Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible virus infection


  • This topic is locked This topic is locked
23 replies to this topic

#1 tjlw

tjlw

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 05 January 2015 - 11:44 PM

Computer giving slow response times, random freezes forcing a manual restart of the system and for a time would not open PDFs - cannot find anything specific - need help in cleaning off computer.

 

Have run super anti spy ware, malewarebytes and Eset online scanner but found nothing significant.

 

DDS would not run since non compatible with Windows 8. 

 

Please let me know what I can run to post details.

 

Please help - thanks!



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 06 January 2015 - 04:51 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 tjlw

tjlw
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 06 January 2015 - 07:33 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Walker (administrator) on T on 05-01-2015 21:16:33
Running from C:\Users\T\Downloads
Loaded Profile: Walker (Available profiles: Walker & Administrator)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2795248 2013-10-01] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-1904824456-278268146-3315644187-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-19] (SUPERAntiSpyware)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKU\S-1-5-21-1904824456-278268146-3315644187-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.com/q;_ylt=Aje_BaS0fYQ.SnnnS0tamW2iuYdG;_ylu=X3oDMTBxdGVyNzJxBHNlYwNVSCAzIERlc2t0b3AgU2VhcmNoIDEx;_ylg=X3oDMTBsdWsyY2FpBGxhbmcDZW4tVVMEcHQDMgR0ZXN0Aw--;_ylv=3;_ylc=X1MDMjE0MjQ3ODk0OARfcgMyBGZyA3VoM19maW5hbmNlX3dlYl9ncwRmcjIDc2EtZ3AEZ3ByaWQDBG5fZ3BzAzEwBG9yaWdpbgNmaW5hbmNlLnlhaG9vLmNvbQRwb3MDMQRwcXN0cgMEcXVlcnkDQkFDLARzYWMDMQRzYW8DMQ--?p=http%3A%2F%2Ffinance.yahoo.com%2Fq%3Fs%3DBAC%26ql%3D0&type=2button&fr=uh3_finance_web_gs&uhb=uhb2&s=BAC
HKU\S-1-5-21-1904824456-278268146-3315644187-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1904824456-278268146-3315644187-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-1904824456-278268146-3315644187-1002: DISH Anywhere.com/DISH Anywhere Video Player -> C:\Users\T\AppData\Roaming\DISH Anywhere\DISH Anywhere Video Player\npNMPCBrowserPlugin.dll (Nagravision)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-01-22]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-10-23] (SUPERAntiSpyware.com)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-09-25] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-10-17] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-10-17] (CyberLink)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-25] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2946264 2013-10-18] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-10-01] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-10-01] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 21:16 - 2015-01-05 21:17 - 00017865 _____ () C:\Users\T\Downloads\FRST.txt
2015-01-05 21:16 - 2015-01-05 21:16 - 00000000 ____D () C:\FRST
2015-01-05 21:15 - 2015-01-05 21:15 - 02123776 _____ (Farbar) C:\Users\T\Downloads\FRST64.exe
2015-01-05 21:10 - 2015-01-05 21:09 - 00688992 _____ (Swearware) C:\Users\T\Desktop\dds.com
2015-01-05 21:09 - 2015-01-05 21:09 - 00688992 _____ (Swearware) C:\Users\T\Downloads\dds.com
2015-01-05 21:00 - 2015-01-05 21:00 - 00000000 ____D () C:\SFCFix
2015-01-05 20:26 - 2015-01-05 21:00 - 00000000 ____D () C:\Users\T\AppData\Local\niemiro
2014-12-16 16:15 - 2014-10-30 15:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-16 16:15 - 2014-10-30 15:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-12 14:42 - 2014-12-12 14:42 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-10 06:52 - 2014-11-09 19:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 06:52 - 2014-11-09 18:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 06:52 - 2014-10-30 16:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 06:52 - 2014-10-30 16:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 06:42 - 2014-11-21 20:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 06:42 - 2014-11-21 19:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 06:42 - 2014-11-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 06:42 - 2014-11-21 19:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 06:42 - 2014-11-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 06:42 - 2014-11-21 19:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 06:42 - 2014-11-21 19:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 06:42 - 2014-11-21 19:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 06:42 - 2014-11-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 06:42 - 2014-11-21 19:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 06:42 - 2014-11-21 19:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 06:42 - 2014-11-21 19:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 06:42 - 2014-11-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 06:42 - 2014-11-21 19:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 06:42 - 2014-11-21 19:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 06:42 - 2014-11-21 18:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 06:42 - 2014-11-21 18:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 06:42 - 2014-11-21 18:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 06:42 - 2014-11-21 18:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 06:42 - 2014-11-21 18:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 06:42 - 2014-11-21 18:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 06:42 - 2014-11-21 18:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 06:42 - 2014-11-21 18:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 06:42 - 2014-11-21 18:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 06:42 - 2014-11-21 18:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 06:42 - 2014-11-21 18:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 06:42 - 2014-11-21 18:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 06:42 - 2014-11-21 18:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 06:42 - 2014-11-21 18:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 06:42 - 2014-11-21 18:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 06:42 - 2014-11-21 18:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 06:42 - 2014-11-21 18:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 06:42 - 2014-11-21 18:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 06:42 - 2014-11-21 18:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 06:42 - 2014-11-21 18:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 06:42 - 2014-11-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 06:42 - 2014-11-21 18:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 06:42 - 2014-11-21 17:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 06:42 - 2014-11-21 17:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 06:41 - 2014-11-06 21:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 06:41 - 2014-11-06 20:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 06:40 - 2014-12-03 16:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 06:40 - 2014-12-03 16:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 06:40 - 2014-12-02 16:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 06:40 - 2014-12-02 16:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 06:40 - 2014-12-02 16:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 06:40 - 2014-12-02 16:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 06:40 - 2014-12-02 16:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 06:40 - 2014-10-31 16:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 06:40 - 2014-10-31 16:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 06:39 - 2014-10-12 19:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 06:39 - 2014-10-12 19:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 06:39 - 2014-10-12 19:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 06:39 - 2014-10-12 19:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 21:14 - 2014-10-05 02:40 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1904824456-278268146-3315644187-1002
2015-01-05 21:14 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-05 21:09 - 2013-11-06 17:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-01-05 21:08 - 2013-08-25 23:09 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-05 21:05 - 2014-04-23 13:11 - 00000000 ____D () C:\Users\T\Documents\Youcam
2015-01-05 21:04 - 2014-10-23 20:31 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-05 21:04 - 2014-10-10 11:31 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 21:04 - 2014-10-05 08:23 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 21:04 - 2014-04-26 09:17 - 00000000 ___DO () C:\Users\T\SkyDrive
2015-01-05 21:03 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-05 21:03 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-05 21:02 - 2014-10-05 02:29 - 01836764 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-05 21:00 - 2013-08-22 08:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-05 20:42 - 2014-10-10 11:31 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 18:17 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-04 14:55 - 2014-10-23 18:40 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-04 14:55 - 2014-10-05 08:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-04 14:55 - 2014-10-05 08:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-03 11:59 - 2013-08-25 23:01 - 00040408 _____ () C:\WINDOWS\PFRO.log
2014-12-31 19:16 - 2014-10-05 02:25 - 00000000 ____D () C:\Users\T
2014-12-31 19:15 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-26 21:36 - 2014-11-08 16:35 - 00000000 ____D () C:\Users\T\AppData\Local\Windows Live
2014-12-15 19:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-12 14:42 - 2014-10-18 20:50 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 14:42 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 14:42 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 14:42 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 17:38 - 2014-10-07 15:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 17:38 - 2014-10-05 05:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 17:35 - 2014-10-07 15:01 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-28 15:08

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Walker at 2015-01-05 21:18:37
Running from C:\Users\T\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{19C397A1-9C70-119F-E3BF-752C432FD217}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3418 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DISH Anywhere Video Player (HKLM-x32\...\{80940219-E895-4311-B541-3FB8E7AFD392}) (Version: 2.18.0 - DISH Anywhere)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{D82B396E-A647-4C81-9DA4-C61F7BB620EC}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{1D7EB7E7-0B5D-4A23-A383-7EF133090026}) (Version: 2.3.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector 64-bit (HKLM\...\{95140000-0081-0409-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SlingPlayer for Web (HKLM-x32\...\{EF471CCE-B371-4BCC-AE8C-86F93D917184}) (Version: 2.4.0113 - Sling Media)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.16.1 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-01-2015 12:53:06 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {13C72DC7-B7FB-4CB1-8FFE-9BBE017F316B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)
Task: {361E7034-D8C0-421C-9E62-C1FD8C1B837E} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {79EE744B-69E6-4A9D-88C0-39BC1E4A87A6} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-01] (Synaptics Incorporated)
Task: {7F1F0F8F-5538-4EAD-AAA4-6A5D2E6EA2E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {9B5EFDFA-F63D-4D5D-8554-4DB773BD95A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-10] (Google Inc.)
Task: {9F327957-7F08-490C-BB4F-7990FE5691A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-10] (Google Inc.)
Task: {D02958A3-0FF5-4CB5-AEEA-12CDE87A4A74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)
Task: {D0ACD030-0225-4AF0-8DE2-F1C2AC5E573C} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {D836C9BE-EFEB-4801-AB6D-32D46EE58E25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {E3F746E6-231B-47BB-B9F3-4622F81F5029} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {EF247575-9E59-4E8E-A890-983FD5705E17} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-14 12:23 - 2013-10-14 12:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 12:24 - 2013-10-14 12:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 12:25 - 2013-10-14 12:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 12:22 - 2013-10-14 12:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-10-14 12:22 - 2013-10-14 12:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 12:22 - 2013-10-14 12:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 12:35 - 2013-10-14 12:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 12:35 - 2013-10-14 12:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-09-25 07:49 - 2013-09-25 07:49 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-09-25 07:48 - 2013-09-25 07:48 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-10-14 12:30 - 2013-10-14 12:30 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-01-22 06:28 - 2013-08-05 00:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\T\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\T\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\T\Documents\cutter.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1904824456-278268146-3315644187-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1904824456-278268146-3315644187-501 - Limited - Disabled)
Walker (S-1-5-21-1904824456-278268146-3315644187-1002 - Administrator - Enabled) => C:\Users\T

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2015 09:06:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: T)
Description: Activation of app Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (01/05/2015 09:06:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program glcnd.exe version 6.3.9600.17499 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1530

Start Time: 01d02966178d470b

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe

Report Id: 5cde8a61-9559-11e4-828c-a01d480d02bf

Faulting package full name: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.Reader

Error: (01/05/2015 09:06:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: T)
Description: App Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe+Microsoft.Reader did not launch within its allotted time.

