1004  iaStorV - ok
07:27:00.0144 0x1004  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:27:00.0179 0x1004  idsvc - ok
07:27:00.0204 0x1004  IEEtwCollectorService - ok
07:27:00.0255 0x1004  IePluginServices - ok
07:27:00.0576 0x1004  [ 721A8D48B2DC8C1C58C61CB948491EA8, 2E13D8922EE7E636DB9174FCFB5C4EB4DEA0771C9B6C8954D4FE6EFD5F5BCDA8 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
07:27:00.0886 0x1004  igfx - ok
07:27:01.0223 0x1004  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:27:01.0227 0x1004  iirsp - ok
07:27:01.0299 0x1004  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
07:27:01.0354 0x1004  IKEEXT - ok
07:27:01.0384 0x1004  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
07:27:01.0385 0x1004  intelide - ok
07:27:01.0395 0x1004  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:27:01.0397 0x1004  intelppm - ok
07:27:01.0420 0x1004  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:27:01.0423 0x1004  IPBusEnum - ok
07:27:01.0438 0x1004  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:27:01.0440 0x1004  IpFilterDriver - ok
07:27:01.0501 0x1004  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:27:01.0523 0x1004  iphlpsvc - ok
07:27:01.0537 0x1004  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
07:27:01.0539 0x1004  IPMIDRV - ok
07:27:01.0544 0x1004  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
07:27:01.0547 0x1004  IPNAT - ok
07:27:01.0624 0x1004  [ FE56897B27ED266F9C4E7D90A0B5DA47, 6B39D25FAFBA886ACF3ABC0A2946E053914B80C3F4769AD36279126C5D4970B6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
07:27:01.0685 0x1004  iPod Service - ok
07:27:01.0697 0x1004  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:27:01.0699 0x1004  IRENUM - ok
07:27:01.0716 0x1004  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:27:01.0718 0x1004  isapnp - ok
07:27:01.0760 0x1004  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
07:27:01.0769 0x1004  iScsiPrt - ok
07:27:01.0785 0x1004  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:27:01.0787 0x1004  kbdclass - ok
07:27:01.0805 0x1004  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:27:01.0807 0x1004  kbdhid - ok
07:27:01.0823 0x1004  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
07:27:01.0824 0x1004  KeyIso - ok
07:27:01.0854 0x1004  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:27:01.0857 0x1004  KSecDD - ok
07:27:01.0876 0x1004  [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
07:27:01.0884 0x1004  KSecPkg - ok
07:27:01.0922 0x1004  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:27:01.0956 0x1004  KtmRm - ok
07:27:01.0989 0x1004  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
07:27:01.0999 0x1004  LanmanServer - ok
07:27:02.0024 0x1004  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:27:02.0029 0x1004  LanmanWorkstation - ok
07:27:02.0054 0x1004  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:27:02.0056 0x1004  lltdio - ok
07:27:02.0083 0x1004  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:27:02.0088 0x1004  lltdsvc - ok
07:27:02.0102 0x1004  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:27:02.0104 0x1004  lmhosts - ok
07:27:02.0197 0x1004  [ BC2DEA70AF66EC6694B24E5BC241CA76, 5E5BD05552D70996E0DDA8FCFE83559BCF233B802A4C4BB1B16A608AE732CFE2 ] LMIGuardianSvc  C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
07:27:02.0236 0x1004  LMIGuardianSvc - ok
07:27:02.0291 0x1004  [ 26E3BEC8F2F0CFAF9FFE4C7AEF1BC049, CFB86B860FF4F856DA75EB132E06B77C71DC5D994799C08EDC01F2CA8B47AB44 ] LMIInfo         C:\Program Files\LogMeIn\x86\RaInfo.sys
07:27:02.0293 0x1004  LMIInfo - ok
07:27:02.0325 0x1004  [ 8280F33B62CF30467F641BA16420DEE8, 07C9647C0412CDF7F4F4B727C8B168F31E80CDF32D66A50CC54D1B3E9A614CAD ] LMIMaint        C:\Program Files\LogMeIn\x86\RaMaint.exe
07:27:02.0341 0x1004  LMIMaint - ok
07:27:02.0354 0x1004  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
07:27:02.0355 0x1004  lmimirr - ok
07:27:02.0368 0x1004  LMIRfsClientNP - ok
07:27:02.0383 0x1004  [ 3FAA563DDF853320F90259D455A01D79, D81B5FCC0CBCF9CE18E44A31071D357B12F5016159E24954E50E68D80C9F61B8 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
07:27:02.0385 0x1004  LMIRfsDriver - ok
07:27:02.0428 0x1004  [ 519D66259DF1672AABCE9D2E0ACC5552, 953EAEC04D45574ED9260726383438AA18A5EBEB2E0C93869DF4C57B9998BB27 ] LMS             C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
07:27:02.0444 0x1004  LMS - ok
07:27:02.0465 0x1004  [ 432618FA75B61059D2C57D6A7E55147A, 0E7D771AE9F98667A68C8C07A664D70B71B78EC08D7FEA92AD979E1E049EC0B1 ] LogMeIn         C:\Program Files\LogMeIn\x86\LogMeIn.exe
07:27:02.0499 0x1004  LogMeIn - ok
07:27:02.0523 0x1004  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:27:02.0527 0x1004  LSI_FC - ok
07:27:02.0543 0x1004  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:27:02.0546 0x1004  LSI_SAS - ok
07:27:02.0563 0x1004  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
07:27:02.0564 0x1004  LSI_SAS2 - ok
07:27:02.0582 0x1004  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:27:02.0584 0x1004  LSI_SCSI - ok
07:27:02.0603 0x1004  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
07:27:02.0605 0x1004  luafv - ok
07:27:02.0622 0x1004  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:27:02.0624 0x1004  Mcx2Svc - ok
07:27:02.0702 0x1004  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
07:27:02.0728 0x1004  MDM - ok
07:27:02.0743 0x1004  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:27:02.0745 0x1004  megasas - ok
07:27:02.0768 0x1004  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
07:27:02.0777 0x1004  MegaSR - ok
