Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit infection -- trying to fix for days and haven't got it. Need your help!


  • This topic is locked This topic is locked
8 replies to this topic

#1 SylviaGamut

SylviaGamut

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 21 November 2014 - 03:16 PM

Hello, all. I started noticing some serious slowdowns on my computer after I wrongly clicked "Yes" on a UAC window for a file called "UpdateFlash_[number].exe." After that, I've been getting popups galore from my virus scanner saying that it caught malware (these are what it's found and failed to remove over the past few days: GoFileExpress, Miuref.F, CeeInject.gen!KK, Zbot, Simda, Fareit) but never actually removes them. I've scanned with MBAM, MBAR, and even tried removing it with HJT but alas, nothing has worked.

 

The requested logs have been attached. Looking forward to, hopefuly, getting this resolved.

 

I've been following these forums for years and this is my first time asking for help. Thank you in advance in addition to a thank you for many years of excellence in virus remedy. :)

Attached Files



BC AdBot (Login to Remove)

 


#2 SylviaGamut

SylviaGamut
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 24 November 2014 - 06:18 PM

Hey, all. I hate to bump this but I see replies to many other threads but not to this one. Hope to hear from someone soon. Thanks again.



#3 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:16 AM

Posted 25 November 2014 - 11:30 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

Step 2

Please download 51a612a8b27e2-Zoek.pngZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    process;
    services-list;
    systemspecs;
    startupall;
    filesrcm;
    
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#4 SylviaGamut

SylviaGamut
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 25 November 2014 - 01:51 PM

Hello there, Jürgen! First, just wanted to say thank you for taking this on and helping me. Below are the requested logs:

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Genisis500 (administrator) on GENISIS500-PC on 25-11-2014 13:34:32
Running from C:\Users\Genisis500\Desktop
Loaded Profile: Genisis500 (Available profiles: Genisis500)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Flux Software LLC) C:\Users\Genisis500\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Users\Genisis500\Desktop\zoek.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-03-23] (Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Exoqwuha] => "C:\Users\Genisis500\AppData\Roaming\Xuicizh\deomi.exe"
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-198698907-49236215-1103578316-1000\...\Run: [F.lux] => C:\Users\Genisis500\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-198698907-49236215-1103578316-1000\...\Run: [Ewtion] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Genisis500\AppData\Local\YhlPack\HPScanTRDrv.dll
HKU\S-1-5-21-198698907-49236215-1103578316-1000\...\Run: [Odics] => regsvr32.exe C:\Users\Genisis500\AppData\Local\Odics\CNBP_234.DLL <===== ATTENTION
HKU\S-1-5-21-198698907-49236215-1103578316-1000\...\Policies\Explorer: [Run] "C:\Users\Genisis500\AppData\Roaming\Microsoft\Windows\IEUpdate\newdev.exe"
Startup: C:\Users\Genisis500\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AodbeARMHelper.exe ()
Startup: C:\Users\Genisis500\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\autoopen.txt - Shortcut.lnk
ShortcutTarget: autoopen.txt - Shortcut.lnk -> C:\Users\Genisis500\Desktop\autoopen.txt ()
Startup: C:\Users\Genisis500\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-198698907-49236215-1103578316-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-198698907-49236215-1103578316-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-198698907-49236215-1103578316-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-198698907-49236215-1103578316-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-198698907-49236215-1103578316-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-198698907-49236215-1103578316-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1D529FA8-3ED6-4E8E-88A6-8DC154B04170}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{40A7684C-2CF9-4755-A961-1D5BF0A5595E}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{599059AE-D5FA-4128-B9CC-4BFF45110B21}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{5BBC5677-3FD1-4442-8803-5D78D26A7989}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{6AA51989-7EC0-4694-9905-F1967DA08318}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{BF33BD5A-2E5A-4E68-91FE-1E4E8949C037}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{F68AA3EC-2E1F-4E4B-83EF-2788DD3AB1DA}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan
FF Homepage: hxxp://www.ebay.com/sch/aasilverlining/m.html?item=310902861232&pt=Vintage_Costume_Jewelry&hash=item4863412db0&rt=nc&LH_BIN=1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\aliexpresscom.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\extratorrentcom-torrent-search.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\gunbrokercom.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\kickasstorrents.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\lastfm---all-music.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\seedpeer-torrent-search.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\the-pirate-bay.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\torlock.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\searchplugins\torrentz-search.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\searchplugins\amazon-search-suggestions.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\searchplugins\kickasstorrents.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\searchplugins\the-pirate-bay.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\searchplugins\youtube-video-search.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\zelfzn1l.GEN GEN\searchplugins\imdb.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\zelfzn1l.GEN GEN\searchplugins\kickasstorrents.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\zelfzn1l.GEN GEN\searchplugins\the-pirate-bay.xml
FF SearchPlugin: C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\zelfzn1l.GEN GEN\searchplugins\torrentz-search.xml
FF Extension: Xmarks - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\foxmarks@kei.com [2014-10-08]
FF Extension: LavaFox V2 - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\info@djzig.com [2014-10-24]
FF Extension: YouTube Unblocker - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-05]
FF Extension: OpenDownload² - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{210249CE-F888-11DD-B868-4CB456D89593} [2014-10-08]
FF Extension: IDMRemoteServer_PSFactory - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{3A2DBF38-1C37-9F2C-FCAA-54D8E41BD2CF} [2014-11-11]
FF Extension: Flashblock - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-04-21]
FF Extension: Memory Fox - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} [2014-04-19]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-06-08]
FF Extension: Auto Reload - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\autoreload@yz.com.xpi [2014-04-19]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-06-08]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2013-11-17]
FF Extension: Firefox 2 theme for Firefox 4+ - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\ffe_ff2ff4@game-point.net.xpi [2012-07-23]
FF Extension: AliExpress black list - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\jid0-yemUxfXL11KsYRaaiOvHLGJ1xpg@jetpack.xpi [2013-07-30]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2014-05-13]
FF Extension: Netscape Navigator Nostalgia - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\Netscape@gideas.xpi [2014-05-13]
FF Extension: NoSquint - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\nosquint@urandom.ca.xpi [2012-06-08]
FF Extension: Personas Plus - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\personas@christopher.beard.xpi [2012-06-28]
FF Extension: Restartless Restart - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\restartless.restart@erikvold.com.xpi [2014-04-14]
FF Extension: ShareMeNot - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\sharemenot@franziroesner.com.xpi [2012-09-26]
FF Extension: Winstripe Toolbar Icons - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\winstripe@largrizzly.xpi [2012-10-15]
FF Extension: Netfox - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{269e35b1-cdde-11de-8a39-0800200c9a67}.xpi [2014-05-13]
FF Extension: LittleFox - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{29852C08-1E91-4889-A6BF-C77F91D6A8F3}.xpi [2013-03-08]
FF Extension: Black Youtube Theme - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi [2013-04-22]
FF Extension: AniWeather - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2012-06-08]
FF Extension: Stylish - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2012-07-20]
FF Extension: Stratini Super - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{8479ade0-2eec-11de-8c30-0800200c9a66}.xpi [2012-07-20]
FF Extension: StumbleUpon - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2012-06-12]
FF Extension: FOXSCAPE - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{da7f40f0-8675-11db-b606-0800200c9a66}.xpi [2012-06-28]
FF Extension: DownThemAll! - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-05-01]
FF Extension: Mosaic-Fox - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{f9bddc00-152b-11de-8c30-0800200c9a66}.xpi [2012-08-07]
FF Extension: {fbfe1b2a-e788-4a82-b556-c454f23787b6} - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{fbfe1b2a-e788-4a82-b556-c454f23787b6}.xpi [2014-11-12]
FF Extension: Adblock Edge - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\5dpvpdro.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013-08-12]
FF Extension: HTTPS-Everywhere - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\https-everywhere@eff.org [2014-11-14]
FF Extension: YouTube Unblocker - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\youtubeunblocker@unblocker.yt [2014-11-14]
FF Extension: OpenDownload² - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\{210249CE-F888-11DD-B868-4CB456D89593} [2014-07-30]
FF Extension: IDMRemoteServer_PSFactory - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\{3A2DBF38-1C37-9F2C-FCAA-54D8E41BD2CF} [2014-11-11]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\2.0@disconnect.me.xpi [2014-04-19]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\adblockpopups@jessehakanen.net.xpi [2014-04-19]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\elemhidehelper@adblockplus.org.xpi [2014-04-19]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2014-09-15]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2014-09-15]
FF Extension: ProxTube - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\ich@maltegoetz.de.xpi [2014-09-15]
FF Extension: Easy YouTube to MP3 Converter - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi [2014-09-15]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2014-09-15]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\mp4downloader@jeff.net.xpi [2014-09-15]
FF Extension: NoSquint - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\nosquint@urandom.ca.xpi [2014-04-19]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\sharemenot@franziroesner.com.xpi [2014-04-19]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\YouTubeAutoReplay@arikv.com.xpi [2014-09-15]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-09-15]
FF Extension: Black Youtube Theme - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi [2014-09-15]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2014-04-22]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\{b9bfaf1c-a63f-47cd-0829-29526ced3775}.xpi [2014-09-15]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-09-15]
FF Extension: Adblock Edge - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\q2j2ppwe.Rebecca O'Ryan\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-04-19]
FF Extension: IDMRemoteServer_PSFactory - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\zelfzn1l.GEN GEN\Extensions\{3A2DBF38-1C37-9F2C-FCAA-54D8E41BD2CF} [2014-11-11]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\zelfzn1l.GEN GEN\Extensions\nosquint@urandom.ca.xpi [2014-09-09]
FF Extension: No Name - C:\Users\Genisis500\AppData\Roaming\Mozilla\Firefox\Profiles\zelfzn1l.GEN GEN\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-14]