Error: (01/05/2015 06:40:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: glcnd.exe, version: 6.3.9600.17499, time stamp: 0x54753656
Faulting module name: glcnd.exe, version: 6.3.9600.17499, time stamp: 0x54753656
Exception code: 0xc000041d
Fault offset: 0x00000000004f0d8f
Faulting process id: 0x2358
Faulting application start time: 0xglcnd.exe0
Faulting application path: glcnd.exe1
Faulting module path: glcnd.exe2
Report Id: glcnd.exe3
Faulting package full name: glcnd.exe4
Faulting package-relative application ID: glcnd.exe5

Error: (01/05/2015 06:40:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: glcnd.exe, version: 6.3.9600.17499, time stamp: 0x54753656
Faulting module name: glcnd.exe, version: 6.3.9600.17499, time stamp: 0x54753656
Exception code: 0xc0000005
Fault offset: 0x00000000004f0d8f
Faulting process id: 0x2358
Faulting application start time: 0xglcnd.exe0
Faulting application path: glcnd.exe1
Faulting module path: glcnd.exe2
Report Id: glcnd.exe3
Faulting package full name: glcnd.exe4
Faulting package-relative application ID: glcnd.exe5

Error: (01/05/2015 06:09:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8cc

Start Time: 01d0294cacb6fb4d

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: a58fea0b-9540-11e4-828b-a01d480d02bf

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/05/2015 05:16:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 55641

Error: (01/05/2015 05:16:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 55641

Error: (01/05/2015 05:16:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 02:30:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17031 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11cc

Start Time: 01d0292e1fa83dfb

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 13ee0633-9522-11e4-828b-a01d480d02bf

Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App


System errors:
=============
Error: (01/05/2015 09:06:23 PM) (Source: DCOM) (EventID: 10010) (User: T)
Description: Microsoft.Reader

Error: (01/05/2015 05:15:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 2 time(s).

Error: (01/05/2015 02:04:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/05/2015 00:06:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/05/2015 11:58:23 AM) (Source: DCOM) (EventID: 10010) (User: T)
Description: Microsoft.Reader

Error: (01/05/2015 11:57:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Monitor Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/05/2015 11:55:05 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:04:39 AM on ‎1/‎5/‎2015 was unexpected.

Error: (01/05/2015 11:41:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
%%1

Error: (01/05/2015 10:06:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 7 time(s).

Error: (01/05/2015 07:06:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 6 time(s).


Microsoft Office Sessions:
=========================
Error: (01/05/2015 09:06:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: T)
Description: Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader-2144927142

Error: (01/05/2015 09:06:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: glcnd.exe6.3.9600.17499153001d02966178d470b4294967295C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe5cde8a61-9559-11e4-828c-a01d480d02bfMicrosoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbweMicrosoft.Reader

Error: (01/05/2015 09:06:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: T)
Description: Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe+Microsoft.Reader

Error: (01/05/2015 06:40:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: glcnd.exe6.3.9600.1749954753656glcnd.exe6.3.9600.1749954753656c000041d00000000004f0d8f235801d02951a1b1d7a7C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exeC:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exeef660df9-9544-11e4-828b-a01d480d02bfMicrosoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbweMicrosoft.Reader

Error: (01/05/2015 06:40:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: glcnd.exe6.3.9600.1749954753656glcnd.exe6.3.9600.1749954753656c000000500000000004f0d8f235801d02951a1b1d7a7C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exeC:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exeee09f6a7-9544-11e4-828b-a01d480d02bfMicrosoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbweMicrosoft.Reader

Error: (01/05/2015 06:09:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.206898cc01d0294cacb6fb4d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exea58fea0b-9540-11e4-828b-a01d480d02bfmicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/05/2015 05:16:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 55641

Error: (01/05/2015 05:16:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 55641

Error: (01/05/2015 05:16:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2015 02:30:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703111cc01d0292e1fa83dfb4294967295C:\WINDOWS\syswow64\wwahost.exe13ee0633-9522-11e4-828b-a01d480d02bfMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp


==================== Memory info =========================== 

Processor: AMD A4-5000 APU with Radeon(TM) HD Graphics 
Percentage of memory in use: 52%
Total physical RAM: 3537.01 MB
Available physical RAM: 1695.9 MB
Total Pagefile: 4177.01 MB
Available Pagefile: 2150.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:446.77 GB) (Free:394.97 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:18.22 GB) (Free:1.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 179F6E94)

Partition: GPT Partition Type.

==================== End Of Log ============================

Could not get GMER to run.

Says "C:\WINDOWS\system32\config\system: The process cannot access the file because it is being used by another process." I click OK for that message and then it says "vgywe4of.exe has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available" - then it closes the GMER window.