07:27:02.0806 0x1004  [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
07:27:02.0808 0x1004  MEI - ok
07:27:02.0823 0x1004  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
07:27:02.0827 0x1004  MMCSS - ok
07:27:02.0846 0x1004  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
07:27:02.0848 0x1004  Modem - ok
07:27:02.0866 0x1004  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:27:02.0868 0x1004  monitor - ok
07:27:02.0892 0x1004  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:27:02.0895 0x1004  mouclass - ok
07:27:02.0915 0x1004  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
07:27:02.0917 0x1004  mouhid - ok
07:27:02.0933 0x1004  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
07:27:02.0937 0x1004  mountmgr - ok
07:27:02.0959 0x1004  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:27:02.0965 0x1004  mpio - ok
07:27:02.0987 0x1004  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:27:02.0990 0x1004  mpsdrv - ok
07:27:03.0022 0x1004  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:27:03.0055 0x1004  MpsSvc - ok
07:27:03.0089 0x1004  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:27:03.0097 0x1004  MRxDAV - ok
07:27:03.0140 0x1004  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:27:03.0147 0x1004  mrxsmb - ok
07:27:03.0168 0x1004  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:27:03.0193 0x1004  mrxsmb10 - ok
07:27:03.0209 0x1004  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:27:03.0213 0x1004  mrxsmb20 - ok
07:27:03.0244 0x1004  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
07:27:03.0245 0x1004  msahci - ok
07:27:03.0264 0x1004  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:27:03.0269 0x1004  msdsm - ok
07:27:03.0289 0x1004  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
07:27:03.0295 0x1004  MSDTC - ok
07:27:03.0313 0x1004  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:27:03.0314 0x1004  Msfs - ok
07:27:03.0321 0x1004  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
07:27:03.0322 0x1004  mshidkmdf - ok
07:27:03.0329 0x1004  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:27:03.0331 0x1004  msisadrv - ok
07:27:03.0370 0x1004  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:27:03.0380 0x1004  MSiSCSI - ok
07:27:03.0387 0x1004  msiserver - ok
07:27:03.0406 0x1004  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:27:03.0407 0x1004  MSKSSRV - ok
07:27:03.0425 0x1004  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:27:03.0426 0x1004  MSPCLOCK - ok
07:27:03.0438 0x1004  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:27:03.0439 0x1004  MSPQM - ok
07:27:03.0456 0x1004  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:27:03.0460 0x1004  MsRPC - ok
07:27:03.0471 0x1004  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:27:03.0472 0x1004  mssmbios - ok
07:27:03.0480 0x1004  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:27:03.0481 0x1004  MSTEE - ok
07:27:03.0493 0x1004  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
07:27:03.0494 0x1004  MTConfig - ok
07:27:03.0508 0x1004  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:27:03.0510 0x1004  Mup - ok
07:27:03.0537 0x1004  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
07:27:03.0553 0x1004  napagent - ok
07:27:03.0582 0x1004  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:27:03.0589 0x1004  NativeWifiP - ok
07:27:03.0664 0x1004  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:27:03.0728 0x1004  NDIS - ok
07:27:03.0750 0x1004  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
07:27:03.0752 0x1004  NdisCap - ok
07:27:03.0770 0x1004  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:27:03.0772 0x1004  NdisTapi - ok
07:27:03.0782 0x1004  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:27:03.0785 0x1004  Ndisuio - ok
07:27:03.0801 0x1004  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:27:03.0806 0x1004  NdisWan - ok
07:27:03.0816 0x1004  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:27:03.0818 0x1004  NDProxy - ok
07:27:03.0881 0x1004  [ F7C14F5077BF2BC476C348B88A7F74E2, 2B9B73143AD279BF38FADE86F815CCECE90F727D33693FEF52658D93A7101A0F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
07:27:03.0886 0x1004  Net Driver HPZ12 - ok
07:27:03.0903 0x1004  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:27:03.0906 0x1004  NetBIOS - ok
07:27:03.0931 0x1004  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
07:27:03.0937 0x1004  NetBT - ok
07:27:03.0948 0x1004  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
07:27:03.0950 0x1004  Netlogon - ok
07:27:03.0973 0x1004  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
07:27:03.0984 0x1004  Netman - ok
07:27:04.0032 0x1004  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:27:04.0069 0x1004  NetMsmqActivator - ok
07:27:04.0096 0x1004  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:27:04.0101 0x1004  NetPipeActivator - ok
07:27:04.0122 0x1004  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
07:27:04.0147 0x1004  netprofm - ok
07:27:04.0155 0x1004  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:27:04.0159 0x1004  NetTcpActivator - ok
07:27:04.0166 0x1004  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:27:04.0170 0x1004  NetTcpPortSharing - ok
07:27:04.0474 0x1004  [ 84266AA496A6299C638B5A096D01C922, FB5D089E7EECBCB57BEC2CCED02ACE97C7F9AD4E602D2D79BA40C662F9A15B97 ] NETwNs32        C:\Windows\system32\DRIVERS\Netwsn00.sys
07:27:04.0772 0x1004  NETwNs32 - ok
07:27:04.0805 0x1004  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:27:04.0807 0x1004  nfrd960 - ok