Chrome:
=======
CHR Profile: C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (IDMRemoteServer_PSFactory) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-11-11]
CHR Extension: (Google Docs) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25]
CHR Extension: (Google Drive) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-30]
CHR Extension: (YouTube) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-25]
CHR Extension: (Google Search) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-25]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-06-25]
CHR Extension: (Google Wallet) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25]
CHR Extension: (Gmail) - C:\Users\Genisis500\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [152872 2014-08-11] (Sophos Limited)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DIRECTIO; \??\c:\BIT_TEMP\DirectIo.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 13:34 - 2014-11-25 13:35 - 00025340 _____ () C:\Users\Genisis500\Desktop\FRST.txt
2014-11-25 13:33 - 2014-11-25 13:33 - 01294848 _____ () C:\Users\Genisis500\Desktop\zoek.exe
2014-11-25 13:33 - 2014-11-25 13:33 - 00000002 _____ () C:\runcheck.txt
2014-11-25 13:33 - 2014-11-25 13:33 - 00000000 ____D () C:\zoek_backup
2014-11-25 13:27 - 2014-11-25 13:27 - 02118144 _____ (Farbar) C:\Users\Genisis500\Desktop\FRST64.exe
2014-11-25 02:19 - 2014-11-25 02:19 - 00000000 ____D () C:\ProgramData\Sophos
2014-11-25 02:18 - 2014-11-25 02:18 - 00003229 _____ () C:\Users\Genisis500\Desktop\Sophos Virus Removal Tool.lnk
2014-11-25 02:18 - 2014-11-25 02:18 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-11-25 02:17 - 2014-11-25 02:17 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-11-25 02:12 - 2014-11-25 02:12 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-11-25 01:25 - 2014-11-25 01:25 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-21 15:14 - 2014-11-21 15:14 - 00024590 _____ () C:\Users\Genisis500\Desktop\attach.txt
2014-11-21 15:14 - 2014-11-21 15:13 - 00027134 _____ () C:\Users\Genisis500\Desktop\dds.txt
2014-11-20 22:30 - 2014-11-20 22:30 - 00000000 __SHD () C:\found.002
2014-11-20 19:12 - 2014-11-20 19:12 - 00027184 _____ () C:\ComboFix.txt
2014-11-20 16:52 - 2014-11-20 16:52 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2014-11-20 16:51 - 2014-11-20 16:52 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\Popcorn Time
2014-11-20 16:24 - 2014-11-20 16:24 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\app
2014-11-20 12:37 - 2014-11-20 12:39 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-11-20 12:37 - 2014-11-20 12:37 - 00001029 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-11-20 12:37 - 2014-11-20 12:37 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\pdfforge
2014-11-20 12:37 - 2014-11-20 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-11-20 12:37 - 2014-09-23 09:43 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-11-20 12:37 - 2014-09-23 09:43 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-11-20 12:37 - 2014-09-23 09:43 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-11-18 19:53 - 2014-11-21 15:17 - 00000300 _____ () C:\Users\Genisis500\Desktop\autoopen.txt
2014-11-18 15:46 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 15:46 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 15:46 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 15:46 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 15:26 - 2014-11-18 15:26 - 00000000 __SHD () C:\Users\Genisis500\AppData\Local\EmieBrowserModeList
2014-11-16 20:16 - 2014-11-16 20:16 - 00000000 ____D () C:\found.001
2014-11-16 19:48 - 2014-11-20 19:12 - 00000000 ____D () C:\Qoobox
2014-11-16 19:48 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-16 19:48 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-16 19:48 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-16 19:48 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-16 19:48 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-16 19:48 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-16 19:48 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-16 19:48 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-16 18:47 - 2014-11-16 18:47 - 00000000 ____D () C:\Users\Genisis500\Desktop\_CANON.EXPORT
2014-11-16 18:45 - 2014-11-16 18:45 - 00003854 _____ () C:\Windows\System32\Tasks\Security Center Update - 1089867315
2014-11-16 18:45 - 2014-11-16 18:45 - 00003848 _____ () C:\Windows\System32\Tasks\Security Center Update - 2039375671
2014-11-16 18:44 - 2014-11-20 18:51 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\Xuicizh
2014-11-16 18:11 - 2014-11-16 19:42 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\TeamViewer
2014-11-16 17:59 - 2014-11-16 17:59 - 00001172 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-11-16 17:59 - 2014-11-16 17:59 - 00001160 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-11-16 17:59 - 2014-11-16 17:59 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-15 19:08 - 2014-11-15 19:08 - 00001999 _____ () C:\Users\Genisis500\Desktop\setup.txt - Shortcut.lnk
2014-11-15 18:45 - 2014-11-25 13:34 - 00000000 ____D () C:\FRST
2014-11-15 18:31 - 2014-11-16 19:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-15 02:10 - 2014-11-15 02:10 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-11-15 02:10 - 2014-11-15 02:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-11-15 02:10 - 2014-11-15 02:10 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-11-14 21:22 - 2014-11-14 21:26 - 191397776 _____ () C:\Users\Genisis500\Downloads\DNGConverter_8_6.exe
2014-11-14 20:19 - 2014-11-14 20:19 - 00003856 _____ () C:\Windows\System32\Tasks\Security Center Update - 861783080
2014-11-14 20:19 - 2014-11-14 20:19 - 00003848 _____ () C:\Windows\System32\Tasks\Security Center Update - 3640120770
2014-11-14 20:09 - 2014-11-14 21:08 - 00000000 ____D () C:\ProgramData\OituhCemdu
2014-11-14 19:31 - 2014-11-14 19:31 - 00000000 ____D () C:\found.000
2014-11-14 18:41 - 2014-11-14 18:41 - 00003852 _____ () C:\Windows\System32\Tasks\Security Center Update - 3513414540
2014-11-14 18:41 - 2014-11-14 18:41 - 00003852 _____ () C:\Windows\System32\Tasks\Security Center Update - 3300259618
2014-11-14 18:41 - 2014-11-14 18:41 - 00003850 _____ () C:\Windows\System32\Tasks\Security Center Update - 764573434
2014-11-12 20:47 - 2014-11-12 20:47 - 00000132 _____ () C:\Users\Genisis500\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-11-12 20:06 - 2014-11-12 20:06 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-12 11:29 - 2014-11-20 12:49 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\CANON_INC
2014-11-12 11:27 - 2014-11-12 11:27 - 00001135 _____ () C:\Users\Public\Desktop\Map Utility.lnk
2014-11-12 11:24 - 2014-11-12 11:24 - 00001190 _____ () C:\Users\Public\Desktop\ImageBrowser EX.lnk
2014-11-12 11:20 - 2014-11-14 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-11-12 11:20 - 2014-11-14 21:25 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-11-12 11:20 - 2014-11-12 11:20 - 00001195 _____ () C:\Users\Public\Desktop\Picture Style Editor.lnk
2014-11-12 11:20 - 2014-11-12 11:20 - 00001130 _____ () C:\Users\Public\Desktop\Digital Photo Professional.lnk
2014-11-12 11:20 - 2014-11-12 11:20 - 00001065 _____ () C:\Users\Public\Desktop\EOS Utility.lnk
2014-11-12 11:20 - 2014-11-12 11:20 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\Canon_Inc_IC
2014-11-12 11:13 - 2014-11-12 11:29 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\canon
2014-11-12 11:12 - 2014-11-12 11:12 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-11-12 11:05 - 2014-11-12 11:05 - 00000000 ____D () C:\Users\Genisis500\Documents\Adobe
2014-11-12 10:42 - 2014-11-12 10:42 - 00002077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.6 64-bit.lnk
2014-11-12 10:42 - 2014-11-12 10:42 - 00002057 _____ () C:\Users\Public\Desktop\Lightroom 5.6 64-bit.lnk
2014-11-12 09:56 - 2014-11-16 20:26 - 00000000 ____D () C:\Windows\erdnt
2014-11-12 08:24 - 2014-11-12 08:24 - 00006568 _____ () C:\Users\Genisis500\Desktop\JRT.txt
2014-11-12 08:22 - 2014-11-12 08:22 - 00000000 ____D () C:\Windows\ERUNT
2014-11-12 08:21 - 2014-11-12 08:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-12 02:36 - 2014-11-12 07:24 - 00000256 ____H () C:\ProgramData\@system3.att
2014-11-12 02:35 - 2014-11-12 07:24 - 00000520 _____ () C:\ProgramData\@system.temp
2014-11-12 02:35 - 2014-11-12 02:35 - 00000448 ____H () C:\Users\Genisis500\AppData\Roaming\麽鎒駓覜
2014-11-12 02:34 - 2014-11-14 21:08 - 00000000 ____D () C:\ProgramData\OavmOyzes
2014-11-12 00:19 - 2014-11-12 00:19 - 00003848 _____ () C:\Windows\System32\Tasks\Security Center Update - 2543356947
2014-11-12 00:19 - 2014-11-12 00:19 - 00003848 _____ () C:\Windows\System32\Tasks\Security Center Update - 1305412839
2014-11-11 23:41 - 2014-11-11 23:41 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
2014-11-11 23:40 - 2014-11-12 10:38 - 00000000 ____D () C:\Program Files\Adobe
2014-11-11 23:38 - 2014-11-11 23:38 - 00001205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
2014-11-11 23:34 - 2014-11-12 10:43 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-11 23:34 - 2014-11-11 23:34 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
2014-11-11 23:33 - 2014-11-14 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-11-11 23:33 - 2014-11-11 23:33 - 00001260 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2014-11-11 23:33 - 2014-11-11 23:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-11-11 23:31 - 2014-11-11 23:31 - 00001517 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2014-11-11 23:31 - 2014-11-11 23:31 - 00001351 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
2014-11-11 23:30 - 2014-11-11 23:30 - 00000999 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-11-11 23:26 - 2014-11-12 20:07 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\Adobe
2014-11-11 21:14 - 2014-11-12 01:11 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\NeuroProgrammer3
2014-11-11 21:14 - 2014-11-11 21:15 - 00000000 ____D () C:\ProgramData\Licenses
2014-11-11 21:14 - 2014-11-11 21:14 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\Spoon
2014-11-11 21:11 - 2014-11-11 21:26 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\NP3
2014-11-11 21:11 - 2014-11-11 21:17 - 00000000 ____D () C:\Program Files (x86)\Neuro-Programmer 3
2014-11-11 21:11 - 2014-11-11 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neuro-Programmer 3
2014-11-11 20:48 - 2014-11-11 20:48 - 01376768 _____ () C:\Users\Genisis500\Downloads\7z920-x64.msi
2014-11-11 20:48 - 2014-11-11 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-11-11 20:48 - 2014-11-11 20:48 - 00000000 ____D () C:\Program Files\7-Zip
2014-11-11 20:44 - 2014-11-11 20:44 - 00000050 _____ () C:\Users\Genisis500\Desktop\CCard.txt
2014-11-11 20:43 - 2014-11-11 20:43 - 00001502 _____ () C:\Users\Genisis500\.recently-used.xbel
2014-11-11 20:42 - 2014-11-20 18:51 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\YhlPack
2014-11-11 20:42 - 2014-11-18 15:27 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\Odics
2014-11-11 20:31 - 2014-11-11 20:32 - 00000000 ____D () C:\Program Files (x86)\Hosts File Editor
2014-11-11 20:31 - 2014-11-11 20:31 - 00003027 _____ () C:\Users\Genisis500\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hosts File Editor.lnk
2014-11-11 20:16 - 2014-11-15 18:31 - 00131800 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-11 20:16 - 2014-11-15 18:30 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-11 20:16 - 2014-11-11 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-11 20:16 - 2014-11-11 20:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-11 20:16 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-11 20:11 - 2014-11-20 19:11 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-11-11 20:08 - 2014-11-11 20:08 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\gtk-2.0
2014-11-11 20:05 - 2014-11-11 20:07 - 00000000 ____D () C:\Program Files (x86)\Gnaural
2014-11-11 20:05 - 2014-11-11 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnaural
2014-11-11 19:54 - 2014-11-11 19:54 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\qBittorrent
2014-11-11 19:54 - 2014-11-11 19:54 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\qBittorrent
2014-11-11 19:54 - 2014-11-11 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2014-11-11 19:54 - 2014-11-11 19:54 - 00000000 ____D () C:\Program Files (x86)\qBittorrent
2014-11-11 19:18 - 2014-11-11 19:23 - 00000000 ____D () C:\burnin
2014-11-11 19:10 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:10 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:10 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:10 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:10 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:10 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:10 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:10 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:10 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:10 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:10 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:10 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:10 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:10 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:10 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:10 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:10 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:10 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:10 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:10 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:10 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:10 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:10 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:10 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:10 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:10 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:10 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:10 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:10 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:10 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:10 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:10 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:10 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:10 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:10 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:10 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:10 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:10 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:10 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:10 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:10 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:10 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:10 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:10 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:10 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:10 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:10 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:10 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:10 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:10 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:10 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:10 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:10 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:10 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:09 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:09 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:09 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:09 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:09 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:09 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:09 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:09 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:09 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:09 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:09 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:09 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:09 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:09 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:08 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:08 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:08 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:08 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:08 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:08 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:08 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:08 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:08 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:08 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:08 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:08 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:08 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:08 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:08 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:08 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:08 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:08 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:08 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:08 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:08 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:08 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:08 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:08 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:08 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:08 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 19:07 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:07 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:07 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:07 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 19:07 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:07 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:07 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-08 21:25 - 2014-11-08 21:29 - 00000000 ____D () C:\zsnes
2014-11-08 21:12 - 2014-11-08 21:12 - 00000000 ____D () C:\Users\Genisis500\Downloads\New folder (3)
2014-11-08 21:11 - 2014-11-08 21:11 - 00000000 ____D () C:\Users\Genisis500\Downloads\New folder (2)
2014-11-08 21:11 - 2014-11-08 21:11 - 00000000 ____D () C:\Users\Genisis500\Downloads\New folder
2014-11-05 18:05 - 2014-11-20 16:52 - 00002238 _____ () C:\Users\Genisis500\Desktop\Popcorn Time.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-25 13:26 - 2014-06-25 17:52 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-25 13:26 - 2013-09-22 18:34 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-25 13:22 - 2013-01-01 15:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-25 13:21 - 2011-12-05 23:58 - 01399711 _____ () C:\Windows\WindowsUpdate.log
2014-11-25 02:11 - 2012-06-07 21:06 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\Adobe
2014-11-25 02:04 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-25 02:04 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-25 01:58 - 2009-07-14 00:13 - 00797850 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-25 01:52 - 2012-06-07 20:52 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-11-25 01:52 - 2011-04-01 23:17 - 00949130 _____ () C:\Windows\PFRO.log
2014-11-25 01:52 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-25 01:52 - 2009-07-13 23:51 - 00158991 _____ () C:\Windows\setupact.log
2014-11-25 01:27 - 2014-04-12 15:41 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-11-24 22:19 - 2014-02-08 11:59 - 00000000 ____D () C:\Users\Genisis500\Desktop\Mega DCIM
2014-11-20 19:04 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-20 18:53 - 2009-07-14 00:08 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-20 16:27 - 2014-03-18 16:37 - 00000000 ____D () C:\Users\Genisis500\AppData\Local\Popcorn-Time
2014-11-16 20:50 - 2013-01-01 15:51 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-16 20:50 - 2012-06-12 06:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-16 20:50 - 2012-06-12 06:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-16 20:28 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Default
2014-11-16 19:38 - 2009-07-13 23:45 - 04861400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 18:08 - 2012-06-07 20:53 - 00076992 _____ () C:\Users\Genisis500\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-15 19:11 - 2009-07-29 00:20 - 00000000 ____D () C:\Windows\Log
2014-11-15 18:26 - 2013-08-12 16:45 - 00000000 ____D () C:\Users\Genisis500\.VirtualBox
2014-11-15 04:45 - 2011-12-06 00:22 - 00000000 ____D () C:\ProgramData\Temp
2014-11-15 02:03 - 2012-09-18 09:18 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-14 22:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-14 21:45 - 2014-05-11 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-14 21:37 - 2014-02-08 05:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-14 21:37 - 2012-06-12 06:01 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-14 21:35 - 2012-06-24 03:28 - 00000000 ____D () C:\Windows\pss
2014-11-14 20:07 - 2014-03-20 16:11 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-14 19:34 - 2012-06-07 20:52 - 00000000 ____D () C:\Users\Genisis500
2014-11-14 18:31 - 2013-09-22 18:34 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 18:31 - 2013-09-22 18:34 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 18:31 - 2013-09-22 18:34 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 02:04 - 2012-09-12 04:32 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-12 09:49 - 2012-06-27 08:51 - 00000000 ____D () C:\Windows\fr
2014-11-12 08:31 - 2014-04-14 16:23 - 00000000 ____D () C:\AdwCleaner
2014-11-12 08:31 - 2012-06-08 02:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 08:16 - 2013-09-21 23:03 - 00000000 ____D () C:\Users\Genisis500\Downloads\backups
2014-11-12 02:43 - 2009-07-13 21:34 - 00001497 __RSH () C:\Windows\system32\Drivers\etc\hosts.bak
2014-11-11 20:16 - 2012-06-24 03:32 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\Malwarebytes
2014-11-11 20:16 - 2012-06-24 03:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-11 19:50 - 2012-06-08 03:07 - 00000000 ____D () C:\Users\Genisis500\AppData\Roaming\uTorrent
2014-10-30 06:25 - 2013-09-21 23:36 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Genisis500\AppData\Local\Temp\7za.exe
C:\Users\Genisis500\AppData\Local\Temp\avgnt.exe
C:\Users\Genisis500\AppData\Local\Temp\hijackthis.exe
C:\Users\Genisis500\AppData\Local\Temp\NirCmd.exe
C:\Users\Genisis500\AppData\Local\Temp\PEVZ.EXE
C:\Users\Genisis500\AppData\Local\Temp\remove.exe
C:\Users\Genisis500\AppData\Local\Temp\sed.exe
C:\Users\Genisis500\AppData\Local\Temp\shortcut.exe
C:\Users\Genisis500\AppData\Local\Temp\swreg.exe
C:\Users\Genisis500\AppData\Local\Temp\swxcacls.exe
C:\Users\Genisis500\AppData\Local\Temp\tmp7A55.exe
C:\Users\Genisis500\AppData\Local\Temp\wget.exe
C:\Users\Genisis500\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 00:06

==================== End Of Log ============================

 

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by Genisis500 at 2014-11-25 13:35:32
Running from C:\Users\Genisis500\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.0 - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.14 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.11.0.75 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.40.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.1.0.6 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.10.2 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.0.1.3 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.20.0 - Canon Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
f.lux (HKU\S-1-5-21-198698907-49236215-1103578316-1000\...\Flux) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gnaural ver. 1.0.20110606 (HKLM-x32\...\Gnaural_is1) (Version:  - Bret Logan)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Greenshot 1.1.8.35 (HKLM\...\Greenshot_is1) (Version: 1.1.8.35 - Greenshot)
Hosts File Editor (HKLM-x32\...\{EC9CF3E9-3C14-43D6-B9D0-5B4232926FAC}) (Version: 1.0.0 - Scott Lerch)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2405 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{5F02C14D-A630-4771-8409-0BA89FCCA8D6}) (Version: 10.0.0.68 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.3.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Neuro-Programmer 3.2.6 (HKLM-x32\...\Neuro-Programmer 3_is1) (Version:  - Transparent Corporation)
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.)
qBittorrent 3.1.11 (HKLM-x32\...\qBittorrent) (Version: 3.1.11 - The qBittorrent project)
QuickTime (HKLM-x32\...\{EB900AF8-CC61-4E15-871B-98D1EA3E8025}) (Version: 7.67.75.0 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.3 - Sophos Limited)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.3.2 - Krzysztof Kowalczyk)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
WinDirStat 1.1.2 (HKU\S-1-5-21-198698907-49236215-1103578316-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

25-11-2014 07:15:34 Installed Sophos Virus Removal Tool.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-11-20 19:11 - 00001509 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
212.47.195.214 www.google-analytics.com.
212.47.195.214 google-analytics.com.
212.47.195.214 connect.facebook.net.
95.141.32.73 www.google-analytics.com.
95.141.32.73 google-analytics.com.
95.141.32.73 connect.facebook.net.
195.162.69.253 www.google-analytics.com.
195.162.69.253 google-analytics.com.
195.162.69.253 connect.facebook.net.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02CD3943-4119-4188-B421-3EE7758590C5} - System32\Tasks\Security Center Update - 1305412839 => C:\Users\Genisis500\AppData\Roaming\Uxixfoy\kiimm.exe <==== ATTENTION
Task: {0990CB7C-837B-4453-B202-C983807A13FF} - System32\Tasks\Security Center Update - 764573434 => C:\Users\Genisis500\AppData\Roaming\Voixqux\inruxi.exe <==== ATTENTION
Task: {122291E6-0A2F-401C-8BAA-D40534CD4487} - System32\Tasks\Security Center Update - 861783080 => C:\Users\Genisis500\AppData\Roaming\Peafnoed\ozakxeu.exe <==== ATTENTION
Task: {1D8F5DDA-0686-4145-BDCD-D183A38BE559} - System32\Tasks\Security Center Update - 3300259618 => C:\Users\Genisis500\AppData\Roaming\Upoqoro\ubynley.exe <==== ATTENTION
Task: {3491E359-21DC-4D35-9957-DFCC2FB625B0} - System32\Tasks\Security Center Update - 3640120770 => C:\Users\Genisis500\AppData\Roaming\Zaziehi\kopin.exe <==== ATTENTION
Task: {34A42986-1D79-4D2D-93CD-10FAC885F2FF} - System32\Tasks\Security Center Update - 1089867315 => C:\Users\Genisis500\AppData\Roaming\Unuwfapu\qiypre.exe <==== ATTENTION
Task: {73E2375D-15DC-402A-8621-446C261BB721} - System32\Tasks\Security Center Update - 2543356947 => C:\Users\Genisis500\AppData\Roaming\Lioxhu\buevpez.exe <==== ATTENTION
Task: {8062E766-34D6-4A3E-AB11-25EF5FC01C0C} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {81226F3F-C408-4E43-ABA0-57277A6F9DB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-22] (Google Inc.)
Task: {937E7634-FCDE-404B-A61F-30D5FA11A07E} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {B5D0CEC1-2E6E-4F63-893E-2D13E9D523F6} - System32\Tasks\Security Center Update - 2039375671 => C:\Users\Genisis500\AppData\Roaming\Xuicizh\deomi.exe <==== ATTENTION
Task: {C1AC475E-166F-459B-A702-C1552CED599F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-16] (Adobe Systems Incorporated)
Task: {D14E5C8E-23CE-4E17-A768-BCDB12D976F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-22] (Google Inc.)
Task: {E56C4EB1-3557-4FBF-AE67-8B0FAEBD65E2} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {F6719229-977C-4DD4-BDC0-7FA1A07E95A1} - System32\Tasks\Security Center Update - 3513414540 => C:\Users\Genisis500\AppData\Roaming\Kyodsoga\ifevu.exe <==== ATTENTION
Task: {FE9CFD9C-888B-4B25-AF20-FE73B67FBB91} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-03-07] (ASUS)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-11 20:10 - 2014-11-11 20:10 - 03507200 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2014-11-11 20:10 - 2014-11-11 20:10 - 02688512 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-04-02 22:21 - 2008-10-01 02:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-11-25 13:33 - 2014-11-25 13:33 - 01294848 _____ () C:\Users\Genisis500\Desktop\zoek.exe
2014-11-18 15:27 - 2014-11-18 15:27 - 00926720 _____ () C:\Users\Genisis500\AppData\Local\Odics\CNBP_234.DLL
2014-11-18 15:25 - 2014-11-18 15:26 - 00868864 _____ () C:\Users\Genisis500\AppData\Local\YhlPack\HPScanTRDrv.dll
2014-08-19 10:41 - 2014-08-19 10:41 - 00507904 _____ () C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2014-11-12 08:21 - 2014-11-12 08:21 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:157E1AD3

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Amsp => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: Partner Service => 3
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TiMiniService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk => C:\Windows\pss\ImageBrowser EX Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Genisis500^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^diskpart.lnk => C:\Windows\pss\diskpart.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Genisis500^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FlashPlayerApp.lnk => C:\Windows\pss\FlashPlayerApp.lnk.Startup
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Ewtion => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Genisis500\AppData\Local\YhlPack\vorbisMouseMusic.dll
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
MSCONFIG\startupreg: Odics => regsvr32.exe C:\Users\Genisis500\AppData\Local\Odics\SmartMobileBox8.dll
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SearchProtect => C:\Users\Genisis500\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
MSCONFIG\startupreg: Trend Micro Titanium => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"
MSCONFIG\startupreg: VizorHtmlDialog.exe => "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MSCONFIG\startupreg: YhlPack => C:\Users\Genisis500\AppData\Local\YhlPack\tmpCF27.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-198698907-49236215-1103578316-500 - Administrator - Disabled)
Genisis500 (S-1-5-21-198698907-49236215-1103578316-1000 - Administrator - Enabled) => C:\Users\Genisis500
Guest (S-1-5-21-198698907-49236215-1103578316-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-198698907-49236215-1103578316-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2014 07:05:18 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/21/2014 03:39:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/20/2014 10:40:49 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (1808) WebCacheLocal: Database recovery/restore failed with unexpected error -344.

