Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HIjackThis log:Please help Diagnose


  • This topic is locked This topic is locked
5 replies to this topic

#1 Cluelex

Cluelex

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 13 January 2015 - 05:06 PM

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:47:36, on 13/01/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem7.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 10129 bytes
 


BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 14 January 2015 - 03:53 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Cluelex

Cluelex
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 14 January 2015 - 05:21 PM

Hi Marius.

 

Thanks you for your help.

 

I would like to start with a bit more background. This is a laptop for a friend and is not my system. They asked me to look at it as there were issues when browsing the internet. I could see there was a lot of malware and ran 2 programs (downloaded from Bleeping computer which I have used before). These were Ad-aware and JRT. They seem to have removed most, if not all, of the malware and I was hoping someone could examine the Hijack logs.

 

I have downloaded and run the programs as requested with mixed success.Firstly FSRT seemed to run but then just kept running, even after the logs were produced. I let it run for over 2 hours but could only stop it using Task manager. The logs are below: If they are not complete please let me know.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-01-2015 01
Ran by Katie (administrator) on KATIES on 14-01-2015 19:31:13
Running from C:\Users\Katie\Desktop
Loaded Profiles: Katie (Available profiles: Katie & Administrator)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Startup: C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3167733842-4274554459-538376418-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6dnG4YA4YYZwVC74bslzO8WMavdFebtA5PnIBvE9ughleZty3mFGoTESHcCHnre67V_BQ99Ak3vQAH7Isoh4lUTG-QJEiJ6j8Y57QSPZ_sweOq1w7fotT4Mf42OeSzFg7i6g0rqGRim3fgu1aL-U2ZXjmSy6ykQBxycg9NuXqYmqg,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6dnG4YA4YYZwVC74bslzO8WMavdFebtA5PnIBvE9ughleZty3mFGoTESHcCHnre67V_BQ99Ak3vQAH3x7VH5a6I_XgCfOdzWz3V2OQIpWiaqmPK3y928TEJ3NHc_incyMlnLFBBOla1Tzo9zE0U9JVS_MDvmVm_92j-Jxc3ZQ8tGw,,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6dnG4YA4YYZwVC74bslzO8WMavdFebtA5PnIBvE9ughleZty3mFGoTESHcCHnre67V_BQ99Ak3vQAH3x7VH5a6I_XgCfOdzWz3V2OQIpWiaqmPK3y928TEJ3NHc_incyMlnLFBBOla1Tzo9zE0U9JVS_MDvmVm_92j-Jxc3ZQ8tGw,,&q={searchTerms}
HKU\S-1-5-21-3167733842-4274554459-538376418-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
SearchScopes: HKLM -> {00FFC827-6B2B-4007-91B2-D317BD4A2E22} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6dnG4YA4YYZwVC74bslzO8WMavdFebtA5PnIBvE9ughleZty3mFGoTESHcCHnre67V_BQ99Ak3vQAH3x7VH5a6I_XgCfOdzWz3V2OQIpWiaqmPK3y928TEJ3NHc_incyMlnLFBBOla1Tzo9zE0U9JVS_MDvmVm_92j-Jxc3ZQ8tGw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3167733842-4274554459-538376418-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 62.231.32.10 62.231.32.11

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn [2014-09-06]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn [2015-01-14]
FF HKU\S-1-5-21-3167733842-4274554459-538376418-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-09-07]