17:22:09.0201 0x3c2c  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
17:22:09.0201 0x3c2c  UEFI system
17:22:18.0205 0x3c2c  ============================================================
17:22:18.0205 0x3c2c  Current date / time: 2015/01/06 17:22:18.0205
17:22:18.0205 0x3c2c  SystemInfo:
17:22:18.0205 0x3c2c  
17:22:18.0205 0x3c2c  OS Version: 6.3.9600 ServicePack: 0.0
17:22:18.0205 0x3c2c  Product type: Workstation
17:22:18.0205 0x3c2c  ComputerName: T
17:22:18.0205 0x3c2c  UserName: Walker
17:22:18.0205 0x3c2c  Windows directory: C:\WINDOWS
17:22:18.0205 0x3c2c  System windows directory: C:\WINDOWS
17:22:18.0205 0x3c2c  Running under WOW64
17:22:18.0205 0x3c2c  Processor architecture: Intel x64
17:22:18.0205 0x3c2c  Number of processors: 4
17:22:18.0205 0x3c2c  Page size: 0x1000
17:22:18.0205 0x3c2c  Boot type: Normal boot
17:22:18.0205 0x3c2c  ============================================================
17:22:18.0877 0x3c2c  KLMD registered as C:\WINDOWS\system32\drivers\00965148.sys
17:22:19.0699 0x3c2c  System UUID: {EE40D191-439D-B8C9-00EF-E5FD1155FFE3}
17:22:21.0121 0x3c2c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:22:21.0121 0x3c2c  ============================================================
17:22:21.0121 0x3c2c  \Device\Harddisk0\DR0:
17:22:21.0121 0x3c2c  GPT partitions:
17:22:21.0121 0x3c2c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9A640FD6-4D9E-4991-B6BA-333996A4D4F9}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
17:22:21.0121 0x3c2c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {16E83783-9240-445D-9B66-9C52CA9364B4}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
17:22:21.0121 0x3c2c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {74F20CF1-1226-47A8-BBE3-C5427185B9C5}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
17:22:21.0121 0x3c2c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {08B0B5D9-4320-499F-8113-3F249D996E15}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x37D8B000
17:22:21.0121 0x3c2c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0E1FF511-60C9-403B-AFB3-E9F55B3CA640}, Name: Basic data partition, StartLBA 0x37F15800, BlocksNum 0x2470800
17:22:21.0121 0x3c2c  MBR partitions:
17:22:21.0121 0x3c2c  ============================================================
17:22:21.0168 0x3c2c  C: <-> \Device\Harddisk0\DR0\Partition4
17:22:21.0215 0x3c2c  D: <-> \Device\Harddisk0\DR0\Partition5
17:22:21.0215 0x3c2c  ============================================================
17:22:21.0215 0x3c2c  Initialize success
17:22:21.0215 0x3c2c  ============================================================
17:22:24.0967 0x4908  ============================================================
17:22:24.0967 0x4908  Scan started
17:22:24.0967 0x4908  Mode: Manual; 
17:22:24.0967 0x4908  ============================================================
17:22:24.0967 0x4908  KSN ping started
17:22:27.0591 0x4908  KSN ping finished: true
17:22:30.0519 0x4908  ================ Scan system memory ========================
17:22:30.0519 0x4908  System memory - ok
17:22:30.0535 0x4908  ================ Scan services =============================
17:22:30.0613 0x4908  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:22:30.0628 0x4908  !SASCORE - ok
17:22:30.0894 0x4908  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:22:30.0894 0x4908  1394ohci - ok
17:22:30.0925 0x4908  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:22:30.0941 0x4908  3ware - ok
17:22:31.0019 0x4908  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:22:31.0035 0x4908  ACPI - ok
17:22:31.0066 0x4908  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:22:31.0066 0x4908  acpiex - ok
17:22:31.0097 0x4908  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:22:31.0097 0x4908  acpipagr - ok
17:22:31.0113 0x4908  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:22:31.0128 0x4908  AcpiPmi - ok
17:22:31.0128 0x4908  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:22:31.0128 0x4908  acpitime - ok
17:22:31.0207 0x4908  [ DC1A476AC0550B2060E78D9DB5E5ABFD, 9F43DF32C6F08654DBC8229E114528E3F2F07CBB423576E1EBE8338E7C372F3B ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
17:22:31.0207 0x4908  AdaptiveSleepService - ok
17:22:31.0285 0x4908  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:22:31.0331 0x4908  ADP80XX - ok
17:22:31.0378 0x4908  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:22:31.0378 0x4908  AeLookupSvc - ok
17:22:31.0456 0x4908  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
17:22:31.0456 0x4908  AERTFilters - ok
17:22:31.0535 0x4908  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:22:31.0566 0x4908  AFD - ok
17:22:31.0613 0x4908  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:22:31.0613 0x4908  agp440 - ok
17:22:31.0628 0x4908  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:22:31.0644 0x4908  ahcache - ok
17:22:31.0675 0x4908  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
17:22:31.0691 0x4908  ALG - ok
17:22:31.0737 0x4908  [ CE2A98C4B34ED87C43D87F0D82BD79E7, E4356DD74D68992B3FDABA830999636D63B878FF03634C35FC2A16461E943236 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
17:22:31.0737 0x4908  AMD External Events Utility - ok
17:22:31.0753 0x4908  AMD FUEL Service - ok
17:22:31.0800 0x4908  [ C0A486A51FDE02E22E8D5E5544479825, 9C476AAAD4BE8C5D5AD9F90078ADDD7420D38F0B1901763CCFC0985DBC6FD5F4 ] AmdAS4          C:\WINDOWS\System32\drivers\AmdAS4.sys
17:22:31.0800 0x4908  AmdAS4 - ok
17:22:31.0816 0x4908  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:22:31.0831 0x4908  AmdK8 - ok
17:22:32.0503 0x4908  [ ECEE0A0E6E872101C8339C8C75D12326, CC4468A19475124160410F91BE00E2E66A52670CDA8B0EC41F8B325A0428A5E1 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
17:22:33.0144 0x4908  amdkmdag - ok
17:22:33.0253 0x4908  [ ACE022C96AF60E8B4B34C72BD8AF926C, A718D0EFBA4D036E8E10427DE98626CDC1EC9178B81E533AF9A35C2AD3876C55 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
17:22:33.0284 0x4908  amdkmdap - ok
17:22:33.0316 0x4908  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:22:33.0331 0x4908  AmdPPM - ok
17:22:33.0347 0x4908  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:22:33.0347 0x4908  amdsata - ok
17:22:33.0378 0x4908  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:22:33.0394 0x4908  amdsbs - ok
17:22:33.0425 0x4908  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:22:33.0425 0x4908  amdxata - ok
17:22:33.0472 0x4908  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
17:22:33.0472 0x4908  AppHostSvc - ok
17:22:33.0519 0x4908  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:22:33.0519 0x4908  AppID - ok
17:22:33.0566 0x4908  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:22:33.0581 0x4908  AppIDSvc - ok
17:22:33.0652 0x4908  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:22:33.0667 0x4908  Appinfo - ok
17:22:33.0729 0x4908  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:22:33.0761 0x4908  AppReadiness - ok
17:22:33.0854 0x4908  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:22:33.0917 0x4908  AppXSvc - ok
17:22:33.0933 0x4908  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:22:33.0948 0x4908  arcsas - ok
17:22:34.0073 0x4908  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:22:34.0089 0x4908  aspnet_state - ok
17:22:34.0136 0x4908  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:22:34.0136 0x4908  atapi - ok
17:22:34.0183 0x4908  [ AEB8BC801F11E436EBD8D347F866F7A1, 5C1DBFDD1D705E8CD8680DA3AC933EE47676FFB5FB0800CD0FCDAB5C379356B3 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys
17:22:34.0198 0x4908  AtiHDAudioService - ok
17:22:34.0245 0x4908  [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:22:34.0261 0x4908  AudioEndpointBuilder - ok
17:22:34.0323 0x4908  [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:22:34.0386 0x4908  Audiosrv - ok
17:22:34.0433 0x4908  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:22:34.0448 0x4908  AxInstSV - ok
17:22:34.0511 0x4908  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:22:34.0526 0x4908  b06bdrv - ok
17:22:34.0558 0x4908  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:22:34.0558 0x4908  BasicDisplay - ok
17:22:34.0620 0x4908  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:22:34.0620 0x4908  BasicRender - ok
17:22:34.0651 0x4908  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:22:34.0667 0x4908  bcmfn2 - ok
17:22:34.0729 0x4908  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:22:34.0745 0x4908  BDESVC - ok
17:22:34.0761 0x4908  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:22:34.0854 0x4908  Beep - ok
17:22:34.0917 0x4908  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
17:22:34.0964 0x4908  BFE - ok
17:22:35.0058 0x4908  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
17:22:35.0120 0x4908  BITS - ok
17:22:35.0198 0x4908  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:22:35.0214 0x4908  Bonjour Service - ok
17:22:35.0245 0x4908  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:22:35.0245 0x4908  bowser - ok
17:22:35.0292 0x4908  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:22:35.0308 0x4908  BrokerInfrastructure - ok
17:22:35.0354 0x4908  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
17:22:35.0354 0x4908  Browser - ok
17:22:35.0401 0x4908  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:22:35.0401 0x4908  BthAvrcpTg - ok
17:22:35.0448 0x4908  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:22:35.0448 0x4908  BthHFEnum - ok
17:22:35.0479 0x4908  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:22:35.0495 0x4908  bthhfhid - ok
17:22:35.0511 0x4908  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:22:35.0511 0x4908  BTHMODEM - ok
17:22:35.0558 0x4908  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:22:35.0573 0x4908  bthserv - ok
17:22:35.0636 0x4908  [ DEE40211AA700A0A9D7F95EC38DE0714, F3926D92D940311D7E1E7E656116B1B48C4D6B3AFC35017658C4EC3D0A33EF40 ] Cachedrv server C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
17:22:35.0636 0x4908  Cachedrv server - ok
17:22:35.0664 0x4908  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:22:35.0671 0x4908  cdfs - ok
17:22:35.0693 0x4908  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:22:35.0709 0x4908  cdrom - ok
17:22:35.0756 0x4908  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:22:35.0756 0x4908  CertPropSvc - ok
17:22:35.0803 0x4908  [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
17:22:35.0834 0x4908  cfwids - ok
17:22:35.0865 0x4908  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:22:35.0865 0x4908  circlass - ok
17:22:35.0943 0x4908  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:22:35.0959 0x4908  CLFS - ok
17:22:36.0021 0x4908  [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
17:22:36.0021 0x4908  CLVirtualDrive - ok
17:22:36.0068 0x4908  [ 39F71BF21E7F8EBE9B4810BC95EE26D6, 6134013F918D41A1AA8C814217A272F2C428FA3FE97DB66501FA50A488B0C991 ] clwvd           C:\WINDOWS\system32\DRIVERS\clwvd.sys
17:22:36.0068 0x4908  clwvd - ok
17:22:36.0100 0x4908  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:22:36.0115 0x4908  CmBatt - ok
17:22:36.0162 0x4908  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:22:36.0193 0x4908  CNG - ok
17:22:36.0240 0x4908  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:22:36.0240 0x4908  CompositeBus - ok
17:22:36.0240 0x4908  COMSysApp - ok
17:22:36.0256 0x4908  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:22:36.0271 0x4908  condrv - ok
17:22:36.0303 0x4908  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:22:36.0318 0x4908  CryptSvc - ok
17:22:36.0459 0x4908  [ 398AA4D2401AF8C831C90B96415F1DE5, 891B9E15A103744EA74C970DC489B8CFD326CEA0C51244E8E52B51ADADE2C0E8 ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
17:22:36.0475 0x4908  CyberLink PowerDVD 12 Media Server Monitor Service - ok
17:22:36.0506 0x4908  [ FF250422744FC22839C4CD8D111AF95B, B48A8B536B4A217CA205279D8D64F9F8766AA19CAF41A345679C0192A107616F ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
17:22:36.0506 0x4908  CyberLink PowerDVD 12 Media Server Service - ok
17:22:36.0553 0x4908  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:22:36.0553 0x4908  dam - ok
17:22:36.0631 0x4908  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:22:36.0678 0x4908  DcomLaunch - ok
17:22:36.0725 0x4908  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:22:36.0756 0x4908  defragsvc - ok
17:22:36.0803 0x4908  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:22:36.0818 0x4908  DeviceAssociationService - ok
17:22:36.0881 0x4908  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:22:36.0881 0x4908  DeviceInstall - ok