Error: (11/20/2014 10:40:49 PM) (Source: ESENT) (EventID: 492) (User: )
Description: taskhost (1808) WebCacheLocal: The logfile sequence in "C:\Users\Genisis500\AppData\Local\Microsoft\Windows\WebCache\" has been halted due to a fatal error.  No further updates are possible for the databases that use this logfile sequence.  Please correct the problem and restart or restore from backup.

Error: (11/20/2014 10:40:49 PM) (Source: ESENT) (EventID: 471) (User: )
Description: taskhost (1808) WebCacheLocal: Unable to rollback operation #117647 on database C:\Users\Genisis500\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat. Error: -344. All future database updates will be rejected.

Error: (11/20/2014 06:05:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/20/2014 00:27:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/16/2014 07:23:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program lightroom.exe version 5.6.0.10 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 10fc

Start Time: 01d001f225706613

Termination Time: 15366

Application Path: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe

Report Id: 6022d669-6def-11e4-bbbd-84a79d2445c1

Error: (11/16/2014 07:00:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: deomi.exe, version: 4.40.64876.38005, time stamp: 0x54490412
Faulting module name: mshtml.dll, version: 11.0.9600.17420, time stamp: 0x545ae63c
Exception code: 0xc0000005
Fault offset: 0x000b2fb7
Faulting process id: 0x1a04
Faulting application start time: 0xdeomi.exe0
Faulting application path: deomi.exe1
Faulting module path: deomi.exe2
Report Id: deomi.exe3

Error: (11/16/2014 06:57:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: deomi.exe, version: 4.40.64876.38005, time stamp: 0x54490412
Faulting module name: jscript9.dll, version: 11.0.9600.17420, time stamp: 0x545adb1b
Exception code: 0xc0000005
Fault offset: 0x0010ed2d
Faulting process id: 0xc68
Faulting application start time: 0xdeomi.exe0
Faulting application path: deomi.exe1
Faulting module path: deomi.exe2
Report Id: deomi.exe3


System errors:
=============
Error: (11/25/2014 01:22:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SophosVirusRemovalTool service.

Error: (11/25/2014 01:21:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (11/25/2014 01:52:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:50:32 AM on ‎11/‎25/‎2014 was unexpected.

Error: (11/24/2014 10:23:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/24/2014 10:22:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer9 service.

Error: (11/24/2014 10:19:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/24/2014 06:09:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (11/21/2014 03:03:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %%8604.6.0305.01.189.333.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.11202.00x80240016An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 2%%853http://www.microsoft.com

Error: (11/21/2014 03:03:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %%8604.6.0305.01.189.333.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.11202.00x80240016An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 3%%854http://www.microsoft.com

Error: (11/21/2014 03:03:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %%8604.6.0305.01.189.333.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.11202.00x80240016An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 3%%854http://www.microsoft.com


Microsoft Office Sessions:
=========================
Error: (11/24/2014 07:05:18 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/21/2014 03:39:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/20/2014 10:40:49 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost1808WebCacheLocal: -344

Error: (11/20/2014 10:40:49 PM) (Source: ESENT) (EventID: 492) (User: )
Description: taskhost1808WebCacheLocal: C:\Users\Genisis500\AppData\Local\Microsoft\Windows\WebCache\

Error: (11/20/2014 10:40:49 PM) (Source: ESENT) (EventID: 471) (User: )
Description: taskhost1808WebCacheLocal: 117647C:\Users\Genisis500\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-344

Error: (11/20/2014 06:05:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/20/2014 00:27:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/16/2014 07:23:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: lightroom.exe5.6.0.1010fc01d001f22570661315366C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe6022d669-6def-11e4-bbbd-84a79d2445c1

Error: (11/16/2014 07:00:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: deomi.exe4.40.64876.3800554490412mshtml.dll11.0.9600.17420545ae63cc0000005000b2fb71a0401d001f932b861b3C:\Users\Genisis500\AppData\Roaming\Xuicizh\deomi.exeC:\Windows\SysWOW64\mshtml.dllbaa61942-6dec-11e4-bbbd-84a79d2445c1

Error: (11/16/2014 06:57:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: deomi.exe4.40.64876.3800554490412jscript9.dll11.0.9600.17420545adb1bc00000050010ed2dc6801d001f7e9fe65fcC:\Users\Genisis500\AppData\Roaming\Xuicizh\deomi.exeC:\Windows\SysWOW64\jscript9.dll5856087d-6dec-11e4-bbbd-84a79d2445c1


CodeIntegrity Errors:
===================================
  Date: 2014-11-20 19:02:39.658
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-20 19:02:39.471
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-20 19:02:39.299
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-20 19:02:39.127
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-18 20:02:37.841
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-18 20:02:37.700
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-18 20:02:37.544
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-18 20:02:37.388
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-16 20:03:46.532
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-16 20:03:46.376
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 72%
Total physical RAM: 4000.13 MB
Available physical RAM: 1093.26 MB
Total Pagefile: 7998.44 MB
Available Pagefile: 5873.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:195.36 GB) (Free:13.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:231.34 GB) (Free:57.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 81C61165)
Partition 1: (Not Active) - (Size=39.1 GB) - (Type=1C)
Partition 2: (Active) - (Size=195.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=231.3 GB) - (Type=05)

==================== End Of Log ============================

 

ZOEK

I have run this multiple times and rebooted but it does not create a log. I have searched my PC for zoek*.* and the only thing that comes up is the zoek.exe application itself. What should I do?

Thanks again, Jürgen!



#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:16 AM

Posted 25 November 2014 - 01:56 PM

Hi there,
please skip the Zoek scan.
 
warning.gif Malware Warning

All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums from a CLEAN COMPUTER.
 
 
warning.gif P2P warning

Going over your logs I noticed that you have µTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via  hidden2.png > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.
  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.
tdss.gif

Edited by deeprybka, 25 November 2014 - 02:01 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 SylviaGamut

SylviaGamut
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:16 AM

Posted 25 November 2014 - 02:39 PM

I decided to reboot the computer again and opened zoek.exe. It is still running after starting it almost 20 minutes ago. If/when it finishes, would you still like the log?

 

TDSSKiller_*.log (Part 1 of 2)