07:27:04.0854 0x1004  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:27:04.0888 0x1004  NlaSvc - ok
07:27:04.0900 0x1004  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:27:04.0903 0x1004  Npfs - ok
07:27:04.0916 0x1004  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
07:27:04.0921 0x1004  nsi - ok
07:27:04.0926 0x1004  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:27:04.0927 0x1004  nsiproxy - ok
07:27:05.0034 0x1004  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:27:05.0068 0x1004  Ntfs - ok
07:27:05.0075 0x1004  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
07:27:05.0076 0x1004  Null - ok
07:27:05.0133 0x1004  [ 3D7FB57354703809B5F0C23287FAC1D6, C50F170E53C27691CD60DFA2EA980576E7DEFC4136F15A0A29DEEE3B9548022D ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
07:27:05.0138 0x1004  NVHDA - ok
07:27:05.0190 0x1004  [ 26C34CC92475BBCC02AE2DFA18BC352A, DCDEC182CED6984A5A225C90EF7F8D2A1557706C5FDF71FAE4A79D0E15527261 ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
07:27:05.0196 0x1004  nvkflt - ok
07:27:05.0500 0x1004  [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:27:05.0779 0x1004  nvlddmkm - ok
07:27:05.0797 0x1004  [ 57B793C433639053B02E0976E426749E, F5E86858BA7A389F566AF9B25D8F988C6E54507FAA02B865721E58601822DFDD ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
07:27:05.0798 0x1004  nvpciflt - ok
07:27:05.0840 0x1004  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:27:05.0843 0x1004  nvraid - ok
07:27:05.0853 0x1004  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:27:05.0857 0x1004  nvstor - ok
07:27:05.0912 0x1004  [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] nvsvc           C:\Windows\system32\nvvsvc.exe
07:27:05.0974 0x1004  nvsvc - ok
07:27:06.0087 0x1004  [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
07:27:06.0169 0x1004  nvUpdatusService - ok
07:27:06.0186 0x1004  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:27:06.0189 0x1004  nv_agp - ok
07:27:06.0272 0x1004  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:27:06.0325 0x1004  odserv - ok
07:27:06.0339 0x1004  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
07:27:06.0342 0x1004  ohci1394 - ok
07:27:06.0392 0x1004  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:27:06.0397 0x1004  ose - ok
07:27:06.0426 0x1004  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
07:27:06.0436 0x1004  p2pimsvc - ok
07:27:06.0461 0x1004  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:27:06.0469 0x1004  p2psvc - ok
07:27:06.0489 0x1004  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
07:27:06.0491 0x1004  Parport - ok
07:27:06.0529 0x1004  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:27:06.0533 0x1004  partmgr - ok
07:27:06.0543 0x1004  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
07:27:06.0544 0x1004  Parvdm - ok
07:27:06.0559 0x1004  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:27:06.0567 0x1004  PcaSvc - ok
07:27:06.0577 0x1004  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
07:27:06.0582 0x1004  pci - ok
07:27:06.0624 0x1004  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
07:27:06.0626 0x1004  pciide - ok
07:27:06.0643 0x1004  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
07:27:06.0650 0x1004  pcmcia - ok
07:27:06.0663 0x1004  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
07:27:06.0666 0x1004  pcw - ok
07:27:06.0708 0x1004  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:27:06.0750 0x1004  PEAUTH - ok
07:27:06.0799 0x1004  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
07:27:06.0888 0x1004  PeerDistSvc - ok
07:27:06.0940 0x1004  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
07:27:06.0999 0x1004  pla - ok
07:27:07.0044 0x1004  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:27:07.0051 0x1004  PlugPlay - ok
07:27:07.0076 0x1004  [ E638656001C52A1FAA34F92E6D3A086B, 1DFB3991346657277CB83AC32D232855B377C8A87C871329214FB942D14E5271 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
07:27:07.0078 0x1004  Pml Driver HPZ12 - ok
07:27:07.0090 0x1004  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
07:27:07.0092 0x1004  PNRPAutoReg - ok
07:27:07.0106 0x1004  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
07:27:07.0112 0x1004  PNRPsvc - ok
07:27:07.0163 0x1004  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:27:07.0199 0x1004  PolicyAgent - ok
07:27:07.0231 0x1004  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
07:27:07.0238 0x1004  Power - ok
07:27:07.0259 0x1004  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:27:07.0263 0x1004  PptpMiniport - ok
07:27:07.0276 0x1004  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
07:27:07.0279 0x1004  Processor - ok
07:27:07.0321 0x1004  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
07:27:07.0342 0x1004  ProfSvc - ok
07:27:07.0356 0x1004  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:27:07.0359 0x1004  ProtectedStorage - ok
07:27:07.0380 0x1004  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
07:27:07.0384 0x1004  Psched - ok
07:27:07.0422 0x1004  [ B6A1692FC131F1FE5162513D78A9B6FC, 193B12508E5D076B178AADDDA9BECB4F397307FB8D96B16540697D6E49D61C28 ] PxHelp20        C:\Windows\system32\DRIVERS\PxHelp20.sys
07:27:07.0425 0x1004  PxHelp20 - ok
07:27:07.0499 0x1004  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:27:07.0586 0x1004  ql2300 - ok
07:27:07.0607 0x1004  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:27:07.0610 0x1004  ql40xx - ok
07:27:07.0636 0x1004  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
07:27:07.0643 0x1004  QWAVE - ok
07:27:07.0655 0x1004  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:27:07.0657 0x1004  QWAVEdrv - ok