17:22:36.0896 0x4908  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:22:36.0912 0x4908  Dfsc - ok
17:22:36.0959 0x4908  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:22:36.0975 0x4908  Dhcp - ok
17:22:37.0021 0x4908  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:22:37.0021 0x4908  disk - ok
17:22:37.0053 0x4908  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:22:37.0053 0x4908  dmvsc - ok
17:22:37.0100 0x4908  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:22:37.0115 0x4908  Dnscache - ok
17:22:37.0178 0x4908  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:22:37.0193 0x4908  dot3svc - ok
17:22:37.0240 0x4908  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
17:22:37.0240 0x4908  DPS - ok
17:22:37.0287 0x4908  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:22:37.0287 0x4908  drmkaud - ok
17:22:37.0318 0x4908  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:22:37.0334 0x4908  DsmSvc - ok
17:22:37.0443 0x4908  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:22:37.0553 0x4908  DXGKrnl - ok
17:22:37.0615 0x4908  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:22:37.0615 0x4908  Eaphost - ok
17:22:37.0819 0x4908  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:22:37.0976 0x4908  ebdrv - ok
17:22:38.0022 0x4908  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
17:22:38.0022 0x4908  EFS - ok
17:22:38.0038 0x4908  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:22:38.0038 0x4908  EhStorClass - ok
17:22:38.0069 0x4908  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:22:38.0085 0x4908  EhStorTcgDrv - ok
17:22:38.0101 0x4908  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:22:38.0101 0x4908  ErrDev - ok
17:22:38.0163 0x4908  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
17:22:38.0179 0x4908  EventSystem - ok
17:22:38.0210 0x4908  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:22:38.0226 0x4908  exfat - ok
17:22:38.0272 0x4908  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:22:38.0288 0x4908  fastfat - ok
17:22:38.0366 0x4908  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:22:38.0382 0x4908  Fax - ok
17:22:38.0413 0x4908  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:22:38.0507 0x4908  fdc - ok
17:22:38.0554 0x4908  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:22:38.0554 0x4908  fdPHost - ok
17:22:38.0569 0x4908  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:22:38.0585 0x4908  FDResPub - ok
17:22:38.0601 0x4908  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:22:38.0616 0x4908  fhsvc - ok
17:22:38.0663 0x4908  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:22:38.0663 0x4908  FileInfo - ok
17:22:38.0679 0x4908  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:22:38.0679 0x4908  Filetrace - ok
17:22:38.0726 0x4908  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:22:38.0726 0x4908  flpydisk - ok
17:22:38.0772 0x4908  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:22:38.0804 0x4908  FltMgr - ok
17:22:38.0882 0x4908  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:22:38.0960 0x4908  FontCache - ok
17:22:39.0022 0x4908  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:22:39.0022 0x4908  FontCache3.0.0.0 - ok
17:22:39.0054 0x4908  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:22:39.0069 0x4908  FsDepends - ok
17:22:39.0085 0x4908  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:22:39.0085 0x4908  Fs_Rec - ok
17:22:39.0147 0x4908  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:22:39.0163 0x4908  fvevol - ok
17:22:39.0194 0x4908  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:22:39.0210 0x4908  FxPPM - ok
17:22:39.0226 0x4908  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:22:39.0226 0x4908  gagp30kx - ok
17:22:39.0319 0x4908  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:22:39.0351 0x4908  GamesAppService - ok
17:22:39.0397 0x4908  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:22:39.0397 0x4908  gencounter - ok
17:22:39.0444 0x4908  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:22:39.0444 0x4908  GPIOClx0101 - ok
17:22:39.0538 0x4908  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:22:39.0641 0x4908  gpsvc - ok
17:22:39.0677 0x4908  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:22:39.0693 0x4908  gupdate - ok
17:22:39.0693 0x4908  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:22:39.0709 0x4908  gupdatem - ok
17:22:39.0771 0x4908  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
17:22:39.0787 0x4908  HdAudAddService - ok
17:22:39.0833 0x4908  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:22:39.0833 0x4908  HDAudBus - ok
17:22:39.0849 0x4908  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:22:39.0849 0x4908  HidBatt - ok
17:22:39.0880 0x4908  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:22:39.0880 0x4908  HidBth - ok
17:22:39.0912 0x4908  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:22:39.0912 0x4908  hidi2c - ok
17:22:39.0927 0x4908  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:22:39.0927 0x4908  HidIr - ok
17:22:39.0974 0x4908  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:22:39.0974 0x4908  hidserv - ok
17:22:40.0021 0x4908  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:22:40.0021 0x4908  HidUsb - ok
17:22:40.0084 0x4908  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
17:22:40.0099 0x4908  HipShieldK - ok
17:22:40.0146 0x4908  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:22:40.0162 0x4908  hkmsvc - ok
17:22:40.0193 0x4908  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:22:40.0208 0x4908  HomeGroupListener - ok
17:22:40.0271 0x4908  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:22:40.0287 0x4908  HomeGroupProvider - ok
17:22:40.0396 0x4908  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:22:40.0412 0x4908  HomeNetSvc - ok
17:22:40.0474 0x4908  [ 9C9943220F8F94B917D8C4C9618074CC, DA0229C8718B4CF90F885270B38E1C9833CDF9F00141B899450C155DF3281E36 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:22:40.0490 0x4908  HP Support Assistant Service - ok
17:22:40.0599 0x4908  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:22:40.0662 0x4908  hpqwmiex - ok
17:22:40.0709 0x4908  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:22:40.0709 0x4908  HpSAMD - ok
17:22:40.0833 0x4908  [ F5F3F27E5823A4DF0193CC2534029742, F0126009F8CE9B85A2E9CFC257D1A3117B1CD5A739369502576B1CDF49E1DF85 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
17:22:40.0896 0x4908  HPWMISVC - ok
17:22:40.0974 0x4908  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:22:41.0037 0x4908  HTTP - ok
17:22:41.0068 0x4908  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:22:41.0068 0x4908  hwpolicy - ok
17:22:41.0115 0x4908  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:22:41.0115 0x4908  hyperkbd - ok
17:22:41.0146 0x4908  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:22:41.0146 0x4908  HyperVideo - ok
17:22:41.0162 0x4908  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:22:41.0177 0x4908  i8042prt - ok
17:22:41.0177 0x4908  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:22:41.0177 0x4908  iaLPSSi_GPIO - ok
17:22:41.0209 0x4908  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:22:41.0209 0x4908  iaLPSSi_I2C - ok
17:22:41.0287 0x4908  [ 67F2AFEFCF6A733ACBF3BA21553DAD75, A6F571AB56DFD72FE862FB0F284E457BD554D7E742CAEE10F8C858A3B629689D ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:22:41.0318 0x4908  iaStorA - ok
17:22:41.0365 0x4908  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:22:41.0396 0x4908  iaStorAV - ok
17:22:41.0443 0x4908  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:22:41.0459 0x4908  iaStorV - ok
17:22:41.0474 0x4908  IEEtwCollectorService - ok
17:22:41.0568 0x4908  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:22:41.0616 0x4908  IKEEXT - ok
17:22:41.0851 0x4908  [ 8CAA2A543155675D09B0D5239E31EC99, 033CF96E110136A59E01C4D26FE3681862C0993938959059A37A34DC1C0E1D49 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:22:42.0054 0x4908  IntcAzAudAddService - ok
17:22:42.0085 0x4908  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:22:42.0085 0x4908  intelide - ok
17:22:42.0116 0x4908  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:22:42.0147 0x4908  intelpep - ok
17:22:42.0194 0x4908  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:22:42.0210 0x4908  intelppm - ok
17:22:42.0226 0x4908  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:22:42.0226 0x4908  IpFilterDriver - ok
17:22:42.0304 0x4908  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:22:42.0351 0x4908  iphlpsvc - ok
17:22:42.0398 0x4908  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:22:42.0398 0x4908  IPMIDRV - ok
17:22:42.0444 0x4908  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:22:42.0444 0x4908  IPNAT - ok
17:22:42.0491 0x4908  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:22:42.0491 0x4908  IRENUM - ok
17:22:42.0507 0x4908  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:22:42.0507 0x4908  isapnp - ok
17:22:42.0554 0x4908  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:22:42.0569 0x4908  iScsiPrt - ok
17:22:42.0585 0x4908  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:22:42.0632 0x4908  kbdclass - ok
17:22:42.0647 0x4908  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:22:42.0647 0x4908  kbdhid - ok
17:22:42.0663 0x4908  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:22:42.0663 0x4908  kdnic - ok
17:22:42.0679 0x4908  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:22:42.0694 0x4908  KeyIso - ok
17:22:42.0726 0x4908  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:22:42.0741 0x4908  KSecDD - ok
17:22:42.0773 0x4908  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:22:42.0788 0x4908  KSecPkg - ok
17:22:42.0835 0x4908  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:22:42.0835 0x4908  ksthunk - ok
17:22:42.0929 0x4908  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:22:42.0944 0x4908  KtmRm - ok
17:22:43.0007 0x4908  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:22:43.0022 0x4908  LanmanServer - ok
17:22:43.0085 0x4908  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:22:43.0101 0x4908  LanmanWorkstation - ok
17:22:43.0163 0x4908  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
17:22:43.0194 0x4908  lfsvc - ok
17:22:43.0226 0x4908  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:22:43.0241 0x4908  lltdio - ok
17:22:43.0288 0x4908  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:22:43.0288 0x4908  lltdsvc - ok
17:22:43.0319 0x4908  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:22:43.0319 0x4908  lmhosts - ok
17:22:43.0351 0x4908  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:22:43.0366 0x4908  LSI_SAS - ok
17:22:43.0382 0x4908  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:22:43.0382 0x4908  LSI_SAS2 - ok
17:22:43.0397 0x4908  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:22:43.0397 0x4908  LSI_SAS3 - ok
17:22:43.0429 0x4908  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:22:43.0429 0x4908  LSI_SSS - ok
17:22:43.0507 0x4908  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
17:22:43.0554 0x4908  LSM - ok
17:22:43.0601 0x4908  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:22:43.0601 0x4908  luafv - ok
17:22:43.0664 0x4908  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
17:22:43.0664 0x4908  MBAMProtector - ok
17:22:43.0820 0x4908  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
17:22:43.0914 0x4908  MBAMScheduler - ok
17:22:44.0007 0x4908  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
17:22:44.0054 0x4908  MBAMService - ok
17:22:44.0101 0x4908  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:22:44.0117 0x4908  MBAMSwissArmy - ok
17:22:44.0148 0x4908  [ 9D7BFFDB5FA62B600DF1FCB4919D9D79, B610B18E25366F56A785C1BECE0EC534C836FAB0DF13E0BC3AF7A626E6CD6A5F ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
17:22:44.0148 0x4908  MBAMWebAccessControl - ok
17:22:44.0226 0x4908  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
17:22:44.0226 0x4908  McAPExe - ok
17:22:44.0320 0x4908  [ 4F3FAE9E811E64BBE68152F0ED186D75, 55C53B218F8769E9E8774278E7FFB4A8B7753B103D280248E9D5FE42F12B2DCB ] McAWFwk         c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
17:22:44.0335 0x4908  McAWFwk - ok
17:22:44.0351 0x4908  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcbootdelaystartsvc C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
17:22:44.0367 0x4908  mcbootdelaystartsvc - ok
17:22:44.0398 0x4908  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:22:44.0414 0x4908  McMPFSvc - ok