14:29:24.0496 0x0328  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
14:29:29.0241 0x0328  ============================================================
14:29:29.0241 0x0328  Current date / time: 2014/11/25 14:29:29.0241
14:29:29.0241 0x0328  SystemInfo:
14:29:29.0241 0x0328  
14:29:29.0241 0x0328  OS Version: 6.1.7601 ServicePack: 1.0
14:29:29.0241 0x0328  Product type: Workstation
14:29:29.0242 0x0328  ComputerName: GENISIS500-PC
14:29:29.0243 0x0328  UserName: Genisis500
14:29:29.0243 0x0328  Windows directory: C:\Windows
14:29:29.0243 0x0328  System windows directory: C:\Windows
14:29:29.0243 0x0328  Running under WOW64
14:29:29.0243 0x0328  Processor architecture: Intel x64
14:29:29.0243 0x0328  Number of processors: 4
14:29:29.0243 0x0328  Page size: 0x1000
14:29:29.0243 0x0328  Boot type: Normal boot
14:29:29.0243 0x0328  ============================================================
14:29:30.0181 0x0328  KLMD registered as C:\Windows\system32\drivers\83762853.sys
14:29:30.0953 0x0328  System UUID: {9C219E0C-7B75-1C77-BA34-2C1C8F62D476}
14:29:32.0024 0x0328  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:29:32.0029 0x0328  Drive \Device\Harddisk1\DR1 - Size: 0x1D2400000 ( 7.29 Gb ), SectorSize: 0x200, Cylinders: 0x3B7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:29:32.0032 0x0328  ============================================================
14:29:32.0032 0x0328  \Device\Harddisk0\DR0:
14:29:32.0032 0x0328  MBR partitions:
14:29:32.0032 0x0328  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x4E22CEC, BlocksNum 0x186B5E1E
14:29:32.0055 0x0328  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D4D8B49, BlocksNum 0x1CEAC0F8
14:29:32.0055 0x0328  \Device\Harddisk1\DR1:
14:29:32.0057 0x0328  MBR partitions:
14:29:32.0057 0x0328  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xE90000
14:29:32.0057 0x0328  ============================================================
14:29:32.0287 0x0328  C: <-> \Device\Harddisk0\DR0\Partition1
14:29:32.0354 0x0328  D: <-> \Device\Harddisk0\DR0\Partition2
14:29:32.0354 0x0328  ============================================================
14:29:32.0354 0x0328  Initialize success
14:29:32.0354 0x0328  ============================================================
14:30:56.0397 0x1588  ============================================================
14:30:56.0397 0x1588  Scan started
14:30:56.0397 0x1588  Mode: Manual; SigCheck; TDLFS;
14:30:56.0397 0x1588  ============================================================
14:30:56.0397 0x1588  KSN ping started
14:30:59.0096 0x1588  KSN ping finished: true
14:31:09.0314 0x1588  ================ Scan system memory ========================
14:31:09.0314 0x1588  System memory - ok
14:31:09.0314 0x1588  ================ Scan services =============================
14:31:09.0860 0x1588  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:31:10.0063 0x1588  1394ohci - ok
14:31:10.0203 0x1588  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:31:10.0266 0x1588  ACPI - ok
14:31:10.0328 0x1588  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:31:10.0515 0x1588  AcpiPmi - ok
14:31:10.0921 0x1588  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:31:10.0936 0x1588  AdobeFlashPlayerUpdateSvc - ok
14:31:11.0139 0x1588  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:31:11.0170 0x1588  adp94xx - ok
14:31:11.0233 0x1588  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:31:11.0264 0x1588  adpahci - ok
14:31:11.0373 0x1588  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:31:11.0389 0x1588  adpu320 - ok
14:31:11.0451 0x1588  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:31:12.0450 0x1588  AeLookupSvc - ok
14:31:12.0590 0x1588  [ 6E79A119B0CE418FE44E0C824BF3F039, 7C7E8ED41EFCDB20C1A0C038BB6C53CDBE6709E3573C8A93B4059C0CD08759EB ] AFBAgent        C:\Windows\system32\FBAgent.exe
14:31:12.0637 0x1588  AFBAgent - ok
14:31:12.0902 0x1588  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
14:31:13.0011 0x1588  AFD - ok
14:31:13.0089 0x1588  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:31:13.0105 0x1588  agp440 - ok
14:31:13.0245 0x1588  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:31:13.0354 0x1588  ALG - ok
14:31:13.0448 0x1588  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:31:13.0464 0x1588  aliide - ok
14:31:13.0495 0x1588  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:31:13.0510 0x1588  amdide - ok
14:31:13.0573 0x1588  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:31:15.0679 0x1588  AmdK8 - ok
14:31:17.0738 0x1588  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:31:17.0847 0x1588  AmdPPM - ok
14:31:17.0925 0x1588  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:31:17.0941 0x1588  amdsata - ok
14:31:18.0003 0x1588  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:31:18.0019 0x1588  amdsbs - ok
14:31:18.0097 0x1588  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:31:18.0112 0x1588  amdxata - ok
14:31:18.0253 0x1588  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
14:31:19.0922 0x1588  AppID - ok
14:31:20.0000 0x1588  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:31:20.0140 0x1588  AppIDSvc - ok
14:31:20.0250 0x1588  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:31:20.0390 0x1588  Appinfo - ok
14:31:20.0608 0x1588  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:31:20.0624 0x1588  arc - ok
14:31:20.0702 0x1588  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:31:20.0702 0x1588  arcsas - ok
14:31:20.0889 0x1588  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
14:31:20.0905 0x1588  ASLDRService - ok
14:31:20.0983 0x1588  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
14:31:20.0998 0x1588  ASMMAP64 - ok
14:31:21.0108 0x1588  [ 0AA7A996792FB0287B33A57A8093AE44, 41894F055F3CDA05794FC46E1F2C59979D1DAF7602F44E4ADF6347E199B8137C ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
14:31:21.0232 0x1588  asmthub3 - ok
14:31:21.0357 0x1588  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC, FEFF8C37CD688F39C8E341F8BF7A712AA8C0F431B064E07C3EA66A96250D855B ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
14:31:21.0576 0x1588  asmtxhci - ok
14:31:21.0810 0x1588  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:31:21.0934 0x1588  aspnet_state - ok
14:31:22.0044 0x1588  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:31:22.0153 0x1588  AsyncMac - ok
14:31:22.0262 0x1588  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:31:22.0293 0x1588  atapi - ok
14:31:22.0652 0x1588  [ DE9FB3DADE8FD39AE2C587DF22D36B8E, 5315448D41661E625D51330E689139E914E7173DF1F8593C9F81ABC959F5F85D ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:31:22.0917 0x1588  athr - ok
14:31:23.0042 0x1588  [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
14:31:23.0073 0x1588  ATKGFNEXSrv - ok
14:31:23.0151 0x1588  [ 1F7238A37389ED92E9D8EEE975CABD54, AFEE4B89A330C106651BB230920FC623813B075D2B75DFEDCC68A3207B291365 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
14:31:23.0167 0x1588  ATKWMIACPIIO - ok
14:31:23.0416 0x1588  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:31:23.0557 0x1588  AudioEndpointBuilder - ok
14:31:23.0588 0x1588  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:31:23.0619 0x1588  AudioSrv - ok
14:31:23.0697 0x1588  [ 528FFA0794B3A84413C35F149917105E, 42CC7CB752062D34C21A115E71B749BBFC22F74880AA1A14EB8C46FC87905BA3 ] AVEO            C:\Windows\system32\DRIVERS\AVEOdcnt.sys
14:31:23.0838 0x1588  AVEO - ok
14:31:24.0009 0x1588  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:31:24.0134 0x1588  AxInstSV - ok
14:31:24.0196 0x1948  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
14:31:24.0212 0x1588  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:31:24.0384 0x1588  b06bdrv - ok
14:31:24.0508 0x1588  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:31:24.0571 0x1588  b57nd60a - ok
14:31:24.0758 0x1588  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:31:24.0852 0x1588  BDESVC - ok
14:31:24.0976 0x1588  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:31:25.0070 0x1588  Beep - ok
14:31:25.0226 0x1588  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:31:25.0398 0x1588  BFE - ok
14:31:25.0554 0x1588  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
14:31:25.0897 0x1588  BITS - ok
14:31:25.0990 0x1588  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:31:26.0068 0x1588  blbdrive - ok
14:31:26.0162 0x1588  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:31:26.0256 0x1588  bowser - ok
14:31:26.0318 0x1588  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:31:26.0427 0x1588  BrFiltLo - ok
14:31:26.0490 0x1588  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:31:26.0552 0x1588  BrFiltUp - ok
14:31:26.0708 0x1588  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:31:26.0786 0x1588  BridgeMP - ok
14:31:26.0911 0x1588  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:31:27.0036 0x1588  Browser - ok
14:31:27.0114 0x1588  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:31:27.0176 0x1588  Brserid - ok
14:31:27.0192 0x1588  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:31:27.0223 0x1588  BrSerWdm - ok
14:31:27.0301 0x1948  Object send P2P result: true
14:31:27.0316 0x1588  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:31:27.0379 0x1588  BrUsbMdm - ok
14:31:27.0394 0x1588  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:31:27.0441 0x1588  BrUsbSer - ok
14:31:27.0535 0x1588  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:31:27.0847 0x1588  BthEnum - ok
14:31:27.0909 0x1588  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:31:27.0972 0x1588  BTHMODEM - ok
14:31:28.0034 0x1588  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:31:28.0112 0x1588  BthPan - ok
14:31:28.0284 0x1588  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:31:28.0393 0x1588  BTHPORT - ok
14:31:28.0518 0x1588  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:31:28.0611 0x1588  bthserv - ok
14:31:28.0689 0x1588  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:31:28.0767 0x1588  BTHUSB - ok
14:31:28.0861 0x1588  catchme - ok
14:31:28.0939 0x1588  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:31:29.0048 0x1588  cdfs - ok
14:31:29.0157 0x1588  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:31:29.0188 0x1588  cdrom - ok
14:31:29.0266 0x1588  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:31:29.0407 0x1588  CertPropSvc - ok
14:31:29.0469 0x1588  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:31:29.0500 0x1588  circlass - ok
14:31:29.0594 0x1588  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:31:29.0610 0x1588  CLFS - ok
14:31:29.0828 0x1588  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:31:29.0844 0x1588  clr_optimization_v2.0.50727_32 - ok
14:31:29.0968 0x1588  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:31:29.0984 0x1588  clr_optimization_v2.0.50727_64 - ok
14:31:30.0140 0x1588  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:31:30.0296 0x1588  clr_optimization_v4.0.30319_32 - ok
14:31:30.0343 0x1588  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:31:30.0655 0x1588  clr_optimization_v4.0.30319_64 - ok
14:31:30.0748 0x1588  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:31:30.0811 0x1588  CmBatt - ok
14:31:30.0873 0x1588  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:31:30.0889 0x1588  cmdide - ok
14:31:31.0045 0x1588  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:31:31.0216 0x1588  CNG - ok
14:31:31.0326 0x1588  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:31:31.0357 0x1588  Compbatt - ok
14:31:31.0435 0x1588  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:31:31.0528 0x1588  CompositeBus - ok
14:31:31.0591 0x1588  COMSysApp - ok
14:31:31.0622 0x1588  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:31:31.0622 0x1588  crcdisk - ok
14:31:31.0716 0x1588  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:31:31.0825 0x1588  CryptSvc - ok
14:31:31.0981 0x1588  [ E6CE7188CC47AE5DAFDAF552D370C52F, D68E48F137BF8C6CD0BE4248F9F9D7C68F273C34304641756A76364E915BF428 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
14:31:32.0012 0x1588  dc3d - ok
14:31:32.0184 0x1588  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:31:32.0246 0x1588  DcomLaunch - ok
14:31:32.0402 0x1588  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:31:32.0496 0x1588  defragsvc - ok
14:31:32.0589 0x1588  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:31:32.0698 0x1588  DfsC - ok
14:31:32.0823 0x1588  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:31:32.0964 0x1588  Dhcp - ok
14:31:33.0073 0x1588  DIRECTIO - ok
14:31:33.0135 0x1588  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:31:33.0260 0x1588  discache - ok
14:31:33.0354 0x1588  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:31:33.0385 0x1588  Disk - ok
14:31:33.0525 0x1588  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:31:33.0634 0x1588  Dnscache - ok
14:31:33.0697 0x1588  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:31:33.0759 0x1588  dot3svc - ok
14:31:33.0884 0x1588  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:31:33.0993 0x1588  DPS - ok
14:31:34.0087 0x1588  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:31:34.0165 0x1588  drmkaud - ok
14:31:34.0368 0x1588  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:31:34.0461 0x1588  DXGKrnl - ok
14:31:34.0602 0x1588  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:31:34.0680 0x1588  EapHost - ok
14:31:35.0085 0x1588  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:31:35.0444 0x1588  ebdrv - ok
14:31:35.0538 0x1588  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
14:31:35.0662 0x1588  EFS - ok
14:31:36.0021 0x1588  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:31:36.0224 0x1588  ehRecvr - ok
14:31:36.0333 0x1588  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:31:36.0458 0x1588  ehSched - ok
14:31:36.0661 0x1588  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:31:36.0692 0x1588  elxstor - ok
14:31:36.0754 0x1588  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:31:36.0786 0x1588  ErrDev - ok
14:31:36.0910 0x1588  [ 4C120D2B2EA269EAE7A5744794EB6DB1, 11CD724908CB6327E4E8CFBC908B090AFC33B929FF0DBDC08D8368771E4AA0C9 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
14:31:36.0926 0x1588  ETD - ok
14:31:37.0066 0x1588  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:31:37.0176 0x1588  EventSystem - ok
14:31:37.0222 0x1588  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:31:37.0285 0x1588  exfat - ok
14:31:37.0363 0x1588  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:31:37.0472 0x1588  fastfat - ok
14:31:37.0644 0x1588  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:31:37.0815 0x1588  Fax - ok
14:31:37.0846 0x1588  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:31:37.0878 0x1588  fdc - ok
14:31:38.0002 0x1588  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:31:38.0096 0x1588  fdPHost - ok
14:31:38.0158 0x1588  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:31:38.0221 0x1588  FDResPub - ok
14:31:38.0283 0x1588  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:31:38.0314 0x1588  FileInfo - ok
14:31:38.0346 0x1588  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:31:38.0470 0x1588  Filetrace - ok
14:31:38.0502 0x1588  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:31:38.0533 0x1588  flpydisk - ok
14:31:38.0658 0x1588  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:31:38.0673 0x1588  FltMgr - ok
14:31:38.0892 0x1588  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:31:39.0063 0x1588  FontCache - ok
14:31:39.0219 0x1588  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:31:39.0250 0x1588  FontCache3.0.0.0 - ok
14:31:39.0297 0x1588  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:31:39.0313 0x1588  FsDepends - ok
14:31:39.0391 0x1588  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
14:31:39.0406 0x1588  fssfltr - ok
14:31:39.0640 0x1588  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:31:39.0781 0x1588  fsssvc - ok
14:31:39.0828 0x1588  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:31:39.0859 0x1588  Fs_Rec - ok
14:31:39.0984 0x1588  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:31:39.0999 0x1588  fvevol - ok
14:31:40.0077 0x1588  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:31:40.0093 0x1588  gagp30kx - ok
14:31:40.0202 0x1588  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:31:40.0233 0x1588  GEARAspiWDM - ok
14:31:40.0342 0x1588  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:31:40.0452 0x1588  gpsvc - ok
14:31:40.0779 0x1588  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:31:40.0810 0x1588  gupdate - ok
14:31:40.0951 0x1588  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:31:40.0966 0x1588  gupdatem - ok
14:31:41.0060 0x1588  [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:31:41.0091 0x1588  gusvc - ok
14:31:41.0138 0x1588  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:31:41.0247 0x1588  hcw85cir - ok
14:31:41.0372 0x1588  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:31:41.0434 0x1588  HdAudAddService - ok
14:31:41.0512 0x1588  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:31:41.0575 0x1588  HDAudBus - ok
14:31:41.0606 0x1588  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:31:41.0653 0x1588  HidBatt - ok
14:31:41.0684 0x1588  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:31:41.0731 0x1588  HidBth - ok
14:31:41.0809 0x1588  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:31:41.0840 0x1588  HidIr - ok
14:31:41.0934 0x1588  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
14:31:42.0012 0x1588  hidserv - ok
14:31:42.0183 0x1588  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:31:42.0261 0x1588  HidUsb - ok
14:31:42.0370 0x1588  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:31:42.0464 0x1588  hkmsvc - ok
14:31:42.0651 0x1588  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:31:42.0745 0x1588  HomeGroupListener - ok
14:31:42.0823 0x1588  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:31:42.0901 0x1588  HomeGroupProvider - ok
14:31:42.0979 0x1588  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:31:42.0994 0x1588  HpSAMD - ok
14:31:43.0135 0x1588  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:31:43.0228 0x1588  HTTP - ok
14:31:43.0306 0x1588  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:31:43.0322 0x1588  hwpolicy - ok
14:31:43.0400 0x1588  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:31:43.0431 0x1588  i8042prt - ok
14:31:43.0572 0x1588  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:31:43.0603 0x1588  iaStor - ok
14:31:43.0696 0x1588  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:31:43.0728 0x1588  iaStorV - ok
14:31:43.0884 0x1588  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:31:43.0930 0x1588  idsvc - ok
14:31:43.0962 0x1588  IEEtwCollectorService - ok
14:31:44.0804 0x1588  [ E15A809273EA164A7479D2FA64D18988, 257D0546FDE4FED836AF428DBE6A4E45434D47321D0EEF9A61AFD8D6EACA423F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:31:45.0537 0x1588  igfx - ok