07:27:07.0667 0x1004  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:27:07.0668 0x1004  RasAcd - ok
07:27:07.0682 0x1004  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
07:27:07.0683 0x1004  RasAgileVpn - ok
07:27:07.0695 0x1004  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
07:27:07.0698 0x1004  RasAuto - ok
07:27:07.0711 0x1004  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:27:07.0713 0x1004  Rasl2tp - ok
07:27:07.0722 0x1004  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
07:27:07.0729 0x1004  RasMan - ok
07:27:07.0733 0x1004  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:27:07.0735 0x1004  RasPppoe - ok
07:27:07.0747 0x1004  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:27:07.0749 0x1004  RasSstp - ok
07:27:07.0767 0x1004  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:27:07.0772 0x1004  rdbss - ok
07:27:07.0786 0x1004  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
07:27:07.0787 0x1004  rdpbus - ok
07:27:07.0791 0x1004  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:27:07.0792 0x1004  RDPCDD - ok
07:27:07.0814 0x1004  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
07:27:07.0817 0x1004  RDPDR - ok
07:27:07.0840 0x1004  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:27:07.0840 0x1004  RDPENCDD - ok
07:27:07.0844 0x1004  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
07:27:07.0845 0x1004  RDPREFMP - ok
07:27:07.0883 0x1004  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:27:07.0887 0x1004  RDPWD - ok
07:27:07.0899 0x1004  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
07:27:07.0903 0x1004  rdyboost - ok
07:27:07.0938 0x1004  [ 3E09F585EF9D5C68847469DED3A50860, 14A62DFD93282B8701BFDA21DAEDE6CB05B2337D75DB1399725C33E55D65D68E ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
07:27:07.0941 0x1004  RegSrvc - ok
07:27:07.0960 0x1004  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:27:07.0964 0x1004  RemoteAccess - ok
07:27:07.0978 0x1004  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:27:07.0982 0x1004  RemoteRegistry - ok
07:27:08.0028 0x1004  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
07:27:08.0031 0x1004  RFCOMM - ok
07:27:08.0049 0x1004  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
07:27:08.0051 0x1004  RpcEptMapper - ok
07:27:08.0072 0x1004  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
07:27:08.0074 0x1004  RpcLocator - ok
07:27:08.0095 0x1004  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
07:27:08.0103 0x1004  RpcSs - ok
07:27:08.0116 0x1004  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:27:08.0118 0x1004  rspndr - ok
07:27:08.0132 0x1004  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
07:27:08.0133 0x1004  s3cap - ok
07:27:08.0147 0x1004  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
07:27:08.0148 0x1004  SamSs - ok
07:27:08.0175 0x1004  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:27:08.0180 0x1004  sbp2port - ok
07:27:08.0201 0x1004  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:27:08.0212 0x1004  SCardSvr - ok
07:27:08.0221 0x1004  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
07:27:08.0223 0x1004  scfilter - ok
07:27:08.0264 0x1004  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
07:27:08.0305 0x1004  Schedule - ok
07:27:08.0326 0x1004  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:27:08.0327 0x1004  SCPolicySvc - ok
07:27:08.0362 0x1004  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
07:27:08.0364 0x1004  sdbus - ok
07:27:08.0372 0x1004  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:27:08.0377 0x1004  SDRSVC - ok
07:27:08.0392 0x1004  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:27:08.0393 0x1004  secdrv - ok
07:27:08.0399 0x1004  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
07:27:08.0401 0x1004  seclogon - ok
07:27:08.0414 0x1004  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
07:27:08.0416 0x1004  SENS - ok
07:27:08.0432 0x1004  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
07:27:08.0434 0x1004  SensrSvc - ok
07:27:08.0450 0x1004  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
07:27:08.0451 0x1004  Serenum - ok
07:27:08.0465 0x1004  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
07:27:08.0467 0x1004  Serial - ok
07:27:08.0482 0x1004  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:27:08.0484 0x1004  sermouse - ok
07:27:08.0498 0x1004  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:27:08.0502 0x1004  SessionEnv - ok
07:27:08.0514 0x1004  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
07:27:08.0515 0x1004  sffdisk - ok
07:27:08.0526 0x1004  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:27:08.0528 0x1004  sffp_mmc - ok
07:27:08.0542 0x1004  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
07:27:08.0543 0x1004  sffp_sd - ok
07:27:08.0554 0x1004  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:27:08.0555 0x1004  sfloppy - ok
07:27:08.0596 0x1004  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:27:08.0639 0x1004  SharedAccess - ok
07:27:08.0663 0x1004  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:27:08.0697 0x1004  ShellHWDetection - ok
07:27:08.0711 0x1004  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
07:27:08.0714 0x1004  sisagp - ok
07:27:08.0731 0x1004  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
07:27:08.0733 0x1004  SiSRaid2 - ok
07:27:08.0750 0x1004  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:27:08.0755 0x1004  SiSRaid4 - ok
07:27:08.0850 0x1004  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
07:27:08.0907 0x1004  SkypeUpdate - ok