17:22:44.0429 0x4908  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
17:22:44.0445 0x4908  McNaiAnn - ok
17:22:44.0539 0x4908  [ 1817FCB59F1832BC5387EC10838FC1BF, F0950EEEF5285C1C21E0C5BAFAFA44302E901EB8466427FA6AA3F1709B4D5A21 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
17:22:44.0570 0x4908  McODS - ok
17:22:44.0617 0x4908  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2       C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
17:22:44.0632 0x4908  McOobeSv2 - ok
17:22:44.0664 0x4908  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
17:22:44.0679 0x4908  mcpltsvc - ok
17:22:44.0695 0x4908  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
17:22:44.0710 0x4908  McProxy - ok
17:22:44.0757 0x4908  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:22:44.0757 0x4908  megasas - ok
17:22:44.0804 0x4908  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:22:44.0820 0x4908  megasr - ok
17:22:44.0882 0x4908  [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
17:22:44.0898 0x4908  mfeapfk - ok
17:22:44.0929 0x4908  [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
17:22:44.0945 0x4908  mfeavfk - ok
17:22:45.0070 0x4908  [ C83EBEE66A2754CEE5B05699A42F728B, 1D739A505AEC1F40CC8CB86D01BDCEC0E29002A609FDA96CEF3531285E8261B9 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
17:22:45.0117 0x4908  mfecore - ok
17:22:45.0164 0x4908  [ DD19F44DE0F742B2E89FB6489A2F7197, B6BF5236181492B9996471469E18C3A11ECD6224BE740BA312771E1A7D4AD6BD ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
17:22:45.0179 0x4908  mfeelamk - ok
17:22:45.0242 0x4908  [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:22:45.0257 0x4908  mfefire - ok
17:22:45.0289 0x4908  [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
17:22:45.0320 0x4908  mfefirek - ok
17:22:45.0382 0x4908  [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
17:22:45.0414 0x4908  mfehidk - ok
17:22:45.0507 0x4908  [ 93712907DEE6FFBD8A4016ECBB250DCD, FB3673BA495EF1301C4BA75B457493D9B1D5AE52642A04473575CABC1EC6EDFD ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
17:22:45.0523 0x4908  mfencbdc - ok
17:22:45.0539 0x4908  [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
17:22:45.0554 0x4908  mfencrk - ok
17:22:45.0601 0x4908  [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp          C:\Windows\system32\mfevtps.exe
17:22:45.0617 0x4908  mfevtp - ok
17:22:45.0685 0x4908  [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
17:22:45.0697 0x4908  mfewfpk - ok
17:22:45.0765 0x4908  Microsoft SharePoint Workspace Audit Service - ok
17:22:45.0803 0x4908  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:22:45.0818 0x4908  MMCSS - ok
17:22:45.0834 0x4908  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:22:45.0834 0x4908  Modem - ok
17:22:45.0850 0x4908  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:22:45.0865 0x4908  monitor - ok
17:22:45.0865 0x4908  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:22:45.0881 0x4908  mouclass - ok
17:22:45.0911 0x4908  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:22:45.0927 0x4908  mouhid - ok
17:22:45.0942 0x4908  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:22:45.0942 0x4908  mountmgr - ok
17:22:45.0958 0x4908  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:22:45.0973 0x4908  mpsdrv - ok
17:22:46.0020 0x4908  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:22:46.0083 0x4908  MpsSvc - ok
17:22:46.0145 0x4908  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:22:46.0161 0x4908  MRxDAV - ok
17:22:46.0223 0x4908  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:22:46.0239 0x4908  mrxsmb - ok
17:22:46.0270 0x4908  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:22:46.0286 0x4908  mrxsmb10 - ok
17:22:46.0317 0x4908  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:22:46.0333 0x4908  mrxsmb20 - ok
17:22:46.0364 0x4908  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:22:46.0380 0x4908  MsBridge - ok
17:22:46.0427 0x4908  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:22:46.0442 0x4908  MSDTC - ok
17:22:46.0474 0x4908  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:22:46.0474 0x4908  Msfs - ok
17:22:46.0489 0x4908  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:22:46.0505 0x4908  msgpiowin32 - ok
17:22:46.0520 0x4908  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:22:46.0520 0x4908  mshidkmdf - ok
17:22:46.0536 0x4908  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:22:46.0536 0x4908  mshidumdf - ok
17:22:46.0583 0x4908  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:22:46.0583 0x4908  msisadrv - ok
17:22:46.0661 0x4908  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:22:46.0677 0x4908  MSiSCSI - ok
17:22:46.0692 0x4908  msiserver - ok
17:22:46.0739 0x4908  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
17:22:46.0755 0x4908  MSK80Service - ok
17:22:46.0786 0x4908  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:22:46.0786 0x4908  MSKSSRV - ok
17:22:46.0802 0x4908  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:22:46.0802 0x4908  MsLldp - ok
17:22:46.0833 0x4908  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:22:46.0833 0x4908  MSPCLOCK - ok
17:22:46.0848 0x4908  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:22:46.0848 0x4908  MSPQM - ok
17:22:46.0895 0x4908  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:22:46.0911 0x4908  MsRPC - ok
17:22:46.0927 0x4908  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:22:46.0927 0x4908  mssmbios - ok
17:22:46.0958 0x4908  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:22:46.0958 0x4908  MSTEE - ok
17:22:46.0973 0x4908  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:22:46.0973 0x4908  MTConfig - ok
17:22:46.0989 0x4908  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:22:46.0989 0x4908  Mup - ok
17:22:47.0020 0x4908  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:22:47.0020 0x4908  mvumis - ok
17:22:47.0114 0x4908  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:22:47.0130 0x4908  napagent - ok
17:22:47.0192 0x4908  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:22:47.0208 0x4908  NativeWifiP - ok
17:22:47.0255 0x4908  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:22:47.0255 0x4908  NcaSvc - ok
17:22:47.0286 0x4908  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:22:47.0302 0x4908  NcbService - ok
17:22:47.0317 0x4908  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:22:47.0317 0x4908  NcdAutoSetup - ok
17:22:47.0411 0x4908  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:22:47.0458 0x4908  NDIS - ok
17:22:47.0474 0x4908  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:22:47.0474 0x4908  NdisCap - ok
17:22:47.0505 0x4908  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:22:47.0505 0x4908  NdisImPlatform - ok
17:22:47.0520 0x4908  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:22:47.0520 0x4908  NdisTapi - ok
17:22:47.0567 0x4908  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:22:47.0567 0x4908  Ndisuio - ok
17:22:47.0599 0x4908  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:22:47.0599 0x4908  NdisVirtualBus - ok
17:22:47.0648 0x4908  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:22:47.0669 0x4908  NdisWan - ok
17:22:47.0678 0x4908  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:22:47.0694 0x4908  NdisWanLegacy - ok
17:22:47.0725 0x4908  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:22:47.0725 0x4908  NDProxy - ok
17:22:47.0757 0x4908  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:22:47.0772 0x4908  Ndu - ok
17:22:47.0788 0x4908  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:22:47.0788 0x4908  NetBIOS - ok
17:22:47.0835 0x4908  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:22:47.0944 0x4908  NetBT - ok
17:22:47.0975 0x4908  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:22:47.0975 0x4908  Netlogon - ok
17:22:48.0022 0x4908  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
17:22:48.0038 0x4908  Netman - ok
17:22:48.0085 0x4908  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:22:48.0132 0x4908  netprofm - ok
17:22:48.0210 0x4908  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:22:48.0241 0x4908  NetTcpPortSharing - ok
17:22:48.0288 0x4908  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
17:22:48.0288 0x4908  netvsc - ok
17:22:48.0366 0x4908  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:22:48.0397 0x4908  NlaSvc - ok
17:22:48.0428 0x4908  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:22:48.0428 0x4908  Npfs - ok
17:22:48.0460 0x4908  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:22:48.0460 0x4908  npsvctrig - ok
17:22:48.0491 0x4908  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:22:48.0553 0x4908  nsi - ok
17:22:48.0585 0x4908  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:22:48.0585 0x4908  nsiproxy - ok
17:22:48.0741 0x4908  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:22:48.0835 0x4908  Ntfs - ok
17:22:48.0866 0x4908  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:22:48.0866 0x4908  Null - ok
17:22:48.0913 0x4908  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:22:48.0928 0x4908  nvraid - ok
17:22:48.0944 0x4908  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:22:48.0960 0x4908  nvstor - ok
17:22:48.0975 0x4908  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:22:48.0991 0x4908  nv_agp - ok
17:22:49.0053 0x4908  [ 1300D100EF891C98504DE38624D3F639, 3F7D5A1BB725DC224E08EFC0D6A7F579FC78C64554BAF02D58A6624B91D6384E ] omniserv        C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
17:22:49.0053 0x4908  omniserv - ok
17:22:49.0132 0x4908  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:22:49.0132 0x4908  ose64 - ok
17:22:49.0428 0x4908  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:22:49.0698 0x4908  osppsvc - ok
17:22:49.0792 0x4908  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:22:49.0807 0x4908  p2pimsvc - ok
17:22:49.0870 0x4908  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:22:49.0885 0x4908  p2psvc - ok
17:22:49.0917 0x4908  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:22:49.0917 0x4908  Parport - ok
17:22:49.0963 0x4908  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:22:49.0963 0x4908  partmgr - ok
17:22:50.0026 0x4908  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:22:50.0057 0x4908  PcaSvc - ok
17:22:50.0104 0x4908  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:22:50.0120 0x4908  pci - ok
17:22:50.0151 0x4908  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:22:50.0151 0x4908  pciide - ok
17:22:50.0182 0x4908  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:22:50.0198 0x4908  pcmcia - ok
17:22:50.0213 0x4908  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:22:50.0213 0x4908  pcw - ok
17:22:50.0260 0x4908  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:22:50.0260 0x4908  pdc - ok
17:22:50.0354 0x4908  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:22:50.0385 0x4908  PEAUTH - ok
17:22:50.0479 0x4908  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:22:50.0495 0x4908  PerfHost - ok
17:22:50.0604 0x4908  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
17:22:50.0682 0x4908  pla - ok
17:22:50.0745 0x4908  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:22:50.0760 0x4908  PlugPlay - ok
17:22:50.0792 0x4908  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:22:50.0807 0x4908  PNRPAutoReg - ok
17:22:50.0839 0x4908  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:22:50.0870 0x4908  PNRPsvc - ok
17:22:50.0932 0x4908  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:22:50.0948 0x4908  PolicyAgent - ok
17:22:50.0995 0x4908  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
17:22:51.0010 0x4908  Power - ok
17:22:51.0229 0x4908  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:22:51.0370 0x4908  PrintNotify - ok
17:22:51.0432 0x4908  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:22:51.0432 0x4908  Processor - ok
17:22:51.0502 0x4908  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:22:51.0517 0x4908  ProfSvc - ok
17:22:51.0570 0x4908  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:22:51.0570 0x4908  Psched - ok
17:22:51.0632 0x4908  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:22:51.0649 0x4908  QWAVE - ok
17:22:51.0668 0x4908  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:22:51.0668 0x4908  QWAVEdrv - ok
17:22:51.0700 0x4908  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:22:51.0700 0x4908  RasAcd - ok
17:22:51.0785 0x4908  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:22:51.0785 0x4908  RasAuto - ok