14:31:45.0600 0x1588  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:31:45.0615 0x1588  iirsp - ok
14:31:45.0693 0x1588  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:31:45.0787 0x1588  IKEEXT - ok
14:31:46.0146 0x1588  [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:31:46.0333 0x1588  IntcAzAudAddService - ok
14:31:46.0536 0x1588  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:31:46.0660 0x1588  IntcDAud - ok
14:31:46.0848 0x1588  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:31:46.0879 0x1588  intelide - ok
14:31:47.0035 0x1588  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:31:47.0097 0x1588  intelppm - ok
14:31:47.0191 0x1588  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:31:47.0269 0x1588  IPBusEnum - ok
14:31:47.0331 0x1588  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:31:47.0394 0x1588  IpFilterDriver - ok
14:31:47.0487 0x1588  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:31:47.0581 0x1588  iphlpsvc - ok
14:31:47.0596 0x1588  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:31:47.0659 0x1588  IPMIDRV - ok
14:31:47.0690 0x1588  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:31:47.0752 0x1588  IPNAT - ok
14:31:47.0986 0x1588  [ 3151D878BB16307EF2CF4CDA2463D15E, 5415D6F2F0BCEF702916297E5D41A43FB9A1738CCC7E28A70FF75C6880568EA2 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:31:48.0127 0x1588  iPod Service - ok
14:31:48.0205 0x1588  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:31:48.0283 0x1588  IRENUM - ok
14:31:48.0298 0x1588  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:31:48.0330 0x1588  isapnp - ok
14:31:48.0439 0x1588  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:31:48.0470 0x1588  iScsiPrt - ok
14:31:48.0564 0x1588  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:31:48.0579 0x1588  kbdclass - ok
14:31:48.0657 0x1588  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:31:48.0704 0x1588  kbdhid - ok
14:31:48.0798 0x1588  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
14:31:48.0813 0x1588  kbfiltr - ok
14:31:48.0876 0x1588  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
14:31:48.0907 0x1588  KeyIso - ok
14:31:48.0954 0x1588  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:31:48.0954 0x1588  KSecDD - ok
14:31:49.0032 0x1588  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:31:49.0047 0x1588  KSecPkg - ok
14:31:49.0172 0x1588  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:31:49.0266 0x1588  ksthunk - ok
14:31:49.0375 0x1588  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:31:49.0484 0x1588  KtmRm - ok
14:31:49.0578 0x1588  [ 033B4AED2C5519072C0D81E00804D003, 6C450A604C382416C482FED43098B4E95BD61B480B0CEFD728A269446AF18708 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
14:31:49.0624 0x1588  L1C - ok
14:31:49.0796 0x1588  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:31:49.0890 0x1588  LanmanServer - ok
14:31:49.0936 0x1588  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:31:49.0983 0x1588  LanmanWorkstation - ok
14:31:50.0108 0x1588  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:31:50.0186 0x1588  lltdio - ok
14:31:50.0264 0x1588  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:31:50.0326 0x1588  lltdsvc - ok
14:31:50.0358 0x1588  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:31:50.0404 0x1588  lmhosts - ok
14:31:50.0638 0x1588  [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:31:50.0701 0x1588  LMS - ok
14:31:50.0779 0x1588  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:31:50.0794 0x1588  LSI_FC - ok
14:31:50.0857 0x1588  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:31:50.0888 0x1588  LSI_SAS - ok
14:31:50.0904 0x1588  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:31:50.0919 0x1588  LSI_SAS2 - ok
14:31:50.0935 0x1588  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:31:50.0950 0x1588  LSI_SCSI - ok
14:31:50.0982 0x1588  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:31:51.0044 0x1588  luafv - ok
14:31:51.0106 0x1588  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:31:51.0153 0x1588  Mcx2Svc - ok
14:31:51.0169 0x1588  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:31:51.0184 0x1588  megasas - ok
14:31:51.0340 0x1588  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:31:51.0372 0x1588  MegaSR - ok
14:31:51.0465 0x1588  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:31:51.0481 0x1588  MEIx64 - ok
14:31:51.0574 0x1588  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:31:51.0699 0x1588  MMCSS - ok
14:31:51.0730 0x1588  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:31:51.0808 0x1588  Modem - ok
14:31:51.0980 0x1588  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:31:52.0027 0x1588  monitor - ok
14:31:52.0136 0x1588  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:31:52.0152 0x1588  mouclass - ok
14:31:52.0339 0x1588  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:31:52.0432 0x1588  mouhid - ok
14:31:52.0448 0x1588  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:31:52.0479 0x1588  mountmgr - ok
14:31:52.0604 0x1588  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:31:52.0635 0x1588  MozillaMaintenance - ok
14:31:52.0682 0x1588  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:31:52.0698 0x1588  mpio - ok
14:31:52.0744 0x1588  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:31:52.0822 0x1588  mpsdrv - ok
14:31:52.0900 0x1588  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:31:52.0994 0x1588  MpsSvc - ok
14:31:53.0072 0x1588  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:31:53.0150 0x1588  MRxDAV - ok
14:31:53.0212 0x1588  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:31:53.0337 0x1588  mrxsmb - ok
14:31:53.0431 0x1588  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:31:53.0462 0x1588  mrxsmb10 - ok
14:31:53.0493 0x1588  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:31:53.0571 0x1588  mrxsmb20 - ok
14:31:53.0634 0x1588  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:31:53.0665 0x1588  msahci - ok
14:31:53.0758 0x1588  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:31:53.0774 0x1588  msdsm - ok
14:31:53.0821 0x1588  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:31:53.0852 0x1588  MSDTC - ok
14:31:53.0883 0x1588  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:31:53.0961 0x1588  Msfs - ok
14:31:54.0024 0x1588  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:31:54.0086 0x1588  mshidkmdf - ok
14:31:54.0148 0x1588  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:31:54.0180 0x1588  msisadrv - ok
14:31:54.0226 0x1588  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:31:54.0289 0x1588  MSiSCSI - ok
14:31:54.0304 0x1588  msiserver - ok
14:31:54.0429 0x1588  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:31:54.0492 0x1588  MSKSSRV - ok
14:31:54.0538 0x1588  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:31:54.0601 0x1588  MSPCLOCK - ok
14:31:54.0726 0x1588  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:31:54.0788 0x1588  MSPQM - ok
14:31:54.0835 0x1588  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:31:54.0850 0x1588  MsRPC - ok
14:31:54.0897 0x1588  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:31:54.0928 0x1588  mssmbios - ok
14:31:54.0960 0x1588  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:31:55.0022 0x1588  MSTEE - ok
14:31:55.0053 0x1588  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:31:55.0131 0x1588  MTConfig - ok
14:31:55.0209 0x1588  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:31:55.0225 0x1588  Mup - ok
14:31:55.0365 0x1588  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:31:55.0474 0x1588  napagent - ok
14:31:55.0552 0x1588  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:31:55.0630 0x1588  NativeWifiP - ok
14:31:55.0849 0x1588  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:31:55.0896 0x1588  NDIS - ok
14:31:56.0036 0x1588  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:31:56.0145 0x1588  NdisCap - ok
14:31:56.0176 0x1588  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:31:56.0239 0x1588  NdisTapi - ok
14:31:56.0286 0x1588  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:31:56.0348 0x1588  Ndisuio - ok
14:31:56.0379 0x1588  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:31:56.0473 0x1588  NdisWan - ok
14:31:56.0535 0x1588  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:31:56.0598 0x1588  NDProxy - ok
14:31:56.0691 0x1588  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:31:56.0769 0x1588  NetBIOS - ok
14:31:56.0816 0x1588  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:31:56.0878 0x1588  NetBT - ok
14:31:56.0925 0x1588  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
14:31:56.0972 0x1588  Netlogon - ok
14:31:57.0050 0x1588  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:31:57.0190 0x1588  Netman - ok
14:31:57.0268 0x1588  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:57.0331 0x1588  NetMsmqActivator - ok
14:31:57.0378 0x1588  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:57.0378 0x1588  NetPipeActivator - ok
14:31:57.0471 0x1588  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:31:57.0580 0x1588  netprofm - ok
14:31:57.0596 0x1588  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:57.0612 0x1588  NetTcpActivator - ok
14:31:57.0627 0x1588  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:57.0627 0x1588  NetTcpPortSharing - ok
14:31:57.0690 0x1588  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:31:57.0721 0x1588  nfrd960 - ok
14:31:57.0861 0x1588  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:31:57.0924 0x1588  NlaSvc - ok
14:31:57.0970 0x1588  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:31:58.0002 0x1588  Npfs - ok
14:31:58.0064 0x1588  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:31:58.0126 0x1588  nsi - ok
14:31:58.0189 0x1588  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:31:58.0251 0x1588  nsiproxy - ok
14:31:58.0532 0x1588  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:31:58.0594 0x1588  Ntfs - ok
14:31:58.0641 0x1588  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:31:58.0719 0x1588  Null - ok
14:31:58.0813 0x1588  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:31:58.0844 0x1588  nvraid - ok
14:31:58.0891 0x1588  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:31:58.0906 0x1588  nvstor - ok
14:31:59.0016 0x1588  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:31:59.0047 0x1588  nv_agp - ok
14:31:59.0078 0x1588  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:31:59.0094 0x1588  ohci1394 - ok
14:31:59.0156 0x1588  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:31:59.0218 0x1588  p2pimsvc - ok
14:31:59.0296 0x1588  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:31:59.0374 0x1588  p2psvc - ok
14:31:59.0484 0x1588  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:31:59.0515 0x1588  Parport - ok
14:31:59.0577 0x1588  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:31:59.0593 0x1588  partmgr - ok
14:31:59.0686 0x1588  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:31:59.0749 0x1588  PcaSvc - ok
14:31:59.0827 0x1588  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:31:59.0858 0x1588  pci - ok
14:31:59.0936 0x1588  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:31:59.0952 0x1588  pciide - ok
14:32:00.0045 0x1588  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:32:00.0076 0x1588  pcmcia - ok
14:32:00.0170 0x1588  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:32:00.0201 0x1588  pcw - ok
14:32:00.0248 0x1588  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:32:00.0310 0x1588  PEAUTH - ok
14:32:00.0513 0x1588  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:32:00.0544 0x1588  PerfHost - ok
14:32:00.0700 0x1588  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:32:00.0841 0x1588  pla - ok
14:32:00.0950 0x1588  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:32:01.0106 0x1588  PlugPlay - ok
14:32:01.0153 0x1588  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:32:01.0231 0x1588  PNRPAutoReg - ok
14:32:01.0278 0x1588  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:32:01.0309 0x1588  PNRPsvc - ok
14:32:01.0418 0x1588  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:32:01.0558 0x1588  PolicyAgent - ok
14:32:01.0621 0x1588  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:32:01.0699 0x1588  Power - ok
14:32:01.0777 0x1588  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:32:01.0855 0x1588  PptpMiniport - ok
14:32:01.0948 0x1588  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:32:01.0980 0x1588  Processor - ok
14:32:02.0073 0x1588  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:32:02.0167 0x1588  ProfSvc - ok
14:32:02.0182 0x1588  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:32:02.0214 0x1588  ProtectedStorage - ok
14:32:02.0276 0x1588  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:32:02.0354 0x1588  Psched - ok
14:32:02.0728 0x1588  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:32:02.0791 0x1588  ql2300 - ok
14:32:02.0822 0x1588  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:32:02.0853 0x1588  ql40xx - ok
14:32:02.0962 0x1588  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:32:03.0009 0x1588  QWAVE - ok
14:32:03.0072 0x1588  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:32:03.0134 0x1588  QWAVEdrv - ok
14:32:03.0165 0x1588  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:32:03.0259 0x1588  RasAcd - ok
14:32:03.0352 0x1588  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:32:03.0446 0x1588  RasAgileVpn - ok
14:32:03.0524 0x1588  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:32:03.0633 0x1588  RasAuto - ok
14:32:03.0742 0x1588  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:32:03.0820 0x1588  Rasl2tp - ok
14:32:03.0992 0x1588  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:32:04.0086 0x1588  RasMan - ok
14:32:04.0117 0x1588  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:32:04.0164 0x1588  RasPppoe - ok
14:32:04.0226 0x1588  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:32:04.0320 0x1588  RasSstp - ok
14:32:04.0413 0x1588  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:32:04.0491 0x1588  rdbss - ok
14:32:04.0538 0x1588  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:32:04.0616 0x1588  rdpbus - ok
14:32:04.0647 0x1588  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:32:04.0710 0x1588  RDPCDD - ok
14:32:04.0772 0x1588  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:32:04.0850 0x1588  RDPENCDD - ok
14:32:04.0897 0x1588  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:32:05.0006 0x1588  RDPREFMP - ok
14:32:05.0100 0x1588  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:32:05.0178 0x1588  RDPWD - ok
14:32:05.0302 0x1588  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:32:05.0334 0x1588  rdyboost - ok
14:32:05.0396 0x1588  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:32:05.0474 0x1588  RemoteAccess - ok
14:32:05.0568 0x1588  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:32:05.0630 0x1588  RemoteRegistry - ok
14:32:05.0739 0x1588  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:32:05.0802 0x1588  RFCOMM - ok
14:32:05.0895 0x1588  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:32:06.0051 0x1588  RpcEptMapper - ok
14:32:06.0114 0x1588  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:32:06.0161 0x1588  RpcLocator - ok
14:32:06.0285 0x1588  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:32:06.0379 0x1588  RpcSs - ok
14:32:06.0488 0x1588  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:32:06.0535 0x1588  rspndr - ok
14:32:06.0629 0x1588  [ CE0A1D8A59410E698140821E4E69DA0D, 4AEBF07C4016AF62B1A4F1C838FDC3A272FC643E596A86E4FE3C34F10523E318 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
14:32:06.0644 0x1588  RSUSBVSTOR - ok
14:32:06.0831 0x1588  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:32:06.0863 0x1588  RTL8167 - ok
14:32:06.0894 0x1588  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
14:32:06.0941 0x1588  SamSs - ok
14:32:07.0019 0x1588  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:32:07.0050 0x1588  sbp2port - ok
14:32:07.0112 0x1588  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:32:07.0206 0x1588  SCardSvr - ok
14:32:07.0237 0x1588  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:32:07.0299 0x1588  scfilter - ok
14:32:07.0487 0x1588  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:32:07.0611 0x1588  Schedule - ok
14:32:07.0658 0x1588  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:32:07.0689 0x1588  SCPolicySvc - ok
14:32:07.0736 0x1588  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:32:07.0814 0x1588  SDRSVC - ok
14:32:07.0939 0x1588  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:32:08.0017 0x1588  secdrv - ok
14:32:08.0095 0x1588  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:32:08.0157 0x1588  seclogon - ok
14:32:08.0251 0x1588  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
14:32:08.0345 0x1588  SENS - ok
14:32:08.0485 0x1588  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:32:08.0547 0x1588  SensrSvc - ok
14:32:08.0610 0x1588  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:32:08.0641 0x1588  Serenum - ok
14:32:08.0688 0x1588  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:32:08.0719 0x1588  Serial - ok
14:32:08.0766 0x1588  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:32:08.0797 0x1588  sermouse - ok
14:32:08.0875 0x1588  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:32:08.0937 0x1588  SessionEnv - ok
14:32:08.0969 0x1588  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:32:09.0015 0x1588  sffdisk - ok
14:32:09.0047 0x1588  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:32:09.0093 0x1588  sffp_mmc - ok
14:32:09.0109 0x1588  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:32:09.0171 0x1588  sffp_sd - ok
14:32:09.0187 0x1588  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:32:09.0218 0x1588  sfloppy - ok
14:32:09.0343 0x1588  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:32:09.0405 0x1588  SharedAccess - ok
14:32:09.0577 0x1588  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:32:09.0671 0x1588  ShellHWDetection - ok
14:32:09.0780 0x1588  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
14:32:09.0827 0x1588  SiSGbeLH - ok
14:32:09.0889 0x1588  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:32:09.0920 0x1588  SiSRaid2 - ok
14:32:09.0951 0x1588  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:32:09.0967 0x1588  SiSRaid4 - ok
14:32:10.0170 0x1588  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:32:10.0217 0x1588  SkypeUpdate - ok
14:32:10.0310 0x1588  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:32:10.0373 0x1588  Smb - ok
14:32:10.0466 0x1588  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:32:10.0513 0x1588  SNMPTRAP - ok