07:27:08.0923 0x1004  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:27:08.0927 0x1004  Smb - ok
07:27:08.0955 0x1004  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:27:08.0958 0x1004  SNMPTRAP - ok
07:27:08.0966 0x1004  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:27:08.0967 0x1004  spldr - ok
07:27:09.0021 0x1004  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
07:27:09.0060 0x1004  Spooler - ok
07:27:09.0094 0x1004  SPPD - ok
07:27:09.0227 0x1004  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
07:27:09.0350 0x1004  sppsvc - ok
07:27:09.0360 0x1004  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
07:27:09.0363 0x1004  sppuinotify - ok
07:27:09.0410 0x1004  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:27:09.0443 0x1004  srv - ok
07:27:09.0469 0x1004  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:27:09.0480 0x1004  srv2 - ok
07:27:09.0552 0x1004  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:27:09.0561 0x1004  srvnet - ok
07:27:09.0601 0x1004  [ 069351A1D7D291013177A90AE6EDCCBC, 9AAC7DAEAD7ABF593FB3F7B959BB1F9310C46DBF86395FF4117DDCE4B74E849B ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
07:27:09.0609 0x1004  sscdbus - ok
07:27:09.0651 0x1004  [ 1C925BE223A5C0F9F469252292A48DF6, 0A3F59040B0B856D7888F4AA2EC229F506B82C4DB62470E1D1B76B34EB49AF3F ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
07:27:09.0653 0x1004  sscdmdfl - ok
07:27:09.0699 0x1004  [ AE3E77AE0FBDB07EB1AC3FED74A0695E, E491A8610AA82D612314C336FDED109D66F7306291798218CBB154D389375096 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
07:27:09.0709 0x1004  sscdmdm - ok
07:27:09.0752 0x1004  [ 6C239402A3303C66016F5F915E0E8698, C84A8627ABFF7B700F928D52A1864057A4AF6C560B2A720BC6E68B25213D1938 ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
07:27:09.0759 0x1004  sscdserd - ok
07:27:09.0796 0x1004  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:27:09.0807 0x1004  SSDPSRV - ok
07:27:09.0822 0x1004  ssnfd - ok
07:27:09.0841 0x1004  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:27:09.0846 0x1004  SstpSvc - ok
07:27:09.0936 0x1004  [ F0359F7CE712D69ACEF0886BDB4792ED, 0E638A3F56B1C431A472469E2F47DABD0ABE1CC043FD1673B4CA6E984FE980CF ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
07:27:09.0970 0x1004  Stereo Service - ok
07:27:09.0983 0x1004  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
07:27:09.0984 0x1004  stexstor - ok
07:27:10.0007 0x1004  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
07:27:10.0022 0x1004  StiSvc - ok
07:27:10.0049 0x1004  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
07:27:10.0050 0x1004  storflt - ok
07:27:10.0062 0x1004  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
07:27:10.0065 0x1004  StorSvc - ok
07:27:10.0075 0x1004  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
07:27:10.0076 0x1004  storvsc - ok
07:27:10.0083 0x1004  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:27:10.0084 0x1004  swenum - ok
07:27:10.0102 0x1004  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
07:27:10.0110 0x1004  swprv - ok
07:27:10.0148 0x1004  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
07:27:10.0187 0x1004  SysMain - ok
07:27:10.0211 0x1004  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
07:27:10.0214 0x1004  TabletInputService - ok
07:27:10.0230 0x1004  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:27:10.0237 0x1004  TapiSrv - ok
07:27:10.0247 0x1004  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
07:27:10.0250 0x1004  TBS - ok
07:27:10.0353 0x1004  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:27:10.0394 0x1004  Tcpip - ok
07:27:10.0435 0x1004  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
07:27:10.0454 0x1004  TCPIP6 - ok
07:27:10.0492 0x1004  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:27:10.0493 0x1004  tcpipreg - ok
07:27:10.0512 0x1004  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:27:10.0514 0x1004  TDPIPE - ok
07:27:10.0553 0x1004  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:27:10.0555 0x1004  TDTCP - ok
07:27:10.0569 0x1004  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:27:10.0574 0x1004  tdx - ok
07:27:10.0588 0x1004  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:27:10.0592 0x1004  TermDD - ok
07:27:10.0636 0x1004  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
07:27:10.0656 0x1004  TermService - ok
07:27:10.0669 0x1004  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
07:27:10.0672 0x1004  Themes - ok
07:27:10.0680 0x1004  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
07:27:10.0682 0x1004  THREADORDER - ok
07:27:10.0701 0x1004  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
07:27:10.0705 0x1004  TrkWks - ok
07:27:10.0752 0x1004  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:27:10.0768 0x1004  TrustedInstaller - ok
07:27:10.0794 0x1004  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:27:10.0795 0x1004  tssecsrv - ok
07:27:10.0814 0x1004  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
07:27:10.0817 0x1004  TsUsbFlt - ok
07:27:10.0851 0x1004  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
07:27:10.0855 0x1004  TsUsbGD - ok
07:27:10.0877 0x1004  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:27:10.0881 0x1004  tunnel - ok
07:27:10.0898 0x1004  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:27:10.0901 0x1004  uagp35 - ok
07:27:10.0925 0x1004  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:27:10.0935 0x1004  udfs - ok
07:27:10.0979 0x1004  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:27:10.0986 0x1004  UI0Detect - ok