17:22:51.0863 0x4908  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:22:51.0894 0x4908  RasMan - ok
17:22:51.0941 0x4908  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:22:51.0941 0x4908  RasPppoe - ok
17:22:52.0035 0x4908  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:22:52.0050 0x4908  rdbss - ok
17:22:52.0113 0x4908  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:22:52.0113 0x4908  rdpbus - ok
17:22:52.0141 0x4908  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:22:52.0157 0x4908  RDPDR - ok
17:22:52.0204 0x4908  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:22:52.0204 0x4908  RdpVideoMiniport - ok
17:22:52.0266 0x4908  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:22:52.0282 0x4908  rdyboost - ok
17:22:52.0372 0x4908  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:22:52.0419 0x4908  ReFS - ok
17:22:52.0466 0x4908  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:22:52.0481 0x4908  RemoteAccess - ok
17:22:52.0560 0x4908  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:22:52.0560 0x4908  RemoteRegistry - ok
17:22:52.0591 0x4908  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:22:52.0607 0x4908  RpcEptMapper - ok
17:22:52.0638 0x4908  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:22:52.0653 0x4908  RpcLocator - ok
17:22:52.0747 0x4908  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:22:52.0778 0x4908  RpcSs - ok
17:22:52.0841 0x4908  [ 835EB4A0F78610760DB6A802B65C4323, 93BEB9348D9A2DB28D6BB166A2011FF8D2F487C125E0D2391771612ABEA36E0B ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
17:22:52.0872 0x4908  RSP2STOR - ok
17:22:52.0904 0x4908  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:22:52.0919 0x4908  rspndr - ok
17:22:53.0044 0x4908  [ DABD4AB3D049ECA6AFFD61B63A997728, 6F89D5AF4A02F7FC455922533D14486D4ED86E005523302A917E4F12B70B3794 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
17:22:53.0060 0x4908  RtkAudioService - ok
17:22:53.0133 0x4908  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:22:53.0195 0x4908  RTL8168 - ok
17:22:53.0375 0x4908  [ 50186212213BE0F38BC6D12FDC4ADA26, CCCD5282CDF0A6EB344454F3207CA32DCCA25BDBD08AF3456A91BA32CCFA7C7A ] RTWlanE         C:\WINDOWS\system32\DRIVERS\rtwlane.sys
17:22:53.0528 0x4908  RTWlanE - ok
17:22:53.0591 0x4908  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:22:53.0591 0x4908  s3cap - ok
17:22:53.0638 0x4908  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:22:53.0642 0x4908  SamSs - ok
17:22:53.0688 0x4908  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:22:53.0688 0x4908  SASDIFSV - ok
17:22:53.0688 0x4908  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:22:53.0703 0x4908  SASKUTIL - ok
17:22:53.0747 0x4908  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:22:53.0755 0x4908  sbp2port - ok
17:22:53.0795 0x4908  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:22:53.0811 0x4908  SCardSvr - ok
17:22:53.0851 0x4908  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:22:53.0851 0x4908  ScDeviceEnum - ok
17:22:53.0882 0x4908  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:22:53.0882 0x4908  scfilter - ok
17:22:53.0990 0x4908  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:22:54.0058 0x4908  Schedule - ok
17:22:54.0105 0x4908  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:22:54.0120 0x4908  SCPolicySvc - ok
17:22:54.0173 0x4908  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:22:54.0189 0x4908  sdbus - ok
17:22:54.0236 0x4908  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:22:54.0236 0x4908  sdstor - ok
17:22:54.0267 0x4908  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:22:54.0282 0x4908  secdrv - ok
17:22:54.0345 0x4908  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:22:54.0441 0x4908  seclogon - ok
17:22:54.0457 0x4908  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
17:22:54.0472 0x4908  SENS - ok
17:22:54.0504 0x4908  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:22:54.0519 0x4908  SensrSvc - ok
17:22:54.0550 0x4908  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:22:54.0566 0x4908  SerCx - ok
17:22:54.0597 0x4908  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:22:54.0613 0x4908  SerCx2 - ok
17:22:54.0643 0x4908  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:22:54.0674 0x4908  Serenum - ok
17:22:54.0722 0x4908  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:22:54.0731 0x4908  Serial - ok
17:22:54.0747 0x4908  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:22:54.0747 0x4908  sermouse - ok
17:22:54.0825 0x4908  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:22:54.0841 0x4908  SessionEnv - ok
17:22:54.0872 0x4908  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:22:54.0872 0x4908  sfloppy - ok
17:22:54.0933 0x4908  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:22:54.0956 0x4908  SharedAccess - ok
17:22:55.0034 0x4908  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:22:55.0081 0x4908  ShellHWDetection - ok
17:22:55.0128 0x4908  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:22:55.0128 0x4908  SiSRaid2 - ok
17:22:55.0168 0x4908  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:22:55.0184 0x4908  SiSRaid4 - ok
17:22:55.0229 0x4908  [ D86258CF6A79E0C5889073F7BD8FEE5C, 9CA9D0DCF7E69EB527E253F8CEB62283DBC34FF0E94904A7CC4EB2E14E1F444F ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
17:22:55.0229 0x4908  SmbDrv - ok
17:22:55.0276 0x4908  [ ED5CCD3141F2AE728AD566C2ACD0AA80, 3E36638B994069CECCE89F4E9CF65AD4E3FE87A5DB2EC1CA5C4C58E6D974B002 ] SmbDrvI         C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
17:22:55.0276 0x4908  SmbDrvI - ok
17:22:55.0339 0x4908  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
17:22:55.0339 0x4908  smphost - ok
17:22:55.0385 0x4908  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:22:55.0385 0x4908  SNMPTRAP - ok
17:22:55.0459 0x4908  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:22:55.0491 0x4908  spaceport - ok
17:22:55.0506 0x4908  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:22:55.0506 0x4908  SpbCx - ok
17:22:55.0569 0x4908  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:22:55.0636 0x4908  Spooler - ok
17:22:55.0991 0x4908  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:22:56.0324 0x4908  sppsvc - ok
17:22:56.0446 0x4908  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:22:56.0466 0x4908  srv - ok
17:22:56.0538 0x4908  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:22:56.0584 0x4908  srv2 - ok
17:22:56.0646 0x4908  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:22:56.0662 0x4908  srvnet - ok
17:22:56.0724 0x4908  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:22:56.0724 0x4908  SSDPSRV - ok
17:22:56.0771 0x4908  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:22:56.0787 0x4908  SstpSvc - ok
17:22:56.0818 0x4908  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:22:56.0818 0x4908  stexstor - ok
17:22:56.0896 0x4908  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:22:56.0943 0x4908  stisvc - ok
17:22:56.0990 0x4908  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:22:57.0006 0x4908  storahci - ok
17:22:57.0021 0x4908  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:22:57.0021 0x4908  storflt - ok
17:22:57.0068 0x4908  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:22:57.0068 0x4908  stornvme - ok
17:22:57.0099 0x4908  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:22:57.0115 0x4908  StorSvc - ok
17:22:57.0131 0x4908  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:22:57.0131 0x4908  storvsc - ok
17:22:57.0162 0x4908  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:22:57.0162 0x4908  svsvc - ok
17:22:57.0177 0x4908  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:22:57.0193 0x4908  swenum - ok
17:22:57.0271 0x4908  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
17:22:57.0334 0x4908  swprv - ok
17:22:57.0412 0x4908  [ 01B7B02E05FD52C3FBC8D830F7D5AB3B, 9A61045901EDA81C6FBAD7A124CF0419EAE04AD699601808D255015546004E76 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:22:57.0443 0x4908  SynTP - ok
17:22:57.0537 0x4908  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:22:57.0604 0x4908  SysMain - ok
17:22:57.0685 0x4908  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:22:57.0701 0x4908  SystemEventsBroker - ok
17:22:57.0748 0x4908  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:22:57.0763 0x4908  TabletInputService - ok
17:22:57.0794 0x4908  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:22:57.0810 0x4908  TapiSrv - ok
17:22:57.0966 0x4908  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:22:58.0076 0x4908  Tcpip - ok
17:22:58.0232 0x4908  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:22:58.0341 0x4908  TCPIP6 - ok
17:22:58.0388 0x4908  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:22:58.0404 0x4908  tcpipreg - ok
17:22:58.0451 0x4908  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:22:58.0451 0x4908  tdx - ok
17:22:58.0482 0x4908  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:22:58.0482 0x4908  terminpt - ok
17:22:58.0560 0x4908  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:22:58.0638 0x4908  TermService - ok
17:22:58.0685 0x4908  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
17:22:58.0701 0x4908  Themes - ok
17:22:58.0732 0x4908  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:22:58.0732 0x4908  THREADORDER - ok
17:22:58.0779 0x4908  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:22:58.0794 0x4908  TimeBroker - ok
17:22:58.0841 0x4908  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:22:58.0841 0x4908  TPM - ok
17:22:58.0873 0x4908  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:22:58.0888 0x4908  TrkWks - ok
17:22:58.0985 0x4908  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:22:58.0985 0x4908  TrustedInstaller - ok
17:22:59.0016 0x4908  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:22:59.0016 0x4908  TsUsbFlt - ok
17:22:59.0047 0x4908  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:22:59.0047 0x4908  TsUsbGD - ok
17:22:59.0094 0x4908  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:22:59.0110 0x4908  tunnel - ok
17:22:59.0126 0x4908  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:22:59.0126 0x4908  uagp35 - ok
17:22:59.0157 0x4908  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:22:59.0157 0x4908  UASPStor - ok
17:22:59.0219 0x4908  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:22:59.0219 0x4908  UCX01000 - ok
17:22:59.0251 0x4908  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:22:59.0266 0x4908  udfs - ok
17:22:59.0313 0x4908  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:22:59.0329 0x4908  UEFI - ok
17:22:59.0376 0x4908  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:22:59.0376 0x4908  UI0Detect - ok
17:22:59.0438 0x4908  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:22:59.0438 0x4908  uliagpkx - ok
17:22:59.0454 0x4908  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:22:59.0469 0x4908  umbus - ok
17:22:59.0485 0x4908  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:22:59.0485 0x4908  UmPass - ok
17:22:59.0563 0x4908  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:22:59.0579 0x4908  UmRdpService - ok
17:22:59.0637 0x4908  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:22:59.0668 0x4908  upnphost - ok
17:22:59.0777 0x4908  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:22:59.0793 0x4908  usbccgp - ok
17:22:59.0824 0x4908  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:22:59.0840 0x4908  usbcir - ok
17:22:59.0871 0x4908  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:22:59.0887 0x4908  usbehci - ok
17:22:59.0949 0x4908  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:22:59.0981 0x4908  usbhub - ok
17:23:00.0043 0x4908  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:23:00.0074 0x4908  USBHUB3 - ok
17:23:00.0153 0x4908  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:23:00.0168 0x4908  usbohci - ok
17:23:00.0184 0x4908  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:23:00.0184 0x4908  usbprint - ok
17:23:00.0231 0x4908  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:23:00.0246 0x4908  USBSTOR - ok
17:23:00.0293 0x4908  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:23:00.0309 0x4908  usbuhci - ok
17:23:00.0356 0x4908  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:23:00.0356 0x4908  usbvideo - ok
17:23:00.0434 0x4908  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:23:00.0449 0x4908  USBXHCI - ok
17:23:00.0481 0x4908  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:23:00.0481 0x4908  VaultSvc - ok