14:32:10.0700 0x1588  [ D56F7986AA56D58A26644B562803970B, 13B21C8425D235282F4A338C4BAD1162CFBBA9E23AB136AEAE060439DF30CE37 ] SophosVirusRemovalTool C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
14:32:10.0716 0x1588  SophosVirusRemovalTool - ok
14:32:10.0747 0x1588  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:32:10.0763 0x1588  spldr - ok
14:32:10.0934 0x1588  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:32:11.0012 0x1588  Spooler - ok
14:32:11.0340 0x1588  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:32:11.0589 0x1588  sppsvc - ok
14:32:11.0683 0x1588  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:32:11.0777 0x1588  sppuinotify - ok
14:32:11.0901 0x1588  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:32:12.0135 0x1588  srv - ok
14:32:12.0229 0x1588  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:32:12.0260 0x1588  srv2 - ok
14:32:12.0291 0x1588  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:32:12.0338 0x1588  srvnet - ok
14:32:12.0401 0x1588  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:32:12.0479 0x1588  SSDPSRV - ok
14:32:12.0510 0x1588  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:32:12.0541 0x1588  SstpSvc - ok
14:32:12.0603 0x1588  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:32:12.0635 0x1588  stexstor - ok
14:32:12.0744 0x1588  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:32:12.0822 0x1588  stisvc - ok
14:32:12.0884 0x1588  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:32:12.0947 0x1588  swenum - ok
14:32:13.0477 0x1588  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:32:13.0555 0x1588  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:32:16.0831 0x1588  Detect skipped due to KSN trusted
14:32:16.0831 0x1588  SwitchBoard - ok
14:32:16.0956 0x1588  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:32:17.0034 0x1588  swprv - ok
14:32:17.0174 0x1588  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:32:17.0346 0x1588  SysMain - ok
14:32:17.0424 0x1588  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:32:17.0455 0x1588  TabletInputService - ok
14:32:17.0502 0x1588  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:32:17.0595 0x1588  TapiSrv - ok
14:32:17.0627 0x1588  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:32:17.0658 0x1588  TBS - ok
14:32:17.0985 0x1588  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:32:18.0063 0x1588  Tcpip - ok
14:32:18.0126 0x1588  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:32:18.0173 0x1588  TCPIP6 - ok
14:32:18.0235 0x1588  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:32:18.0282 0x1588  tcpipreg - ok
14:32:18.0375 0x1588  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:32:18.0469 0x1588  TDPIPE - ok
14:32:18.0594 0x1588  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:32:18.0656 0x1588  TDTCP - ok
14:32:18.0734 0x1588  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:32:18.0828 0x1588  tdx - ok
14:32:19.0374 0x1588  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
14:32:19.0639 0x1588  TeamViewer9 - ok
14:32:19.0670 0x1588  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:32:19.0686 0x1588  TermDD - ok
14:32:19.0811 0x1588  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:32:20.0013 0x1588  TermService - ok
14:32:20.0076 0x1588  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:32:20.0138 0x1588  Themes - ok
14:32:20.0154 0x1588  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:32:20.0201 0x1588  THREADORDER - ok
14:32:20.0247 0x1588  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:32:20.0325 0x1588  TrkWks - ok
14:32:20.0528 0x1588  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:32:20.0606 0x1588  TrustedInstaller - ok
14:32:20.0653 0x1588  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:32:20.0684 0x1588  tssecsrv - ok
14:32:20.0793 0x1588  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:32:20.0840 0x1588  TsUsbFlt - ok
14:32:20.0871 0x1588  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:32:20.0934 0x1588  TsUsbGD - ok
14:32:21.0027 0x1588  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:32:21.0121 0x1588  tunnel - ok
14:32:21.0215 0x1588  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:32:21.0246 0x1588  uagp35 - ok
14:32:21.0293 0x1588  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:32:21.0355 0x1588  udfs - ok
14:32:21.0433 0x1588  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:32:21.0495 0x1588  UI0Detect - ok
14:32:21.0542 0x1588  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:32:21.0542 0x1588  uliagpkx - ok
14:32:21.0667 0x1588  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:32:21.0698 0x1588  umbus - ok
14:32:21.0698 0x1588  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:32:21.0745 0x1588  UmPass - ok
14:32:22.0151 0x1588  [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:32:22.0400 0x1588  UNS - ok
14:32:22.0494 0x1588  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:32:22.0603 0x1588  upnphost - ok
14:32:22.0712 0x1588  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:32:22.0806 0x1588  usbaudio - ok
14:32:22.0884 0x1588  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:32:22.0962 0x1588  usbccgp - ok
14:32:23.0040 0x1588  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:32:23.0087 0x1588  usbcir - ok
14:32:23.0133 0x1588  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:32:23.0149 0x1588  usbehci - ok
14:32:23.0258 0x1588  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:32:23.0383 0x1588  usbhub - ok
14:32:23.0445 0x1588  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:32:23.0477 0x1588  usbohci - ok
14:32:23.0570 0x1588  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:32:23.0601 0x1588  usbprint - ok
14:32:23.0679 0x1588  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:32:23.0742 0x1588  USBSTOR - ok
14:32:23.0820 0x1588  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:32:23.0851 0x1588  usbuhci - ok
14:32:23.0945 0x1588  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:32:24.0007 0x1588  usbvideo - ok
14:32:24.0038 0x1588  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:32:24.0101 0x1588  UxSms - ok
14:32:24.0116 0x1588  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
14:32:24.0147 0x1588  VaultSvc - ok
14:32:24.0288 0x1588  [ 68EF855725F65A5C3C24F78D33388F30, FC419009627BF80CD806FD475ABA17D9F1A1907FDB58D75041307E70EACFEFEC ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:32:24.0319 0x1588  VBoxDrv - ok
14:32:24.0444 0x1588  [ 7FFC48B516856FD40B9F55687C8D70A2, F805CF5C709C01270C3AE7C82C3DDB21CF17C1B085CDF4452C0462EA39878693 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:32:24.0459 0x1588  VBoxNetAdp - ok
14:32:24.0537 0x1588  [ 7A92E82A1DCC528F4E7D3F655BDEA6AA, 81009484A7467A37C891E2EA152E5CBB6611BC3759394A967AC3980353582572 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:32:24.0584 0x1588  VBoxNetFlt - ok
14:32:24.0725 0x1588  [ F3CF9F56C2A8AEB50EB679DC76902BE0, 8E56107C4984E23FD8FF9428EBE0189F24CB9CD460E1110991011FD005E81C26 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:32:24.0756 0x1588  VBoxUSBMon - ok
14:32:24.0834 0x1588  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:32:24.0865 0x1588  vdrvroot - ok
14:32:25.0021 0x1588  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:32:25.0146 0x1588  vds - ok
14:32:25.0193 0x1588  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:32:25.0239 0x1588  vga - ok
14:32:25.0271 0x1588  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:32:25.0317 0x1588  VgaSave - ok
14:32:25.0395 0x1588  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:32:25.0505 0x1588  vhdmp - ok
14:32:25.0583 0x1588  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:32:25.0614 0x1588  viaide - ok
14:32:25.0801 0x1588  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:32:25.0817 0x1588  volmgr - ok
14:32:25.0879 0x1588  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:32:25.0973 0x1588  volmgrx - ok
14:32:26.0004 0x1588  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:32:26.0035 0x1588  volsnap - ok
14:32:26.0066 0x1588  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:32:26.0082 0x1588  vsmraid - ok
14:32:26.0207 0x1588  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:32:26.0394 0x1588  VSS - ok
14:32:26.0425 0x1588  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:32:26.0487 0x1588  vwifibus - ok
14:32:26.0519 0x1588  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:32:26.0565 0x1588  vwififlt - ok
14:32:26.0659 0x1588  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:32:26.0706 0x1588  vwifimp - ok
14:32:26.0862 0x1588  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:32:27.0002 0x1588  W32Time - ok
14:32:27.0065 0x1588  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:32:27.0111 0x1588  WacomPen - ok
14:32:27.0221 0x1588  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:32:27.0314 0x1588  WANARP - ok
14:32:27.0314 0x1588  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:32:27.0345 0x1588  Wanarpv6 - ok
14:32:27.0564 0x1588  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:32:27.0611 0x1588  WatAdminSvc - ok
14:32:27.0829 0x1588  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:32:27.0985 0x1588  wbengine - ok
14:32:28.0079 0x1588  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:32:28.0125 0x1588  WbioSrvc - ok
14:32:28.0172 0x1588  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:32:28.0281 0x1588  wcncsvc - ok
14:32:28.0313 0x1588  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:32:28.0406 0x1588  WcsPlugInService - ok
14:32:28.0484 0x1588  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:32:28.0484 0x1588  Wd - ok
14:32:28.0578 0x1588  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
14:32:28.0656 0x1588  WDC_SAM - ok
14:32:28.0749 0x1588  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:32:28.0781 0x1588  Wdf01000 - ok
14:32:28.0905 0x1588  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:32:29.0171 0x1588  WdiServiceHost - ok
14:32:29.0202 0x1588  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:32:29.0217 0x1588  WdiSystemHost - ok
14:32:29.0295 0x1588  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:32:29.0405 0x1588  WebClient - ok
14:32:29.0467 0x1588  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:32:29.0529 0x1588  Wecsvc - ok
14:32:29.0561 0x1588  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:32:29.0592 0x1588  wercplsupport - ok
14:32:29.0639 0x1588  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:32:29.0732 0x1588  WerSvc - ok
14:32:29.0748 0x1588  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:32:29.0795 0x1588  WfpLwf - ok
14:32:29.0935 0x1588  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
14:32:29.0982 0x1588  WimFltr - ok
14:32:30.0013 0x1588  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:32:30.0029 0x1588  WIMMount - ok
14:32:30.0107 0x1588  WinDefend - ok
14:32:30.0138 0x1588  WinHttpAutoProxySvc - ok
14:32:30.0356 0x1588  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:32:30.0450 0x1588  Winmgmt - ok
14:32:30.0809 0x1588  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:32:31.0105 0x1588  WinRM - ok
14:32:31.0464 0x1588  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:32:31.0511 0x1588  WinUsb - ok
14:32:31.0791 0x1588  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:32:31.0869 0x1588  Wlansvc - ok
14:32:32.0197 0x1588  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:32:32.0197 0x1588  wlcrasvc - ok
14:32:32.0634 0x1588  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:32:32.0712 0x1588  wlidsvc - ok
14:32:32.0774 0x1588  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:32:32.0821 0x1588  WmiAcpi - ok
14:32:32.0915 0x1588  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:32:32.0977 0x1588  wmiApSrv - ok
14:32:33.0008 0x1588  WMPNetworkSvc - ok
14:32:33.0086 0x1588  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:32:33.0133 0x1588  WPCSvc - ok
14:32:33.0164 0x1588  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:32:33.0195 0x1588  WPDBusEnum - ok
14:32:33.0242 0x1588  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:32:33.0305 0x1588  ws2ifsl - ok
14:32:33.0398 0x1588  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
14:32:33.0429 0x1588  wscsvc - ok
14:32:33.0429 0x1588  WSearch - ok
14:32:33.0835 0x1588  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:32:34.0022 0x1588  wuauserv - ok
14:32:34.0100 0x1588  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:32:34.0163 0x1588  WudfPf - ok
14:32:34.0334 0x1588  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:32:34.0365 0x1588  WUDFRd - ok
14:32:34.0428 0x1588  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:32:34.0475 0x1588  wudfsvc - ok
14:32:34.0537 0x1588  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:32:34.0599 0x1588  WwanSvc - ok
14:32:34.0724 0x1588  ================ Scan global ===============================
14:32:34.0802 0x1588  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:32:34.0880 0x1588  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:32:34.0911 0x1588  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:32:34.0989 0x1588  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:32:35.0067 0x1588  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:32:35.0083 0x1588  [ Global ] - ok
14:32:35.0083 0x1588  ================ Scan MBR ==================================
14:32:35.0114 0x1588  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:32:35.0957 0x1588  \Device\Harddisk0\DR0 - ok
14:32:36.0971 0x1588  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
14:32:37.0173 0x1588  \Device\Harddisk1\DR1 - ok
14:32:37.0173 0x1588  ================ Scan VBR ==================================
14:32:37.0220 0x1588  [ 9A1222287ED25F5ED3EABEB75ABEC480 ] \Device\Harddisk0\DR0\Partition1
14:32:37.0251 0x1588  \Device\Harddisk0\DR0\Partition1 - ok
14:32:37.0283 0x1588  [ F01D45ED781069835C544C3CC87BFBB1 ] \Device\Harddisk0\DR0\Partition2
14:32:37.0283 0x1588  \Device\Harddisk0\DR0\Partition2 - ok
14:32:37.0298 0x1588  [ D71C503A77270C5D6E97DD96B77717C2 ] \Device\Harddisk1\DR1\Partition1
14:32:37.0298 0x1588  \Device\Harddisk1\DR1\Partition1 - ok
14:32:37.0298 0x1588  ================ Scan generic autorun ======================
14:32:37.0298 0x1588  ETDCtrl - ok
14:32:37.0392 0x1588  [ B66DFC9D8971DD3CC4C522B0BBC8DB27, FAD89952DA699BBE1DCF49DA9C5EE80E3E5110626E4E48423F20D923FC075247 ] C:\Program Files\Greenshot\Greenshot.exe
14:32:37.0454 0x1588  Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
14:32:39.0997 0x1588  Detect skipped due to KSN trusted
14:32:39.0997 0x1588  Greenshot - ok
14:32:40.0169 0x1588  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
14:32:40.0184 0x1588  AdobeAAMUpdater-1.0 - ok
14:32:40.0340 0x1588  Exoqwuha - ok
14:32:40.0403 0x1588  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:32:40.0465 0x1588  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:32:40.0465 0x1588  Detect skipped due to KSN trusted
14:32:40.0465 0x1588  SwitchBoard - ok
14:32:40.0574 0x1588  [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
14:32:40.0605 0x1588  AdobeCS5ServiceManager - ok
14:32:40.0917 0x1588  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Genisis500\AppData\Local\FluxSoftware\Flux\flux.exe
14:32:40.0980 0x1588  F.lux - ok
14:32:41.0120 0x1588  [ 432BE6CF7311062633459EEF6B242FB5, 890C1734ED1EF6B2422A9B21D6205CF91E014ADD8A7F41AA5A294FCF60631A7B ] C:\Windows\SysWOW64\regsvr32.exe
14:32:41.0167 0x1588  Ewtion - ok
14:32:41.0183 0x1588  Odics - ok
14:32:41.0183 0x1588  Waiting for KSN requests completion. In queue: 4
14:32:42.0197 0x1588  Waiting for KSN requests completion. In queue: 4
14:32:43.0211 0x1588  Waiting for KSN requests completion. In queue: 4
14:32:44.0474 0x1588  Win FW state via NFP2: enabled
14:32:47.0111 0x1588  ============================================================
14:32:47.0111 0x1588  Scan finished
14:32:47.0111 0x1588  ============================================================
14:32:47.0111 0x197c  Detected object count: 0
14:32:47.0111 0x197c  Actual detected object count: 0
14:33:31.0508 0x1730  ============================================================
14:33:31.0508 0x1730  Scan started
14:33:31.0508 0x1730  Mode: Manual; SigCheck; TDLFS;
14:33:31.0508 0x1730  ============================================================
14:33:31.0508 0x1730  KSN ping started
14:33:34.0145 0x1730  KSN ping finished: true
14:33:37.0577 0x1730  ================ Scan system memory ========================
14:33:37.0577 0x1730  System memory - ok
14:33:37.0577 0x1730  ================ Scan services =============================
14:33:37.0795 0x1730  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:33:37.0842 0x1730  1394ohci - ok
14:33:37.0889 0x1730  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:33:37.0904 0x1730  ACPI - ok
14:33:37.0967 0x1730  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:33:37.0998 0x1730  AcpiPmi - ok
14:33:38.0169 0x1730  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:33:38.0185 0x1730  AdobeFlashPlayerUpdateSvc - ok
14:33:38.0185 0x1730  Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc
14:33:40.0993 0x1730  Object send P2P result: true
14:33:41.0133 0x1730  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:33:41.0165 0x1730  adp94xx - ok
14:33:41.0243 0x1730  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:33:41.0274 0x1730  adpahci - ok
14:33:41.0305 0x1730  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:33:41.0305 0x1730  adpu320 - ok
14:33:41.0383 0x1730  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:33:41.0414 0x1730  AeLookupSvc - ok
14:33:41.0523 0x1730  [ 6E79A119B0CE418FE44E0C824BF3F039, 7C7E8ED41EFCDB20C1A0C038BB6C53CDBE6709E3573C8A93B4059C0CD08759EB ] AFBAgent        C:\Windows\system32\FBAgent.exe
14:33:41.0555 0x1730  AFBAgent - ok
14:33:41.0617 0x1730  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
14:33:41.0648 0x1730  AFD - ok
14:33:41.0726 0x1730  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:33:41.0757 0x1730  agp440 - ok
14:33:41.0820 0x1730  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:33:41.0851 0x1730  ALG - ok
14:33:41.0913 0x1730  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:33:41.0929 0x1730  aliide - ok
14:33:41.0976 0x1730  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:33:41.0991 0x1730  amdide - ok
14:33:42.0023 0x1730  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:33:42.0023 0x1730  AmdK8 - ok
14:33:42.0054 0x1730  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:33:42.0069 0x1730  AmdPPM - ok
14:33:42.0132 0x1730  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:33:42.0163 0x1730  amdsata - ok
14:33:42.0225 0x1730  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:33:42.0257 0x1730  amdsbs - ok
14:33:42.0288 0x1730  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:33:42.0288 0x1730  amdxata - ok
14:33:42.0319 0x1730  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
 