07:27:11.0009 0x1004  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:27:11.0014 0x1004  uliagpkx - ok
07:27:11.0032 0x1004  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:27:11.0036 0x1004  umbus - ok
07:27:11.0054 0x1004  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
07:27:11.0055 0x1004  UmPass - ok
07:27:11.0072 0x1004  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
07:27:11.0079 0x1004  UmRdpService - ok
07:27:11.0176 0x1004  [ 1B71370AEC1115F80D9A4A209317C968, C6886F556E87C1750991C27EF818B3A2CAB5DD84A26290457A005CFDECBEF884 ] UNS             C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
07:27:11.0288 0x1004  UNS - ok
07:27:11.0317 0x1004  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
07:27:11.0325 0x1004  upnphost - ok
07:27:11.0363 0x1004  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
07:27:11.0365 0x1004  USBAAPL - ok
07:27:11.0425 0x1004  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
07:27:11.0430 0x1004  usbaudio - ok
07:27:11.0468 0x1004  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:27:11.0474 0x1004  usbccgp - ok
07:27:11.0520 0x1004  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:27:11.0526 0x1004  usbcir - ok
07:27:11.0569 0x1004  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
07:27:11.0573 0x1004  usbehci - ok
07:27:11.0626 0x1004  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:27:11.0660 0x1004  usbhub - ok
07:27:11.0699 0x1004  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
07:27:11.0702 0x1004  usbohci - ok
07:27:11.0726 0x1004  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
07:27:11.0729 0x1004  usbprint - ok
07:27:11.0791 0x1004  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
07:27:11.0794 0x1004  usbscan - ok
07:27:11.0841 0x1004  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:27:11.0846 0x1004  USBSTOR - ok
07:27:11.0888 0x1004  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
07:27:11.0891 0x1004  usbuhci - ok
07:27:11.0953 0x1004  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
07:27:11.0964 0x1004  usbvideo - ok
07:27:11.0975 0x1004  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
07:27:11.0980 0x1004  UxSms - ok
07:27:11.0989 0x1004  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
07:27:11.0991 0x1004  VaultSvc - ok
07:27:12.0005 0x1004  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
07:27:12.0008 0x1004  vdrvroot - ok
07:27:12.0040 0x1004  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
07:27:12.0075 0x1004  vds - ok
07:27:12.0089 0x1004  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:27:12.0091 0x1004  vga - ok
07:27:12.0107 0x1004  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:27:12.0108 0x1004  VgaSave - ok
07:27:12.0124 0x1004  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
07:27:12.0128 0x1004  vhdmp - ok
07:27:12.0151 0x1004  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
07:27:12.0153 0x1004  viaagp - ok
07:27:12.0159 0x1004  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
07:27:12.0161 0x1004  ViaC7 - ok
07:27:12.0196 0x1004  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:27:12.0197 0x1004  viaide - ok
07:27:12.0232 0x1004  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
07:27:12.0242 0x1004  vmbus - ok
07:27:12.0253 0x1004  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
07:27:12.0254 0x1004  VMBusHID - ok
07:27:12.0278 0x1004  [ 3B8F222B23917C041E4DA29CCC57E7D0, 2764C7A11FD5672FBF72CDD4331F1895B5084664919AD4FC855DFDD451403D4C ] vncmirror       C:\Windows\system32\DRIVERS\vncmirror.sys
07:27:12.0279 0x1004  vncmirror - ok
07:27:12.0393 0x1004  [ 7FFAFB3DE9FF7C85AC879054CEA4FBC0, D905D065849F70290A4C6D208B1A869EA4A0F8410E51D0449574D951FD759631 ] vncserver       C:\Program Files\RealVNC\VNC Server\vncserver.exe
07:27:12.0535 0x1004  vncserver - ok
07:27:12.0547 0x1004  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:27:12.0548 0x1004  volmgr - ok
07:27:12.0567 0x1004  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:27:12.0573 0x1004  volmgrx - ok
07:27:12.0585 0x1004  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:27:12.0589 0x1004  volsnap - ok
07:27:12.0600 0x1004  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:27:12.0604 0x1004  vsmraid - ok
07:27:12.0645 0x1004  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
07:27:12.0695 0x1004  VSS - ok
07:27:12.0702 0x1004  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
07:27:12.0703 0x1004  vwifibus - ok
07:27:12.0716 0x1004  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
07:27:12.0718 0x1004  vwififlt - ok
07:27:12.0736 0x1004  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
07:27:12.0737 0x1004  vwifimp - ok
07:27:12.0760 0x1004  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
07:27:12.0768 0x1004  W32Time - ok
07:27:12.0786 0x1004  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:27:12.0787 0x1004  WacomPen - ok
07:27:12.0860 0x1004  [ 15D56729DED0DD06213C35D231597140, 7784B31868BBB79B90B9C2A9E49036973C9A34D644D434C0E808C43BA86C5428 ] Wajam Internet Enhancer Service C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
07:27:12.0919 0x1004  Wajam Internet Enhancer Service - ok
07:27:12.0942 0x1004  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
07:27:12.0946 0x1004  WANARP - ok
07:27:12.0951 0x1004  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:27:12.0953 0x1004  Wanarpv6 - ok
07:27:13.0056 0x1004  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
07:27:13.0093 0x1004  WatAdminSvc - ok
07:27:13.0138 0x1004  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
07:27:13.0171 0x1004  wbengine - ok