17:23:00.0512 0x4908  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:23:00.0512 0x4908  vdrvroot - ok
17:23:00.0606 0x4908  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
17:23:00.0668 0x4908  vds - ok
17:23:00.0731 0x4908  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:23:00.0731 0x4908  VerifierExt - ok
17:23:00.0793 0x4908  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:23:00.0824 0x4908  vhdmp - ok
17:23:00.0871 0x4908  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:23:00.0871 0x4908  viaide - ok
17:23:00.0902 0x4908  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:23:00.0902 0x4908  vmbus - ok
17:23:00.0918 0x4908  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:23:00.0918 0x4908  VMBusHID - ok
17:23:00.0996 0x4908  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:23:01.0027 0x4908  vmicguestinterface - ok
17:23:01.0090 0x4908  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:23:01.0121 0x4908  vmicheartbeat - ok
17:23:01.0184 0x4908  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:23:01.0199 0x4908  vmickvpexchange - ok
17:23:01.0262 0x4908  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:23:01.0293 0x4908  vmicrdv - ok
17:23:01.0356 0x4908  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:23:01.0387 0x4908  vmicshutdown - ok
17:23:01.0418 0x4908  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:23:01.0449 0x4908  vmictimesync - ok
17:23:01.0496 0x4908  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:23:01.0512 0x4908  vmicvss - ok
17:23:01.0543 0x4908  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:23:01.0590 0x4908  volmgr - ok
17:23:01.0639 0x4908  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:23:01.0655 0x4908  volmgrx - ok
17:23:01.0702 0x4908  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:23:01.0717 0x4908  volsnap - ok
17:23:01.0764 0x4908  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:23:01.0764 0x4908  vpci - ok
17:23:01.0795 0x4908  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:23:01.0811 0x4908  vsmraid - ok
17:23:01.0905 0x4908  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
17:23:01.0983 0x4908  VSS - ok
17:23:02.0030 0x4908  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:23:02.0045 0x4908  VSTXRAID - ok
17:23:02.0092 0x4908  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:23:02.0092 0x4908  vwifibus - ok
17:23:02.0139 0x4908  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:23:02.0139 0x4908  vwififlt - ok
17:23:02.0170 0x4908  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:23:02.0186 0x4908  vwifimp - ok
17:23:02.0233 0x4908  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
17:23:02.0248 0x4908  W32Time - ok
17:23:02.0327 0x4908  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
17:23:02.0327 0x4908  w3logsvc - ok
17:23:02.0358 0x4908  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:23:02.0373 0x4908  WacomPen - ok
17:23:02.0420 0x4908  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:23:02.0452 0x4908  WAS - ok
17:23:02.0577 0x4908  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:23:02.0655 0x4908  wbengine - ok
17:23:02.0733 0x4908  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:23:02.0764 0x4908  WbioSrvc - ok
17:23:02.0811 0x4908  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:23:02.0842 0x4908  Wcmsvc - ok
17:23:02.0889 0x4908  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:23:02.0905 0x4908  wcncsvc - ok
17:23:02.0952 0x4908  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:23:02.0967 0x4908  WcsPlugInService - ok
17:23:02.0999 0x4908  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:23:02.0999 0x4908  WdBoot - ok
17:23:03.0077 0x4908  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:23:03.0123 0x4908  Wdf01000 - ok
17:23:03.0170 0x4908  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:23:03.0186 0x4908  WdFilter - ok
17:23:03.0233 0x4908  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:23:03.0233 0x4908  WdiServiceHost - ok
17:23:03.0248 0x4908  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:23:03.0264 0x4908  WdiSystemHost - ok
17:23:03.0311 0x4908  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:23:03.0311 0x4908  WdNisDrv - ok
17:23:03.0405 0x4908  WdNisSvc - ok
17:23:03.0452 0x4908  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:23:03.0467 0x4908  WebClient - ok
17:23:03.0514 0x4908  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:23:03.0530 0x4908  Wecsvc - ok
17:23:03.0571 0x4908  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:23:03.0579 0x4908  WEPHOSTSVC - ok
17:23:03.0644 0x4908  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:23:03.0659 0x4908  wercplsupport - ok
17:23:03.0722 0x4908  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:23:03.0737 0x4908  WerSvc - ok
17:23:03.0784 0x4908  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:23:03.0784 0x4908  WFPLWFS - ok
17:23:03.0847 0x4908  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:23:03.0847 0x4908  WiaRpc - ok
17:23:03.0894 0x4908  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:23:03.0894 0x4908  WIMMount - ok
17:23:03.0909 0x4908  WinDefend - ok
17:23:03.0972 0x4908  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:23:04.0003 0x4908  WinHttpAutoProxySvc - ok
17:23:04.0097 0x4908  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:23:04.0097 0x4908  Winmgmt - ok
17:23:04.0269 0x4908  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:23:04.0394 0x4908  WinRM - ok
17:23:04.0487 0x4908  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
17:23:04.0487 0x4908  WirelessButtonDriver - ok
17:23:04.0612 0x4908  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:23:04.0706 0x4908  WlanSvc - ok
17:23:04.0831 0x4908  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:23:04.0894 0x4908  wlidsvc - ok
17:23:04.0941 0x4908  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:23:04.0941 0x4908  WmiAcpi - ok
17:23:05.0034 0x4908  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:23:05.0034 0x4908  wmiApSrv - ok
17:23:05.0097 0x4908  WMPNetworkSvc - ok
17:23:05.0159 0x4908  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:23:05.0159 0x4908  Wof - ok
17:23:05.0347 0x4908  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:23:05.0456 0x4908  workfolderssvc - ok
17:23:05.0534 0x4908  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:23:05.0534 0x4908  wpcfltr - ok
17:23:05.0583 0x4908  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:23:05.0583 0x4908  WPCSvc - ok
17:23:05.0676 0x4908  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:23:05.0692 0x4908  WPDBusEnum - ok
17:23:05.0755 0x4908  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:23:05.0755 0x4908  WpdUpFltr - ok
17:23:05.0786 0x4908  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:23:05.0786 0x4908  ws2ifsl - ok
17:23:05.0864 0x4908  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:23:05.0864 0x4908  wscsvc - ok
17:23:05.0911 0x4908  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
17:23:05.0926 0x4908  WSDPrintDevice - ok
17:23:05.0926 0x4908  WSearch - ok
17:23:06.0207 0x4908  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
17:23:06.0397 0x4908  WSService - ok
17:23:06.0756 0x4908  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:23:06.0897 0x4908  wuauserv - ok
17:23:06.0975 0x4908  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:23:06.0975 0x4908  WudfPf - ok
17:23:07.0022 0x4908  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:23:07.0037 0x4908  WUDFRd - ok
17:23:07.0053 0x4908  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
17:23:07.0069 0x4908  WUDFSensorLP - ok
17:23:07.0100 0x4908  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:23:07.0100 0x4908  wudfsvc - ok
17:23:07.0147 0x4908  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:23:07.0147 0x4908  WUDFWpdFs - ok
17:23:07.0256 0x4908  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:23:07.0303 0x4908  WwanSvc - ok
17:23:07.0350 0x4908  ================ Scan global ===============================
17:23:07.0459 0x4908  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
17:23:07.0545 0x4908  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
17:23:07.0608 0x4908  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
17:23:07.0686 0x4908  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
17:23:07.0717 0x4908  [ Global ] - ok
17:23:07.0717 0x4908  ================ Scan MBR ==================================
17:23:07.0733 0x4908  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:23:07.0779 0x4908  \Device\Harddisk0\DR0 - ok
17:23:07.0779 0x4908  ================ Scan VBR ==================================
17:23:07.0811 0x4908  [ 9785DFA2D4C7619DF0F571FD000B3D74 ] \Device\Harddisk0\DR0\Partition1
17:23:07.0858 0x4908  \Device\Harddisk0\DR0\Partition1 - ok
17:23:07.0858 0x4908  [ 8F44273ABC681CB282BAAF539059E791 ] \Device\Harddisk0\DR0\Partition2
17:23:07.0889 0x4908  \Device\Harddisk0\DR0\Partition2 - ok
17:23:07.0920 0x4908  [ 0846AD12D19FA2216EF68BFE2646E7D8 ] \Device\Harddisk0\DR0\Partition3
17:23:07.0920 0x4908  \Device\Harddisk0\DR0\Partition3 - ok
17:23:07.0951 0x4908  [ 5748498AAF4FA0AE6E50B08AEEFF8273 ] \Device\Harddisk0\DR0\Partition4
17:23:08.0029 0x4908  \Device\Harddisk0\DR0\Partition4 - ok
17:23:08.0061 0x4908  [ 1B48B99265162AEAF98F45746A87FA34 ] \Device\Harddisk0\DR0\Partition5
17:23:08.0123 0x4908  \Device\Harddisk0\DR0\Partition5 - ok
17:23:08.0123 0x4908  ================ Scan generic autorun ======================
17:23:08.0576 0x4908  [ 559F228C84DD7B5E35D33154CED320B2, 7D6C77613550024825DE7B17249A8B5E822FA54DAC475A849374A89D84993F8F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:23:08.0920 0x4908  RTHDVCPL - ok
17:23:09.0154 0x4908  [ 88DA2E50CBCD4C062632EE34923C5913, A0EEFC404049798B2319C90F8FB3A9A42323204DB89182F7A968B8723F913B79 ] C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
17:23:09.0295 0x4908  SimplePass - ok
17:23:09.0311 0x4908  [ B5F08FCC816B933D8EC1FACCE62B2A12, 950A1764E90EE11BCC033C30BD823855AA92E62479AF6ECA762F491FF670A125 ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
17:23:09.0326 0x4908  OPBHOBroker - ok
17:23:09.0342 0x4908  [ 1C8F76268DE368A288C6AFB2F00F348F, CB25D1332C694CD460038FC2A5CD1D223AEECBBEDD1768B0F6727219EEF16ABA ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
17:23:09.0358 0x4908  OPBHOBrokerDesktop - ok
17:23:09.0358 0x4908  SynTPEnh - ok
17:23:09.0436 0x4908  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
17:23:09.0467 0x4908  BCSSync - ok
17:23:09.0498 0x4908  [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
17:23:09.0514 0x4908  Logitech Download Assistant - ok
17:23:09.0666 0x4908  [ CFC75E5C9245F740E84E5787E1958810, 728365B4A00E4AB56F3F1D2F27188DC3DD0C84B357A3240FFC4B0074F96CCD39 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:23:09.0713 0x4908  StartCCC - ok
17:23:09.0807 0x4908  [ 33040C4D7902CF7FB7C54311B17FB1F3, D803FFC394219B984DBF84C759AE6B56F4F04D4C6CBF593A4FEEAF9ADCE99138 ] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
17:23:09.0823 0x4908  YouCam Service - ok
17:23:09.0901 0x4908  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
17:23:09.0948 0x4908  mcpltui_exe - ok
17:23:10.0057 0x4908  [ E2043ABD9E13E1B7BF74B1D05E15AA47, B59953E4F2392858601551A4FA2024742B99E6AF48D71C3155548C97E25A1FA9 ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
17:23:10.0104 0x4908  HPMessageService - ok
17:23:10.0541 0x4908  [ 69CFED513B87D6FE10DBE421708501B3, DE7F8F22EB5C88DF11C51E5FD69A18EDAFDA6873AAFFBC5BD134DC67E2E75813 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
17:23:10.0917 0x4908  SUPERAntiSpyware - ok
17:23:11.0073 0x4908  [ B00E08BB95583541B2D2DC86792FE798, 11E338FEF1DE80FF0B655EC53798071ABDDDD1183315DF22E36BFD6E0C737B0F ] C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
17:23:11.0135 0x4908  Power2GoExpress8 - ok
17:23:11.0151 0x4908  WindowsWelcomeCenter - ok
17:23:11.0151 0x4908  Waiting for KSN requests completion. In queue: 120
17:23:12.0173 0x4908  Waiting for KSN requests completion. In queue: 120
17:23:13.0188 0x4908  Waiting for KSN requests completion. In queue: 120
17:23:14.0584 0x4908  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )
17:23:14.0584 0x4908  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
17:23:17.0207 0x4908  ============================================================
17:23:17.0207 0x4908  Scan finished
17:23:17.0207 0x4908  ============================================================
17:23:17.0239 0x293c  Detected object count: 0
17:23:17.0239 0x293c  Actual detected object count: 0
17:32:11.0097 0x3cf0  Deinitialize success