TDSSKiller_*.log (Part 2 of 2)

14:33:42.0350 0x1730  AppID - ok
14:33:42.0491 0x1730  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:33:42.0522 0x1730  AppIDSvc - ok
14:33:42.0569 0x1730  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:33:42.0615 0x1730  Appinfo - ok
14:33:42.0693 0x1730  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:33:42.0709 0x1730  arc - ok
14:33:42.0771 0x1730  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:33:42.0803 0x1730  arcsas - ok
14:33:43.0021 0x1730  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
14:33:43.0052 0x1730  ASLDRService - ok
14:33:43.0083 0x1730  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
14:33:43.0083 0x1730  ASMMAP64 - ok
14:33:43.0146 0x1730  [ 0AA7A996792FB0287B33A57A8093AE44, 41894F055F3CDA05794FC46E1F2C59979D1DAF7602F44E4ADF6347E199B8137C ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
14:33:43.0193 0x1730  asmthub3 - ok
14:33:43.0317 0x1730  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC, FEFF8C37CD688F39C8E341F8BF7A712AA8C0F431B064E07C3EA66A96250D855B ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
14:33:43.0349 0x1730  asmtxhci - ok
14:33:43.0676 0x1730  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:33:43.0707 0x1730  aspnet_state - ok
14:33:43.0739 0x1730  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:33:43.0770 0x1730  AsyncMac - ok
14:33:43.0832 0x1730  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:33:43.0848 0x1730  atapi - ok
14:33:44.0175 0x1730  [ DE9FB3DADE8FD39AE2C587DF22D36B8E, 5315448D41661E625D51330E689139E914E7173DF1F8593C9F81ABC959F5F85D ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:33:44.0269 0x1730  athr - ok
14:33:44.0331 0x1730  [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
14:33:44.0363 0x1730  ATKGFNEXSrv - ok
14:33:44.0425 0x1730  [ 1F7238A37389ED92E9D8EEE975CABD54, AFEE4B89A330C106651BB230920FC623813B075D2B75DFEDCC68A3207B291365 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
14:33:44.0441 0x1730  ATKWMIACPIIO - ok
14:33:44.0612 0x1730  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:33:44.0659 0x1730  AudioEndpointBuilder - ok
14:33:44.0675 0x1730  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:33:44.0706 0x1730  AudioSrv - ok
14:33:44.0768 0x1730  [ 528FFA0794B3A84413C35F149917105E, 42CC7CB752062D34C21A115E71B749BBFC22F74880AA1A14EB8C46FC87905BA3 ] AVEO            C:\Windows\system32\DRIVERS\AVEOdcnt.sys
14:33:44.0831 0x1730  AVEO - ok
14:33:44.0877 0x1730  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:33:44.0909 0x1730  AxInstSV - ok
14:33:45.0065 0x1730  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:33:45.0158 0x1730  b06bdrv - ok
14:33:45.0205 0x1730  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:33:45.0236 0x1730  b57nd60a - ok
14:33:45.0330 0x1730  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:33:45.0361 0x1730  BDESVC - ok
14:33:45.0408 0x1730  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:33:45.0470 0x1730  Beep - ok
14:33:45.0579 0x1730  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:33:45.0704 0x1730  BFE - ok
14:33:45.0767 0x1730  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
14:33:45.0829 0x1730  BITS - ok
14:33:45.0954 0x1730  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:33:45.0969 0x1730  blbdrive - ok
14:33:46.0094 0x1730  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:33:46.0172 0x1730  bowser - ok
14:33:46.0219 0x1730  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:33:46.0250 0x1730  BrFiltLo - ok
14:33:46.0281 0x1730  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:33:46.0297 0x1730  BrFiltUp - ok
14:33:46.0359 0x1730  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
14:33:46.0406 0x1730  BridgeMP - ok
14:33:46.0609 0x1730  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:33:46.0640 0x1730  Browser - ok
14:33:46.0718 0x1730  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:33:46.0827 0x1730  Brserid - ok
14:33:46.0905 0x1730  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:33:46.0937 0x1730  BrSerWdm - ok
14:33:47.0093 0x1730  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:33:47.0124 0x1730  BrUsbMdm - ok
14:33:47.0139 0x1730  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:33:47.0155 0x1730  BrUsbSer - ok
14:33:47.0217 0x1730  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:33:47.0280 0x1730  BthEnum - ok
14:33:47.0311 0x1730  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:33:47.0327 0x1730  BTHMODEM - ok
14:33:47.0420 0x1730  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:33:47.0451 0x1730  BthPan - ok
14:33:47.0545 0x1730  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:33:47.0623 0x1730  BTHPORT - ok
14:33:47.0685 0x1730  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:33:47.0748 0x1730  bthserv - ok
14:33:47.0826 0x1730  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:33:47.0841 0x1730  BTHUSB - ok
14:33:47.0857 0x1730  catchme - ok
14:33:47.0919 0x1730  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:33:47.0982 0x1730  cdfs - ok
14:33:48.0013 0x1730  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:33:48.0029 0x1730  cdrom - ok
14:33:48.0075 0x1730  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:33:48.0138 0x1730  CertPropSvc - ok
14:33:48.0200 0x1730  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:33:48.0216 0x1730  circlass - ok
14:33:48.0325 0x1730  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:33:48.0356 0x1730  CLFS - ok
14:33:48.0528 0x1730  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:33:48.0559 0x1730  clr_optimization_v2.0.50727_32 - ok
14:33:48.0621 0x1730  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:33:48.0653 0x1730  clr_optimization_v2.0.50727_64 - ok
14:33:48.0824 0x1730  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:33:48.0855 0x1730  clr_optimization_v4.0.30319_32 - ok
14:33:48.0887 0x1730  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:33:48.0918 0x1730  clr_optimization_v4.0.30319_64 - ok
14:33:48.0996 0x1730  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:33:49.0011 0x1730  CmBatt - ok
14:33:49.0043 0x1730  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:33:49.0043 0x1730  cmdide - ok
14:33:49.0152 0x1730  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:33:49.0214 0x1730  CNG - ok
14:33:49.0261 0x1730  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:33:49.0261 0x1730  Compbatt - ok
14:33:49.0277 0x1730  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:33:49.0292 0x1730  CompositeBus - ok
14:33:49.0308 0x1730  COMSysApp - ok
14:33:49.0339 0x1730  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:33:49.0355 0x1730  crcdisk - ok
14:33:49.0464 0x1730  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:33:49.0526 0x1730  CryptSvc - ok
14:33:49.0589 0x1730  [ E6CE7188CC47AE5DAFDAF552D370C52F, D68E48F137BF8C6CD0BE4248F9F9D7C68F273C34304641756A76364E915BF428 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
14:33:49.0589 0x1730  dc3d - ok
14:33:49.0682 0x1730  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:33:49.0760 0x1730  DcomLaunch - ok
14:33:49.0885 0x1730  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:33:49.0947 0x1730  defragsvc - ok
14:33:50.0010 0x1730  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:33:50.0072 0x1730  DfsC - ok
14:33:50.0150 0x1730  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:33:50.0197 0x1730  Dhcp - ok
14:33:50.0197 0x1730  DIRECTIO - ok
14:33:50.0259 0x1730  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:33:50.0306 0x1730  discache - ok
14:33:50.0322 0x1730  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:33:50.0337 0x1730  Disk - ok
14:33:50.0384 0x1730  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:33:50.0415 0x1730  Dnscache - ok
14:33:51.0071 0x1730  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:33:51.0133 0x1730  dot3svc - ok
14:33:51.0180 0x1730  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:33:51.0211 0x1730  DPS - ok
14:33:51.0273 0x1730  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:33:51.0273 0x1730  drmkaud - ok
14:33:51.0383 0x1730  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:33:51.0507 0x1730  DXGKrnl - ok
14:33:51.0570 0x1730  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:33:51.0632 0x1730  EapHost - ok
14:33:51.0897 0x1730  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:33:52.0100 0x1730  ebdrv - ok
14:33:52.0163 0x1730  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
14:33:52.0209 0x1730  EFS - ok
14:33:52.0475 0x1730  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:33:52.0537 0x1730  ehRecvr - ok
14:33:52.0553 0x1730  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:33:52.0568 0x1730  ehSched - ok
14:33:52.0724 0x1730  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:33:52.0755 0x1730  elxstor - ok
14:33:52.0818 0x1730  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:33:52.0849 0x1730  ErrDev - ok
14:33:52.0880 0x1730  [ 4C120D2B2EA269EAE7A5744794EB6DB1, 11CD724908CB6327E4E8CFBC908B090AFC33B929FF0DBDC08D8368771E4AA0C9 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
14:33:52.0911 0x1730  ETD - ok
14:33:52.0943 0x1730  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:33:52.0989 0x1730  EventSystem - ok
14:33:53.0114 0x1730  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:33:53.0177 0x1730  exfat - ok
14:33:53.0239 0x1730  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:33:53.0301 0x1730  fastfat - ok
14:33:53.0411 0x1730  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:33:53.0504 0x1730  Fax - ok
14:33:53.0535 0x1730  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:33:53.0551 0x1730  fdc - ok
14:33:53.0598 0x1730  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:33:53.0676 0x1730  fdPHost - ok
14:33:53.0723 0x1730  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:33:53.0769 0x1730  FDResPub - ok
14:33:53.0863 0x1730  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:33:53.0879 0x1730  FileInfo - ok
14:33:53.0910 0x1730  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:33:53.0957 0x1730  Filetrace - ok
14:33:53.0988 0x1730  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:33:54.0003 0x1730  flpydisk - ok
14:33:54.0035 0x1730  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:33:54.0050 0x1730  FltMgr - ok
14:33:54.0128 0x1730  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:33:54.0191 0x1730  FontCache - ok
14:33:54.0315 0x1730  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:33:54.0331 0x1730  FontCache3.0.0.0 - ok
14:33:54.0362 0x1730  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:33:54.0378 0x1730  FsDepends - ok
14:33:54.0440 0x1730  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
14:33:54.0471 0x1730  fssfltr - ok
14:33:54.0783 0x1730  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:33:54.0846 0x1730  fsssvc - ok
14:33:54.0893 0x1730  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:33:54.0893 0x1730  Fs_Rec - ok
14:33:55.0002 0x1730  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:33:55.0049 0x1730  fvevol - ok
14:33:55.0111 0x1730  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:33:55.0142 0x1730  gagp30kx - ok
14:33:55.0189 0x1730  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:33:55.0220 0x1730  GEARAspiWDM - ok
14:33:55.0329 0x1730  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:33:55.0392 0x1730  gpsvc - ok
14:33:55.0517 0x1730  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:33:55.0532 0x1730  gupdate - ok
14:33:55.0548 0x1730  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:33:55.0548 0x1730  gupdatem - ok
14:33:55.0626 0x1730  [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:33:55.0657 0x1730  gusvc - ok
14:33:55.0719 0x1730  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:33:55.0751 0x1730  hcw85cir - ok
14:33:55.0860 0x1730  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:33:55.0969 0x1730  HdAudAddService - ok
14:33:56.0016 0x1730  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:33:56.0031 0x1730  HDAudBus - ok
14:33:56.0047 0x1730  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:33:56.0063 0x1730  HidBatt - ok
14:33:56.0078 0x1730  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:33:56.0094 0x1730  HidBth - ok
14:33:56.0125 0x1730  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:33:56.0141 0x1730  HidIr - ok
14:33:56.0187 0x1730  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
14:33:56.0250 0x1730  hidserv - ok
14:33:56.0343 0x1730  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:33:56.0390 0x1730  HidUsb - ok
14:33:56.0484 0x1730  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:33:56.0546 0x1730  hkmsvc - ok
14:33:56.0577 0x1730  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:33:56.0609 0x1730  HomeGroupListener - ok
14:33:56.0687 0x1730  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:33:56.0718 0x1730  HomeGroupProvider - ok
14:33:56.0796 0x1730  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:33:56.0796 0x1730  HpSAMD - ok
14:33:56.0921 0x1730  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:33:56.0999 0x1730  HTTP - ok
14:33:57.0030 0x1730  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:33:57.0045 0x1730  hwpolicy - ok
14:33:57.0077 0x1730  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:33:57.0092 0x1730  i8042prt - ok
14:33:57.0217 0x1730  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:33:57.0311 0x1730  iaStor - ok
14:33:57.0389 0x1730  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:33:57.0451 0x1730  iaStorV - ok
14:33:57.0560 0x1730  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:33:57.0654 0x1730  idsvc - ok
14:33:57.0654 0x1730  IEEtwCollectorService - ok
14:33:58.0340 0x1730  [ E15A809273EA164A7479D2FA64D18988, 257D0546FDE4FED836AF428DBE6A4E45434D47321D0EEF9A61AFD8D6EACA423F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:33:58.0917 0x1730  igfx - ok
14:33:58.0980 0x1730  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:33:58.0980 0x1730  iirsp - ok
14:33:59.0089 0x1730  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:33:59.0151 0x1730  IKEEXT - ok
14:33:59.0526 0x1730  [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:33:59.0698 0x1730  IntcAzAudAddService - ok
14:33:59.0776 0x1730  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:33:59.0854 0x1730  IntcDAud - ok
14:33:59.0916 0x1730  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:33:59.0932 0x1730  intelide - ok
14:33:59.0994 0x1730  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:34:00.0010 0x1730  intelppm - ok
14:34:00.0072 0x1730  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:34:00.0103 0x1730  IPBusEnum - ok
14:34:00.0150 0x1730  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:34:00.0212 0x1730  IpFilterDriver - ok
14:34:00.0275 0x1730  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:34:00.0306 0x1730  iphlpsvc - ok
14:34:00.0353 0x1730  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:34:00.0368 0x1730  IPMIDRV - ok
14:34:00.0431 0x1730  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:34:00.0478 0x1730  IPNAT - ok
14:34:00.0712 0x1730  [ 3151D878BB16307EF2CF4CDA2463D15E, 5415D6F2F0BCEF702916297E5D41A43FB9A1738CCC7E28A70FF75C6880568EA2 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:34:00.0758 0x1730  iPod Service - ok
14:34:00.0790 0x1730  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:34:00.0805 0x1730  IRENUM - ok
14:34:00.0852 0x1730  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:34:00.0868 0x1730  isapnp - ok
14:34:00.0946 0x1730  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:34:00.0977 0x1730  iScsiPrt - ok
14:34:00.0992 0x1730  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:34:01.0008 0x1730  kbdclass - ok
14:34:01.0070 0x1730  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:34:01.0086 0x1730  kbdhid - ok
14:34:01.0133 0x1730  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
14:34:01.0148 0x1730  kbfiltr - ok
14:34:01.0180 0x1730  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
14:34:01.0226 0x1730  KeyIso - ok
14:34:01.0289 0x1730  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:34:01.0304 0x1730  KSecDD - ok
14:34:01.0351 0x1730  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:34:01.0367 0x1730  KSecPkg - ok
14:34:01.0445 0x1730  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:34:01.0507 0x1730  ksthunk - ok
14:34:01.0616 0x1730  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:34:01.0694 0x1730  KtmRm - ok
14:34:01.0788 0x1730  [ 033B4AED2C5519072C0D81E00804D003, 6C450A604C382416C482FED43098B4E95BD61B480B0CEFD728A269446AF18708 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
14:34:01.0819 0x1730  L1C - ok
14:34:01.0897 0x1730  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:34:01.0960 0x1730  LanmanServer - ok
14:34:02.0006 0x1730  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:34:02.0069 0x1730  LanmanWorkstation - ok
14:34:02.0084 0x1730  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:34:02.0116 0x1730  lltdio - ok
14:34:02.0209 0x1730  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:34:02.0287 0x1730  lltdsvc - ok
14:34:02.0318 0x1730  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:34:02.0350 0x1730  lmhosts - ok
14:34:02.0506 0x1730  [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:34:02.0537 0x1730  LMS - ok
14:34:02.0662 0x1730  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:34:02.0693 0x1730  LSI_FC - ok
14:34:02.0708 0x1730  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:34:02.0724 0x1730  LSI_SAS - ok
14:34:02.0755 0x1730  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:34:02.0755 0x1730  LSI_SAS2 - ok
14:34:02.0786 0x1730  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:34:02.0802 0x1730  LSI_SCSI - ok
14:34:02.0833 0x1730  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:34:02.0864 0x1730  luafv - ok
14:34:02.0958 0x1730  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:34:02.0989 0x1730  Mcx2Svc - ok
14:34:03.0020 0x1730  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:34:03.0036 0x1730  megasas - ok
14:34:03.0083 0x1730  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:34:03.0145 0x1730  MegaSR - ok
14:34:03.0192 0x1730  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:34:03.0223 0x1730  MEIx64 - ok
14:34:03.0286 0x1730  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:34:03.0348 0x1730  MMCSS - ok
14:34:03.0395 0x1730  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:34:03.0457 0x1730  Modem - ok
14:34:03.0520 0x1730  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:34:03.0551 0x1730  monitor - ok
14:34:03.0598 0x1730  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:34:03.0613 0x1730  mouclass - ok
14:34:03.0644 0x1730  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:34:03.0691 0x1730  mouhid - ok
14:34:03.0722 0x1730  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:34:03.0738 0x1730  mountmgr - ok
14:34:03.0800 0x1730  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:34:03.0832 0x1730  MozillaMaintenance - ok
14:34:03.0878 0x1730  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:34:03.0894 0x1730  mpio - ok
14:34:03.0925 0x1730  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:34:03.0956 0x1730  mpsdrv - ok
14:34:04.0019 0x1730  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:34:04.0066 0x1730  MpsSvc - ok
14:34:04.0159 0x1730  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:34:04.0206 0x1730  MRxDAV - ok
14:34:04.0284 0x1730  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:34:04.0331 0x1730  mrxsmb - ok
14:34:04.0362 0x1730  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:34:04.0378 0x1730  mrxsmb10 - ok
14:34:04.0409 0x1730  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:34:04.0424 0x1730  mrxsmb20 - ok
14:34:04.0487 0x1730  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:34:04.0518 0x1730  msahci - ok
14:34:04.0580 0x1730  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:34:04.0596 0x1730  msdsm - ok
14:34:04.0643 0x1730  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:34:04.0674 0x1730  MSDTC - ok
14:34:04.0705 0x1730  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:34:04.0752 0x1730  Msfs - ok
14:34:04.0768 0x1730  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:34:04.0799 0x1730  mshidkmdf - ok
14:34:04.0830 0x1730  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:34:04.0830 0x1730  msisadrv - ok
14:34:04.0908 0x1730  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:34:04.0970 0x1730  MSiSCSI - ok
14:34:04.0970 0x1730  msiserver - ok
14:34:05.0002 0x1730  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:34:05.0033 0x1730  MSKSSRV - ok
14:34:05.0095 0x1730  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:34:05.0126 0x1730  MSPCLOCK - ok
14:34:05.0142 0x1730  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:34:05.0173 0x1730  MSPQM - ok
14:34:05.0204 0x1730  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:34:05.0236 0x1730  MsRPC - ok
14:34:05.0267 0x1730  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:34:05.0267 0x1730  mssmbios - ok
14:34:05.0329 0x1730  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:34:05.0376 0x1730  MSTEE - ok
14:34:05.0423 0x1730  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:34:05.0454 0x1730  MTConfig - ok
14:34:05.0501 0x1730  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:34:05.0516 0x1730  Mup - ok
14:34:05.0688 0x1730  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:34:05.0766 0x1730  napagent - ok
14:34:05.0813 0x1730  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:34:05.0860 0x1730  NativeWifiP - ok
14:34:05.0969 0x1730  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:34:06.0000 0x1730  NDIS - ok
14:34:06.0062 0x1730  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:34:06.0094 0x1730  NdisCap - ok
14:34:06.0125 0x1730  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:34:06.0156 0x1730  NdisTapi - ok
14:34:06.0187 0x1730  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:34:06.0218 0x1730  Ndisuio - ok
14:34:06.0250 0x1730  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:34:06.0296 0x1730  NdisWan - ok
14:34:06.0328 0x1730  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:34:06.0359 0x1730  NDProxy - ok
14:34:06.0390 0x1730  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:34:06.0421 0x1730  NetBIOS - ok
14:34:06.0452 0x1730  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:34:06.0484 0x1730  NetBT - ok
14:34:06.0499 0x1730  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
14:34:06.0515 0x1730  Netlogon - ok
14:34:06.0608 0x1730  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:34:06.0655 0x1730  Netman - ok
14:34:06.0764 0x1730  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:34:06.0780 0x1730  NetMsmqActivator - ok
14:34:06.0796 0x1730  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:34:06.0811 0x1730  NetPipeActivator - ok
14:34:06.0874 0x1730  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:34:06.0936 0x1730  netprofm - ok
14:34:06.0936 0x1730  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:34:06.0952 0x1730  NetTcpActivator - ok
14:34:06.0952 0x1730  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:34:06.0967 0x1730  NetTcpPortSharing - ok
14:34:07.0014 0x1730  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:34:07.0045 0x1730  nfrd960 - ok
14:34:07.0139 0x1730  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:34:07.0170 0x1730  NlaSvc - ok
14:34:07.0201 0x1730  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:34:07.0232 0x1730  Npfs - ok
14:34:07.0248 0x1730  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:34:07.0295 0x1730  nsi - ok
14:34:07.0310 0x1730  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:34:07.0342 0x1730  nsiproxy - ok
14:34:07.0560 0x1730  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:34:07.0607 0x1730  Ntfs - ok
14:34:07.0732 0x1730  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:34:07.0794 0x1730  Null - ok
14:34:07.0903 0x1730  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:34:07.0919 0x1730  nvraid - ok
14:34:07.0997 0x1730  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:34:08.0012 0x1730  nvstor - ok
14:34:08.0106 0x1730  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:34:08.0137 0x1730  nv_agp - ok
14:34:08.0200 0x1730  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:34:08.0231 0x1730  ohci1394 - ok
14:34:08.0324 0x1730  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:34:08.0371 0x1730  p2pimsvc - ok