07:27:13.0189 0x1004  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
07:27:13.0194 0x1004  WbioSrvc - ok
07:27:13.0210 0x1004  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:27:13.0217 0x1004  wcncsvc - ok
07:27:13.0223 0x1004  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:27:13.0226 0x1004  WcsPlugInService - ok
07:27:13.0234 0x1004  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
07:27:13.0235 0x1004  Wd - ok
07:27:13.0274 0x1004  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
07:27:13.0276 0x1004  WDC_SAM - ok
07:27:13.0326 0x1004  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:27:13.0350 0x1004  Wdf01000 - ok
07:27:13.0369 0x1004  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:27:13.0372 0x1004  WdiServiceHost - ok
07:27:13.0375 0x1004  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:27:13.0378 0x1004  WdiSystemHost - ok
07:27:13.0429 0x1004  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
07:27:13.0462 0x1004  WebClient - ok
07:27:13.0489 0x1004  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:27:13.0514 0x1004  Wecsvc - ok
07:27:13.0526 0x1004  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:27:13.0533 0x1004  wercplsupport - ok
07:27:13.0550 0x1004  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
07:27:13.0555 0x1004  WerSvc - ok
07:27:13.0580 0x1004  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
07:27:13.0582 0x1004  WfpLwf - ok
07:27:13.0593 0x1004  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
07:27:13.0594 0x1004  WIMMount - ok
07:27:13.0672 0x1004  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
07:27:13.0717 0x1004  WinDefend - ok
07:27:13.0732 0x1004  WinHttpAutoProxySvc - ok
07:27:13.0781 0x1004  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:27:13.0798 0x1004  Winmgmt - ok
07:27:13.0875 0x1004  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
07:27:13.0933 0x1004  WinRM - ok
07:27:13.0980 0x1004  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
07:27:13.0983 0x1004  WinUsb - ok
07:27:14.0043 0x1004  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:27:14.0091 0x1004  Wlansvc - ok
07:27:14.0105 0x1004  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
07:27:14.0106 0x1004  WmiAcpi - ok
07:27:14.0117 0x1004  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:27:14.0120 0x1004  wmiApSrv - ok
07:27:14.0161 0x1004  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
07:27:14.0195 0x1004  WMPNetworkSvc - ok
07:27:14.0202 0x1004  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:27:14.0204 0x1004  WPCSvc - ok
07:27:14.0213 0x1004  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:27:14.0216 0x1004  WPDBusEnum - ok
07:27:14.0234 0x1004  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:27:14.0235 0x1004  ws2ifsl - ok
07:27:14.0244 0x1004  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
07:27:14.0247 0x1004  wscsvc - ok
07:27:14.0293 0x1004  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
07:27:14.0296 0x1004  WSDPrintDevice - ok
07:27:14.0302 0x1004  WSearch - ok
07:27:14.0413 0x1004  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
07:27:14.0468 0x1004  wuauserv - ok
07:27:14.0506 0x1004  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
07:27:14.0508 0x1004  WudfPf - ok
07:27:14.0536 0x1004  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:27:14.0546 0x1004  WUDFRd - ok
07:27:14.0579 0x1004  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:27:14.0583 0x1004  wudfsvc - ok
07:27:14.0624 0x1004  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
07:27:14.0631 0x1004  WwanSvc - ok
07:27:14.0768 0x1004  [ 995037C8FE914C5BEB062B05A73E3568, C0E5EB594D69F9955CB24FE4F041921A25BDAEAAC57328D113332E43330DFA53 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
07:27:14.0916 0x1004  ZeroConfigService - ok
07:27:14.0938 0x1004  ================ Scan global ===============================
07:27:14.0964 0x1004  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
07:27:15.0016 0x1004  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
07:27:15.0055 0x1004  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
07:27:15.0081 0x1004  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
07:27:15.0103 0x1004  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
07:27:15.0108 0x1004  [ Global ] - ok
07:27:15.0109 0x1004  ================ Scan MBR ==================================
07:27:15.0119 0x1004  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:27:15.0335 0x1004  \Device\Harddisk0\DR0 - ok
07:27:15.0336 0x1004  ================ Scan VBR ==================================
07:27:15.0339 0x1004  [ E81CAC3C7617C2B0626CD9C1A64F5260 ] \Device\Harddisk0\DR0\Partition1
07:27:15.0342 0x1004  \Device\Harddisk0\DR0\Partition1 - ok
07:27:15.0347 0x1004  [ A4A2BE43D191142F1FE8FEE2F2A3AF15 ] \Device\Harddisk0\DR0\Partition2
07:27:15.0349 0x1004  \Device\Harddisk0\DR0\Partition2 - ok
07:27:15.0350 0x1004  ================ Scan generic autorun ======================
07:27:15.0413 0x1004  [ BC47ABD9F73C6D6A1DEFFF21A815DFF6, C9EC15D1BD40E852CF61B089820DC4F6DFDC8AF1FA8434D2E7712ADCD7B9AB00 ] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
07:27:15.0445 0x1004  Dell Webcam Central - ok
07:27:15.0462 0x1004  [ E83D6BA916FCBAE7C4DD54258D980485, 9F842D5108AE1B9B529E62356DDF046A39C0E28D798C95752CE34F5639E8CDD0 ] C:\Windows\system32\igfxtray.exe
07:27:15.0469 0x1004  IgfxTray - ok
07:27:15.0480 0x1004  [ 91A0008D2749539E166D3FDD30D87CA5, 83681E0FF7D4B0B2E49A293010E2194A91954981923B44FDDDDC77DA74D89FEC ] C:\Windows\system32\hkcmd.exe
07:27:15.0485 0x1004  HotKeysCmds - ok