Thanks for your help!



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 08 January 2015 - 05:27 AM

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 tjlw

tjlw
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 10 January 2015 - 06:29 PM

Here is the Malewarebytes log - having trouble getting eset to finish as the computer keeps freezing and I have to hold the on off button down to shut I off and restart.  I also am having a lot of problems getting to this page - I have to keep reloading and reloading - not sure why it keeps freezing on this bleeping computer page particularly.

 

Will keep trying to get an eset log.

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 1/10/2015 12:06:15 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.6, 2015.1.10.7, 
Protection, 1/10/2015 12:06:16 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 12:06:16 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 12:06:16 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 12:11:33 AM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 12:11:33 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 12:11:34 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 1:08:45 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.7, 2015.1.10.8, 
Protection, 1/10/2015 1:08:45 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 1:08:45 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 1:08:46 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 1:10:29 AM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 1:10:29 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 1:10:30 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 2:12:28 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.8, 2015.1.10.9, 
Protection, 1/10/2015 2:14:00 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 2:14:00 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 2:17:28 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Update, 1/10/2015 2:38:01 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.9, 2015.1.10.10, 
Update, 1/10/2015 6:30:33 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.10, 2015.1.10.11, 
Update, 1/10/2015 7:10:37 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.11, 2015.1.10.12, 
Protection, 1/10/2015 8:03:11 AM, SYSTEM, T, Protection, Malware Protection, Starting, 
Protection, 1/10/2015 8:03:11 AM, SYSTEM, T, Protection, Malware Protection, Started, 
Protection, 1/10/2015 8:03:11 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 8:03:31 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 8:13:10 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.12, 2015.1.10.13, 
Protection, 1/10/2015 8:13:11 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 8:13:11 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 8:13:11 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 8:14:58 AM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 8:14:58 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 8:14:59 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 9:13:35 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.13, 2015.1.10.14, 
Protection, 1/10/2015 9:13:35 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 9:13:35 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 9:13:36 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 9:18:02 AM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 9:18:03 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 9:18:03 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 12:19:18 PM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.14, 2015.1.10.15, 
Protection, 1/10/2015 12:19:18 PM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 12:19:18 PM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 12:19:19 PM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 12:21:28 PM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 12:21:28 PM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 12:21:29 PM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 2:32:21 PM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.15, 2015.1.10.17, 
Protection, 1/10/2015 2:32:21 PM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 2:32:21 PM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 2:32:22 PM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 2:37:35 PM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 2:37:35 PM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 2:37:36 PM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Protection, 1/10/2015 4:15:25 PM, SYSTEM, T, Protection, Malware Protection, Starting, 
Protection, 1/10/2015 4:15:25 PM, SYSTEM, T, Protection, Malware Protection, Started, 
Protection, 1/10/2015 4:15:25 PM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 4:15:26 PM, SYSTEM, T, Protection, Malicious Website Protection, Started, 

(end)


#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 12 January 2015 - 04:42 AM

That was the protection log - please post the scan log of Malwarebytes.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 tjlw

tjlw
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 15 January 2015 - 11:13 AM

Apologies here is the app log

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 1/10/2015 12:06:15 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.6, 2015.1.10.7, 
Protection, 1/10/2015 12:06:16 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 12:06:16 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 12:06:16 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 12:11:33 AM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 12:11:33 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 12:11:34 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 1:08:45 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.7, 2015.1.10.8, 
Protection, 1/10/2015 1:08:45 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 1:08:45 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 1:08:46 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 1:10:29 AM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 1:10:29 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 1:10:30 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 2:12:28 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.8, 2015.1.10.9, 
Protection, 1/10/2015 2:14:00 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 2:14:00 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 2:17:28 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Update, 1/10/2015 2:38:01 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.9, 2015.1.10.10, 
Update, 1/10/2015 6:30:33 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.10, 2015.1.10.11, 
Update, 1/10/2015 7:10:37 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.11, 2015.1.10.12, 
Protection, 1/10/2015 8:03:11 AM, SYSTEM, T, Protection, Malware Protection, Starting, 
Protection, 1/10/2015 8:03:11 AM, SYSTEM, T, Protection, Malware Protection, Started, 
Protection, 1/10/2015 8:03:11 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 8:03:31 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 8:13:10 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.12, 2015.1.10.13, 
Protection, 1/10/2015 8:13:11 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 8:13:11 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 8:13:11 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 8:14:58 AM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 8:14:58 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 8:14:59 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 9:13:35 AM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.13, 2015.1.10.14, 
Protection, 1/10/2015 9:13:35 AM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 9:13:35 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 9:13:36 AM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 9:18:02 AM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 9:18:03 AM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 9:18:03 AM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 12:19:18 PM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.14, 2015.1.10.15, 
Protection, 1/10/2015 12:19:18 PM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 12:19:18 PM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 12:19:19 PM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 12:21:28 PM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 12:21:28 PM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 12:21:29 PM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Update, 1/10/2015 2:32:21 PM, SYSTEM, T, Scheduler, Malware Database, 2015.1.10.15, 2015.1.10.17, 
Protection, 1/10/2015 2:32:21 PM, SYSTEM, T, Protection, Refresh, Starting, 
Protection, 1/10/2015 2:32:21 PM, SYSTEM, T, Protection, Malicious Website Protection, Stopping, 
Protection, 1/10/2015 2:32:22 PM, SYSTEM, T, Protection, Malicious Website Protection, Stopped, 
Protection, 1/10/2015 2:37:35 PM, SYSTEM, T, Protection, Refresh, Success, 
Protection, 1/10/2015 2:37:35 PM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 2:37:36 PM, SYSTEM, T, Protection, Malicious Website Protection, Started, 
Protection, 1/10/2015 4:15:25 PM, SYSTEM, T, Protection, Malware Protection, Starting, 
Protection, 1/10/2015 4:15:25 PM, SYSTEM, T, Protection, Malware Protection, Started, 
Protection, 1/10/2015 4:15:25 PM, SYSTEM, T, Protection, Malicious Website Protection, Starting, 
Protection, 1/10/2015 4:15:26 PM, SYSTEM, T, Protection, Malicious Website Protection, Started, 

(end)


#8 tjlw

tjlw
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 15 January 2015 - 11:15 AM

Sorry I still did it wrong.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/9/2015
Scan Time: 6:07:45 PM
Logfile: 
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.10.01
Rootkit Database: v2015.01.07.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Walker

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 365584
Time Elapsed: 32 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 17 January 2015 - 06:06 AM

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 tjlw

tjlw
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 18 January 2015 - 12:50 AM

I'm sorry but I have tried to run eset 10x with no success - it keeps hanging up the whole machine after running for hours - It gets to around 45-48% then the entire computer freezes and I have to hold down the power button to make the entire computer restart.  Is there anything else we can try first?  I did run eset before even starting this thread with the standard configuration - I believe it finished but that was so long ago, I cannot remember...



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 19 January 2015 - 06:00 AM

Please run the F-Secure Online Scanner Follow the Instruction here for installation. Accept the License Agreement. Once the ActiveX installs,Click Full System Scan Once the download completes, the scan will begin automatically. The scan will take some time to finish, so please be patient. When the scan completes, click the Automatic cleaning (recommended) button. Click the Show Report button and Copy&Paste the entire report in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 tjlw

tjlw
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 29 January 2015 - 08:10 PM

Hi -the link you gave has moved so I hunted around on their site and found the online scan link at https://www.f-secure.com/en_US/web/home_us/online-scanner  I ran it and it said it found nothing but it didn't give an option for "show report".  Thanks!



#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 30 January 2015 - 04:03 AM

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK Mirror (if the link is down)

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread (Note: Do NOT post this one into a code box!





Are any problems left or may I post the final reply? :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 tjlw

tjlw
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 01 February 2015 - 03:04 PM

adwCleaner results:

 

 

 

 

# AdwCleaner v4.109 - Report created 01/02/2015 at 11:46:44
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Walker - T
# Running from : C:\Users\T\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\T\AppData\LocalLow\iac

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

*************************

AdwCleaner[R0].txt - [728 octets] - [01/02/2015 11:19:09]
AdwCleaner[S0].txt - [652 octets] - [01/02/2015 11:46:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [711 octets] ##########

 

 

 



#15 tjlw

tjlw
  • Topic Starter

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 01 February 2015 - 03:39 PM

JRT results

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Walker on Sun 02/01/2015 at 13:05:33.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/01/2015 at 13:11:50.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users