14:34:08.0480 0x1730  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:34:08.0527 0x1730  p2psvc - ok
14:34:08.0605 0x1730  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:34:08.0636 0x1730  Parport - ok
14:34:08.0683 0x1730  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:34:08.0683 0x1730  partmgr - ok
14:34:08.0777 0x1730  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:34:08.0824 0x1730  PcaSvc - ok
14:34:08.0870 0x1730  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:34:08.0902 0x1730  pci - ok
14:34:08.0964 0x1730  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:34:08.0980 0x1730  pciide - ok
14:34:09.0011 0x1730  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:34:09.0026 0x1730  pcmcia - ok
14:34:09.0073 0x1730  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:34:09.0073 0x1730  pcw - ok
14:34:09.0136 0x1730  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:34:09.0198 0x1730  PEAUTH - ok
14:34:09.0370 0x1730  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:34:09.0385 0x1730  PerfHost - ok
14:34:09.0635 0x1730  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:34:09.0728 0x1730  pla - ok
14:34:09.0791 0x1730  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:34:09.0822 0x1730  PlugPlay - ok
14:34:09.0916 0x1730  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:34:09.0947 0x1730  PNRPAutoReg - ok
14:34:09.0994 0x1730  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:34:10.0009 0x1730  PNRPsvc - ok
14:34:10.0087 0x1730  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:34:10.0181 0x1730  PolicyAgent - ok
14:34:10.0228 0x1730  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:34:10.0274 0x1730  Power - ok
14:34:10.0352 0x1730  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:34:10.0415 0x1730  PptpMiniport - ok
14:34:10.0477 0x1730  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:34:10.0493 0x1730  Processor - ok
14:34:10.0540 0x1730  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:34:10.0602 0x1730  ProfSvc - ok
14:34:10.0649 0x1730  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:34:10.0664 0x1730  ProtectedStorage - ok
14:34:10.0680 0x1730  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:34:10.0727 0x1730  Psched - ok
14:34:10.0992 0x1730  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:34:11.0054 0x1730  ql2300 - ok
14:34:11.0086 0x1730  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:34:11.0086 0x1730  ql40xx - ok
14:34:11.0179 0x1730  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:34:11.0210 0x1730  QWAVE - ok
14:34:11.0273 0x1730  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:34:11.0304 0x1730  QWAVEdrv - ok
14:34:11.0351 0x1730  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:34:11.0398 0x1730  RasAcd - ok
14:34:11.0460 0x1730  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:34:11.0522 0x1730  RasAgileVpn - ok
14:34:11.0600 0x1730  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:34:11.0663 0x1730  RasAuto - ok
14:34:11.0725 0x1730  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:34:11.0756 0x1730  Rasl2tp - ok
14:34:11.0788 0x1730  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:34:11.0834 0x1730  RasMan - ok
14:34:11.0897 0x1730  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:34:11.0928 0x1730  RasPppoe - ok
14:34:11.0959 0x1730  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:34:11.0990 0x1730  RasSstp - ok
14:34:12.0037 0x1730  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:34:12.0100 0x1730  rdbss - ok
14:34:12.0162 0x1730  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:34:12.0193 0x1730  rdpbus - ok
14:34:12.0209 0x1730  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:34:12.0240 0x1730  RDPCDD - ok
14:34:12.0287 0x1730  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:34:12.0318 0x1730  RDPENCDD - ok
14:34:12.0349 0x1730  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:34:12.0380 0x1730  RDPREFMP - ok
14:34:12.0443 0x1730  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:34:12.0521 0x1730  RDPWD - ok
14:34:12.0552 0x1730  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:34:12.0568 0x1730  rdyboost - ok
14:34:12.0677 0x1730  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:34:12.0739 0x1730  RemoteAccess - ok
14:34:12.0833 0x1730  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:34:12.0880 0x1730  RemoteRegistry - ok
14:34:12.0989 0x1730  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:34:13.0020 0x1730  RFCOMM - ok
14:34:13.0051 0x1730  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:34:13.0082 0x1730  RpcEptMapper - ok
14:34:13.0160 0x1730  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:34:13.0192 0x1730  RpcLocator - ok
14:34:13.0223 0x1730  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:34:13.0270 0x1730  RpcSs - ok
14:34:13.0348 0x1730  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:34:13.0394 0x1730  rspndr - ok
14:34:13.0457 0x1730  [ CE0A1D8A59410E698140821E4E69DA0D, 4AEBF07C4016AF62B1A4F1C838FDC3A272FC643E596A86E4FE3C34F10523E318 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
14:34:13.0472 0x1730  RSUSBVSTOR - ok
14:34:13.0550 0x1730  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:34:13.0582 0x1730  RTL8167 - ok
14:34:13.0613 0x1730  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
14:34:13.0644 0x1730  SamSs - ok
14:34:13.0706 0x1730  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:34:13.0738 0x1730  sbp2port - ok
14:34:13.0831 0x1730  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:34:13.0925 0x1730  SCardSvr - ok
14:34:13.0956 0x1730  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:34:14.0018 0x1730  scfilter - ok
14:34:14.0159 0x1730  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:34:14.0221 0x1730  Schedule - ok
14:34:14.0268 0x1730  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:34:14.0299 0x1730  SCPolicySvc - ok
14:34:14.0330 0x1730  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:34:14.0362 0x1730  SDRSVC - ok
14:34:14.0455 0x1730  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:34:14.0502 0x1730  secdrv - ok
14:34:14.0518 0x1730  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:34:14.0564 0x1730  seclogon - ok
14:34:14.0642 0x1730  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
14:34:14.0705 0x1730  SENS - ok
14:34:14.0767 0x1730  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:34:14.0798 0x1730  SensrSvc - ok
14:34:14.0830 0x1730  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:34:14.0845 0x1730  Serenum - ok
14:34:14.0876 0x1730  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:34:14.0892 0x1730  Serial - ok
14:34:14.0954 0x1730  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:34:14.0986 0x1730  sermouse - ok
14:34:15.0064 0x1730  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:34:15.0126 0x1730  SessionEnv - ok
14:34:15.0188 0x1730  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:34:15.0204 0x1730  sffdisk - ok
14:34:15.0235 0x1730  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:34:15.0251 0x1730  sffp_mmc - ok
14:34:15.0266 0x1730  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:34:15.0282 0x1730  sffp_sd - ok
14:34:15.0360 0x1730  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:34:15.0376 0x1730  sfloppy - ok
14:34:15.0500 0x1730  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:34:15.0563 0x1730  SharedAccess - ok
14:34:15.0641 0x1730  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:34:15.0703 0x1730  ShellHWDetection - ok
14:34:15.0812 0x1730  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
14:34:15.0828 0x1730  SiSGbeLH - ok
14:34:15.0906 0x1730  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:34:15.0922 0x1730  SiSRaid2 - ok
14:34:15.0953 0x1730  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:34:15.0984 0x1730  SiSRaid4 - ok
14:34:16.0140 0x1730  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:34:16.0187 0x1730  SkypeUpdate - ok
14:34:16.0249 0x1730  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:34:16.0296 0x1730  Smb - ok
14:34:16.0374 0x1730  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:34:16.0405 0x1730  SNMPTRAP - ok
14:34:16.0514 0x1730  [ D56F7986AA56D58A26644B562803970B, 13B21C8425D235282F4A338C4BAD1162CFBBA9E23AB136AEAE060439DF30CE37 ] SophosVirusRemovalTool C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
14:34:16.0546 0x1730  SophosVirusRemovalTool - ok
14:34:16.0577 0x1730  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:34:16.0592 0x1730  spldr - ok
14:34:16.0764 0x1730  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:34:16.0795 0x1730  Spooler - ok
14:34:17.0123 0x1730  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:34:17.0357 0x1730  sppsvc - ok
14:34:17.0419 0x1730  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:34:17.0466 0x1730  sppuinotify - ok
14:34:17.0575 0x1730  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:34:17.0638 0x1730  srv - ok
14:34:17.0669 0x1730  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:34:17.0716 0x1730  srv2 - ok
14:34:17.0747 0x1730  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:34:17.0778 0x1730  srvnet - ok
14:34:17.0809 0x1730  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:34:17.0872 0x1730  SSDPSRV - ok
14:34:17.0918 0x1730  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:34:17.0950 0x1730  SstpSvc - ok
14:34:18.0012 0x1730  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:34:18.0028 0x1730  stexstor - ok
14:34:18.0074 0x1730  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:34:18.0121 0x1730  stisvc - ok
14:34:18.0137 0x1730  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:34:18.0152 0x1730  swenum - ok
14:34:18.0449 0x1730  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:34:18.0480 0x1730  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:34:18.0480 0x1730  Detect skipped due to KSN trusted
14:34:18.0480 0x1730  SwitchBoard - ok
14:34:18.0589 0x1730  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:34:18.0652 0x1730  swprv - ok
14:34:18.0776 0x1730  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:34:18.0901 0x1730  SysMain - ok
14:34:18.0932 0x1730  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:34:18.0948 0x1730  TabletInputService - ok
14:34:19.0057 0x1730  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:34:19.0104 0x1730  TapiSrv - ok
14:34:19.0120 0x1730  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:34:19.0151 0x1730  TBS - ok
14:34:19.0354 0x1730  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:34:19.0416 0x1730  Tcpip - ok
14:34:19.0525 0x1730  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:34:19.0588 0x1730  TCPIP6 - ok
14:34:19.0697 0x1730  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:34:19.0728 0x1730  tcpipreg - ok
14:34:19.0790 0x1730  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:34:19.0837 0x1730  TDPIPE - ok
14:34:19.0884 0x1730  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:34:19.0900 0x1730  TDTCP - ok
14:34:19.0931 0x1730  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:34:19.0962 0x1730  tdx - ok
14:34:20.0446 0x1730  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
14:34:20.0586 0x1730  TeamViewer9 - ok
14:34:20.0648 0x1730  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:34:20.0664 0x1730  TermDD - ok
14:34:20.0742 0x1730  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
14:34:20.0773 0x1730  TermService - ok
14:34:20.0836 0x1730  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:34:20.0867 0x1730  Themes - ok
14:34:20.0960 0x1730  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:34:21.0023 0x1730  THREADORDER - ok
14:34:21.0054 0x1730  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:34:21.0085 0x1730  TrkWks - ok
14:34:21.0226 0x1730  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:34:21.0272 0x1730  TrustedInstaller - ok
14:34:21.0335 0x1730  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:34:21.0366 0x1730  tssecsrv - ok
14:34:21.0460 0x1730  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:34:21.0506 0x1730  TsUsbFlt - ok
14:34:21.0538 0x1730  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:34:21.0553 0x1730  TsUsbGD - ok
14:34:21.0631 0x1730  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:34:21.0678 0x1730  tunnel - ok
14:34:21.0678 0x1730  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:34:21.0694 0x1730  uagp35 - ok
14:34:21.0818 0x1730  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:34:21.0928 0x1730  udfs - ok
14:34:21.0990 0x1730  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:34:22.0021 0x1730  UI0Detect - ok
14:34:22.0084 0x1730  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:34:22.0099 0x1730  uliagpkx - ok
14:34:22.0162 0x1730  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:34:22.0193 0x1730  umbus - ok
14:34:22.0193 0x1730  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:34:22.0208 0x1730  UmPass - ok
14:34:22.0567 0x1730  [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:34:22.0739 0x1730  UNS - ok
14:34:22.0817 0x1730  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:34:22.0895 0x1730  upnphost - ok
14:34:22.0957 0x1730  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:34:23.0004 0x1730  usbaudio - ok
14:34:23.0066 0x1730  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:34:23.0113 0x1730  usbccgp - ok
14:34:23.0160 0x1730  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:34:23.0191 0x1730  usbcir - ok
14:34:23.0269 0x1730  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:34:23.0285 0x1730  usbehci - ok
14:34:23.0456 0x1730  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:34:23.0488 0x1730  usbhub - ok
14:34:23.0550 0x1730  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:34:23.0566 0x1730  usbohci - ok
14:34:23.0597 0x1730  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:34:23.0612 0x1730  usbprint - ok
14:34:23.0675 0x1730  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:34:23.0706 0x1730  USBSTOR - ok
14:34:23.0800 0x1730  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:34:23.0815 0x1730  usbuhci - ok
14:34:23.0878 0x1730  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:34:23.0909 0x1730  usbvideo - ok
14:34:23.0971 0x1730  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:34:24.0018 0x1730  UxSms - ok
14:34:24.0049 0x1730  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
14:34:24.0143 0x1730  VaultSvc - ok
14:34:24.0205 0x1730  [ 68EF855725F65A5C3C24F78D33388F30, FC419009627BF80CD806FD475ABA17D9F1A1907FDB58D75041307E70EACFEFEC ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:34:24.0236 0x1730  VBoxDrv - ok
14:34:24.0299 0x1730  [ 7FFC48B516856FD40B9F55687C8D70A2, F805CF5C709C01270C3AE7C82C3DDB21CF17C1B085CDF4452C0462EA39878693 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:34:24.0314 0x1730  VBoxNetAdp - ok
14:34:24.0377 0x1730  [ 7A92E82A1DCC528F4E7D3F655BDEA6AA, 81009484A7467A37C891E2EA152E5CBB6611BC3759394A967AC3980353582572 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:34:24.0392 0x1730  VBoxNetFlt - ok
14:34:24.0455 0x1730  [ F3CF9F56C2A8AEB50EB679DC76902BE0, 8E56107C4984E23FD8FF9428EBE0189F24CB9CD460E1110991011FD005E81C26 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:34:24.0470 0x1730  VBoxUSBMon - ok
14:34:24.0517 0x1730  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:34:24.0533 0x1730  vdrvroot - ok
14:34:24.0642 0x1730  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:34:24.0704 0x1730  vds - ok
14:34:24.0736 0x1730  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:34:24.0751 0x1730  vga - ok
14:34:24.0767 0x1730  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:34:24.0798 0x1730  VgaSave - ok
14:34:24.0829 0x1730  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:34:24.0892 0x1730  vhdmp - ok
14:34:24.0923 0x1730  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:34:24.0938 0x1730  viaide - ok
14:34:24.0954 0x1730  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:34:24.0970 0x1730  volmgr - ok
14:34:25.0001 0x1730  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:34:25.0016 0x1730  volmgrx - ok
14:34:25.0063 0x1730  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:34:25.0141 0x1730  volsnap - ok
14:34:25.0188 0x1730  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:34:25.0235 0x1730  vsmraid - ok
14:34:25.0375 0x1730  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:34:25.0531 0x1730  VSS - ok
14:34:25.0562 0x1730  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:34:25.0578 0x1730  vwifibus - ok
14:34:25.0625 0x1730  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:34:25.0640 0x1730  vwififlt - ok
14:34:25.0750 0x1730  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:34:25.0781 0x1730  vwifimp - ok
14:34:25.0859 0x1730  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:34:25.0999 0x1730  W32Time - ok
14:34:26.0030 0x1730  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:34:26.0046 0x1730  WacomPen - ok
14:34:26.0077 0x1730  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:34:26.0108 0x1730  WANARP - ok
14:34:26.0124 0x1730  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:34:26.0155 0x1730  Wanarpv6 - ok
14:34:26.0296 0x1730  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:34:26.0420 0x1730  WatAdminSvc - ok
14:34:26.0545 0x1730  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:34:26.0639 0x1730  wbengine - ok
14:34:26.0670 0x1730  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:34:26.0686 0x1730  WbioSrvc - ok
14:34:26.0732 0x1730  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:34:26.0764 0x1730  wcncsvc - ok
14:34:26.0795 0x1730  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:34:26.0810 0x1730  WcsPlugInService - ok
14:34:26.0873 0x1730  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:34:26.0888 0x1730  Wd - ok
14:34:26.0951 0x1730  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
14:34:26.0998 0x1730  WDC_SAM - ok
14:34:27.0091 0x1730  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:34:27.0138 0x1730  Wdf01000 - ok
14:34:27.0185 0x1730  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:34:27.0200 0x1730  WdiServiceHost - ok
14:34:27.0200 0x1730  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:34:27.0232 0x1730  WdiSystemHost - ok
14:34:27.0372 0x1730  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:34:27.0419 0x1730  WebClient - ok
14:34:27.0450 0x1730  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:34:27.0497 0x1730  Wecsvc - ok
14:34:27.0544 0x1730  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:34:27.0575 0x1730  wercplsupport - ok
14:34:27.0622 0x1730  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:34:27.0700 0x1730  WerSvc - ok
14:34:27.0715 0x1730  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:34:27.0746 0x1730  WfpLwf - ok
14:34:27.0824 0x1730  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
14:34:27.0856 0x1730  WimFltr - ok
14:34:27.0918 0x1730  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:34:27.0949 0x1730  WIMMount - ok
14:34:28.0012 0x1730  WinDefend - ok
14:34:28.0012 0x1730  WinHttpAutoProxySvc - ok
14:34:28.0152 0x1730  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:34:28.0230 0x1730  Winmgmt - ok
14:34:28.0464 0x1730  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:34:28.0620 0x1730  WinRM - ok
14:34:28.0682 0x1730  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:34:28.0714 0x1730  WinUsb - ok
14:34:28.0854 0x1730  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:34:28.0916 0x1730  Wlansvc - ok
14:34:29.0041 0x1730  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:34:29.0057 0x1730  wlcrasvc - ok
14:34:29.0353 0x1730  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:34:29.0431 0x1730  wlidsvc - ok
14:34:29.0462 0x1730  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:34:29.0494 0x1730  WmiAcpi - ok
14:34:29.0650 0x1730  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:34:29.0681 0x1730  wmiApSrv - ok
14:34:29.0790 0x1730  WMPNetworkSvc - ok
14:34:29.0899 0x1730  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:34:29.0930 0x1730  WPCSvc - ok
14:34:29.0977 0x1730  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:34:29.0993 0x1730  WPDBusEnum - ok
14:34:30.0086 0x1730  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:34:30.0149 0x1730  ws2ifsl - ok
14:34:30.0211 0x1730  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
14:34:30.0242 0x1730  wscsvc - ok
14:34:30.0258 0x1730  WSearch - ok
14:34:30.0679 0x1730  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:34:30.0773 0x1730  wuauserv - ok
14:34:30.0882 0x1730  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:34:30.0944 0x1730  WudfPf - ok
14:34:30.0976 0x1730  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:34:31.0007 0x1730  WUDFRd - ok
14:34:31.0054 0x1730  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:34:31.0069 0x1730  wudfsvc - ok
14:34:31.0147 0x1730  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:34:31.0178 0x1730  WwanSvc - ok
14:34:31.0241 0x1730  ================ Scan global ===============================
14:34:31.0303 0x1730  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:34:31.0397 0x1730  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:34:31.0428 0x1730  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:34:31.0506 0x1730  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:34:31.0600 0x1730  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:34:31.0631 0x1730  [ Global ] - ok
14:34:31.0631 0x1730  ================ Scan MBR ==================================
14:34:31.0662 0x1730  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:34:32.0551 0x1730  \Device\Harddisk0\DR0 - ok
14:34:33.0565 0x1730  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
14:34:33.0784 0x1730  \Device\Harddisk1\DR1 - ok
14:34:33.0784 0x1730  ================ Scan VBR ==================================
14:34:33.0799 0x1730  [ 9A1222287ED25F5ED3EABEB75ABEC480 ] \Device\Harddisk0\DR0\Partition1
14:34:33.0846 0x1730  \Device\Harddisk0\DR0\Partition1 - ok
14:34:33.0862 0x1730  [ F01D45ED781069835C544C3CC87BFBB1 ] \Device\Harddisk0\DR0\Partition2
14:34:33.0862 0x1730  \Device\Harddisk0\DR0\Partition2 - ok
14:34:33.0877 0x1730  [ D71C503A77270C5D6E97DD96B77717C2 ] \Device\Harddisk1\DR1\Partition1
14:34:33.0877 0x1730  \Device\Harddisk1\DR1\Partition1 - ok
14:34:33.0877 0x1730  ================ Scan generic autorun ======================
14:34:33.0877 0x1730  ETDCtrl - ok
14:34:34.0002 0x1730  [ B66DFC9D8971DD3CC4C522B0BBC8DB27, FAD89952DA699BBE1DCF49DA9C5EE80E3E5110626E4E48423F20D923FC075247 ] C:\Program Files\Greenshot\Greenshot.exe
14:34:34.0049 0x1730  Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
14:34:34.0049 0x1730  Detect skipped due to KSN trusted
14:34:34.0049 0x1730  Greenshot - ok
14:34:34.0283 0x1730  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
14:34:34.0298 0x1730  AdobeAAMUpdater-1.0 - ok
14:34:34.0486 0x1730  Exoqwuha - ok
14:34:34.0548 0x1730  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:34:34.0564 0x1730  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:34:34.0564 0x1730  Detect skipped due to KSN trusted
14:34:34.0564 0x1730  SwitchBoard - ok
14:34:34.0704 0x1730  [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
14:34:34.0735 0x1730  AdobeCS5ServiceManager - ok
14:34:35.0094 0x1730  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Genisis500\AppData\Local\FluxSoftware\Flux\flux.exe
14:34:35.0125 0x1730  F.lux - ok
14:34:35.0312 0x1730  [ 432BE6CF7311062633459EEF6B242FB5, 890C1734ED1EF6B2422A9B21D6205CF91E014ADD8A7F41AA5A294FCF60631A7B ] C:\Windows\SysWOW64\regsvr32.exe
14:34:35.0328 0x1730  Ewtion - ok
14:34:35.0328 0x1730  Odics - ok
14:34:35.0344 0x1730  Win FW state via NFP2: enabled
14:34:38.0011 0x1730  ============================================================
14:34:38.0011 0x1730  Scan finished
14:34:38.0011 0x1730  ============================================================
14:34:38.0011 0x171c  Detected object count: 0
14:34:38.0011 0x171c  Actual detected object count: 0
 



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:16 AM

Posted 26 November 2014 - 04:28 AM

Hi,

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.
Attached File  fixlist.txt   11.04KB   18 downloads



After the Reboot:

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:16 AM

Posted 29 November 2014 - 09:21 AM

Hi,

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:16 AM

Posted 01 December 2014 - 07:36 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users