07:27:15.0494 0x1004  [ 899378BD96D3993A9DBDAB04DCC6C076, 5942E6255E308685E254378AE6717CC6BFA2B2D25BE0B27782A5E348C02D0D94 ] C:\Windows\system32\igfxpers.exe
07:27:15.0499 0x1004  Persistence - ok
07:27:15.0532 0x1004  [ 6103B6E41E588551189862453879E098, 08A94487D885F614EBBA1C8CCAA86EB2514E323C94C080A6C44D3B6DC3C60A38 ] C:\Program Files\DellTPad\Apoint.exe
07:27:15.0547 0x1004  Apoint - ok
07:27:15.0645 0x1004  [ 9FE329B0EEEFFFA2EA968D77390477F9, 7B98A161D97F5C02F2B2C392026F3D61E8085DDD1BF9C7E8D562E844167AF972 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
07:27:15.0784 0x1004  IntelPROSet - ok
07:27:15.0925 0x1004  [ FE3572299AC39A9AACB79F586427EA14, D38183B80FF0CDB9951CC9DDB15847498FA35F973907E307D19503484EB8390B ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
07:27:15.0979 0x1004  nwiz - ok
07:27:16.0021 0x1004  [ 234051C0D242A6F4A79AE5212C1323D4, CA40BDB2AC40D1685310B4D56E97C91B72626D5C2CC3A986139CB37BA1071E7E ] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
07:27:16.0025 0x1004  LogMeIn GUI - ok
07:27:16.0138 0x1004  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:27:16.0207 0x1004  Adobe ARM - ok
07:27:16.0315 0x1004  [ 0A1C2B7C7E018E727307F23317F0A304, BFCDE983B15A9627722F072028BDD48ECADD9D858BC0AA1079B6C2B28D80CD5D ] C:\Program Files\Dell V310-V510 Series\dleamon.exe
07:27:16.0355 0x1004  dleamon.exe - ok
07:27:16.0399 0x1004  [ 83E38F890E3252AD3F20EF38917CB524, 5DF6E0289C7D2721E008427B3F541BBDEE4BF40D1E8E84E7DC0C957670CA855C ] C:\Program Files\Dell V310-V510 Series\ezprint.exe
07:27:16.0407 0x1004  EzPrint - ok
07:27:16.0509 0x1004  [ F9C48B76DA59CF5FF2ED937B62F5ED39, BABC2638F6C92947C79C918DFD3E605B196672B23745226DFA64F68867B7C257 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
07:27:16.0544 0x1004  AdobeAAMUpdater-1.0 - ok
07:27:16.0621 0x1004  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
07:27:16.0625 0x1004  APSDaemon - ok
07:27:16.0685 0x1004  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files\QuickTime\QTTask.exe
07:27:16.0718 0x1004  QuickTime Task - ok
07:27:16.0793 0x1004  [ A9F9D081518AC03A51C1195986076F42, 7549CA4530470D9C8A0078E0002E3650133051AA4A1D2F3B7CF0BCA4C4A65595 ] C:\Program Files\iTunes\iTunesHelper.exe
07:27:16.0804 0x1004  iTunesHelper - ok
07:27:16.0875 0x1004  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
07:27:16.0909 0x1004  SunJavaUpdateSched - ok
07:27:16.0954 0x1004  [ 4333E6C7D2E17C97E1CF10DD4C90FE7A, 4A4FBB9AC4EBD24BACA818732AA265462F8BA40D63751559A318B7A7A84986D2 ] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
07:27:16.0958 0x1004  VMM Mode Selection - ok
07:27:17.0049 0x1004  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:27:17.0096 0x1004  Sidebar - ok
07:27:17.0121 0x1004  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:27:17.0124 0x1004  mctadmin - ok
07:27:17.0151 0x1004  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:27:17.0169 0x1004  Sidebar - ok
07:27:17.0173 0x1004  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:27:17.0175 0x1004  mctadmin - ok
07:27:17.0292 0x1004  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\fkurkowski\AppData\Local\Google\Update\GoogleUpdate.exe
07:27:17.0300 0x1004  Google Update - ok
07:27:17.0347 0x1004  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
07:27:17.0365 0x1004  Sidebar - ok
07:27:17.0514 0x1004  [ AD6DCFD133501CB1769642E8F9D417B2, 8641E48F97A704102ABC7C08F44F6803797A02679D95F9F1F515A57A7EF63AA8 ] C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
07:27:17.0571 0x1004  CAHeadless - ok
07:27:17.0902 0x1004  [ AD7F427545568437DF4344DF2B883252, E99C793437D78A1CCA005A2B0FFBF4EAAC85B4AF4CE94A8A5C3EDE31A6408401 ] C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
07:27:18.0170 0x1004  HLBackupScheduler - ok
07:27:18.0268 0x1004  [ 9472FA7FAB93A8B327F97A16DB1CC0EF, 5BAA4E25E1B238F535CCD7ABFF25217159EB8AFE483339538064F4B54954DA86 ] C:\Users\fkurkowski\AppData\Local\Citrix\GoToMeeting\1350\g2mstart.exe
07:27:18.0272 0x1004  GoToMeeting - ok
07:27:18.0328 0x1004  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:27:18.0347 0x1004  Sidebar - ok
07:27:18.0351 0x1004  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:27:18.0354 0x1004  mctadmin - ok
07:27:18.0354 0x1004  Waiting for KSN requests completion. In queue: 143
07:27:19.0410 0x1004  Win FW state via NFP2: enabled
07:27:19.0666 0x1004  ============================================================
07:27:19.0666 0x1004  Scan finished
07:27:19.0666 0x1004  ============================================================
07:27:19.0685 0x173c  Detected object count: 0
07:27:19.0686 0x173c  Actual detected object count: 0



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 16 October 2014 - 09:09 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 fecomputerproblems

fecomputerproblems
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:37 PM

Posted 16 October 2014 - 10:28 PM

Hello Marius -

I'm not sure what cracked software is and I don't go illegal sites so I'm not sure how this happened.  I will remove the cracked sofware, just not sure what program(s) that I am to remove. Can you please help me out with which I am to remove?

Thank you!      



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 17 October 2014 - 07:22 AM

Your logs show some modifications indicating that your Adobe Elementes software is pirated.

Please uninstall it and proceed:

 

Please rescan with FRST (create a new addition.txt as well) and post the logs.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:37 PM

Posted 07 November 2014 - 03:17 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users