Chrome: 
=======
CHR Profile: C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-11]
CHR Extension: (Google Drive) - C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-11]
CHR Extension: (YouTube) - C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-11]
CHR Extension: (Google Search) - C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-11]
CHR Extension: (Norton Identity Safe) - C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-11]
CHR Extension: (Google Wallet) - C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-11]
CHR Extension: (Gmail) - C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-11]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-15]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2014-12-15]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-21] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-01-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2015-01-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-01-07] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20141024.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1406000.01B\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20141027.001\IDSvia64.sys [633560 2014-09-25] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20141027.001\ENG64.SYS [129752 2014-09-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20141027.001\EX64.SYS [2137304 2014-09-06] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1406000.01B\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1406000.01B\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1406000.01B\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1406000.01B\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1406000.01B\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-09-08] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1406000.01B\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1406000.01B\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-01-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 19:31 - 2015-01-14 19:31 - 00018334 _____ () C:\Users\Katie\Desktop\FRST.txt
2015-01-14 19:31 - 2015-01-14 19:31 - 00000000 ____D () C:\FRST
2015-01-14 19:26 - 2015-01-14 19:30 - 00000022 _____ () C:\Users\Katie\Downloads\tdsskiller.zip
2015-01-14 19:22 - 2015-01-14 19:22 - 00380416 _____ () C:\Users\Katie\Desktop\q3ix78wh.exe
2015-01-14 19:20 - 2015-01-14 19:20 - 02125312 _____ (Farbar) C:\Users\Katie\Desktop\FRST64.exe
2015-01-13 21:43 - 2014-12-03 23:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-01-13 21:43 - 2014-12-03 23:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-01-13 21:43 - 2014-12-02 23:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-01-13 21:43 - 2014-12-02 23:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-01-13 21:43 - 2014-12-02 23:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-01-13 21:43 - 2014-12-02 23:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-01-13 21:43 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-01-13 21:42 - 2015-01-13 21:42 - 00003007 _____ () C:\Users\Katie\Desktop\HiJackThis.lnk
2015-01-13 21:42 - 2015-01-13 21:42 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2015-01-13 21:42 - 2015-01-13 21:42 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2015-01-13 21:42 - 2014-07-10 04:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2015-01-13 21:41 - 2014-05-03 05:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2015-01-13 21:41 - 2014-05-03 04:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2015-01-13 21:41 - 2014-04-30 06:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-01-13 21:41 - 2014-04-30 04:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2015-01-13 21:41 - 2014-04-30 04:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2015-01-13 21:41 - 2014-04-30 03:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2015-01-13 21:41 - 2014-04-30 03:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2015-01-13 21:41 - 2014-04-30 03:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-13 21:41 - 2014-04-28 22:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-01-13 21:41 - 2014-04-26 16:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2015-01-13 21:41 - 2014-04-14 09:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-01-13 21:41 - 2014-04-14 08:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-01-13 21:40 - 2014-05-03 05:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-01-13 21:40 - 2014-05-03 05:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2015-01-13 21:40 - 2014-05-03 05:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2015-01-13 21:40 - 2014-05-03 04:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2015-01-13 21:40 - 2014-05-03 04:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2015-01-13 21:40 - 2014-05-02 23:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2015-01-13 21:40 - 2014-04-30 06:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-01-13 21:40 - 2014-04-30 06:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-13 21:40 - 2014-04-30 06:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-01-13 21:40 - 2014-04-30 05:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2015-01-13 21:40 - 2014-04-30 04:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2015-01-13 21:40 - 2014-04-30 04:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2015-01-13 21:40 - 2014-04-30 04:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2015-01-13 21:40 - 2014-04-30 04:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-13 21:40 - 2014-04-30 03:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-13 21:40 - 2014-04-30 03:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2015-01-13 21:40 - 2014-04-30 03:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2015-01-13 21:40 - 2014-04-14 05:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2015-01-13 21:29 - 2015-01-13 21:29 - 00000614 _____ () C:\Users\Katie\Desktop\JRT.txt
2015-01-13 21:25 - 2015-01-13 21:25 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-13 21:21 - 2015-01-13 21:24 - 01707939 _____ (Thisisu) C:\Users\Katie\Downloads\JRT.exe
2015-01-13 20:59 - 2015-01-13 20:59 - 00000000 _____ () C:\Recovery.txt
2015-01-13 20:51 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2015-01-13 20:51 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-13 20:51 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-01-13 20:51 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2015-01-13 20:51 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-13 20:51 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-01-13 20:51 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2015-01-13 20:51 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-01-13 20:51 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2015-01-13 20:51 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2015-01-13 20:51 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-01-13 20:51 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2015-01-13 20:51 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2015-01-13 20:51 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2015-01-13 20:51 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2015-01-13 20:51 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-13 20:51 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-01-13 20:51 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-13 20:51 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2015-01-13 20:51 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-01-13 20:51 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-13 20:51 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-01-13 20:51 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2015-01-13 20:51 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-01-13 20:51 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-01-13 20:51 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-01-13 20:51 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-01-13 20:51 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-13 20:51 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-01-13 20:51 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-01-13 20:48 - 2015-01-13 21:47 - 00000000 ____D () C:\AdwCleaner
2015-01-13 20:38 - 2015-01-13 20:47 - 02191360 _____ () C:\Users\Katie\Downloads\AdwCleaner.exe
2015-01-13 20:30 - 2015-01-13 20:36 - 01402880 _____ () C:\Users\Katie\Downloads\HiJackThis.msi
2015-01-11 19:40 - 2015-01-11 19:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2015-01-11 19:25 - 2014-08-23 07:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-01-11 19:25 - 2014-08-23 07:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-01-11 19:25 - 2014-08-23 06:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2015-01-11 19:25 - 2014-08-23 05:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2015-01-11 19:25 - 2014-08-23 04:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2015-01-11 19:22 - 2015-01-11 19:22 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-11 19:22 - 2015-01-11 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-11 19:08 - 2015-01-14 19:13 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-11 19:08 - 2015-01-14 19:13 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-11 19:08 - 2015-01-11 19:08 - 00003882 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-11 19:08 - 2015-01-11 19:08 - 00003646 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-11 19:06 - 2015-01-11 19:08 - 00000000 ____D () C:\Users\Katie\AppData\Local\Deployment
2015-01-11 18:12 - 2014-06-02 02:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-01-11 18:12 - 2014-05-31 06:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2015-01-11 18:12 - 2014-05-31 06:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2015-01-11 18:12 - 2014-05-31 04:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2015-01-11 18:12 - 2014-05-31 04:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2015-01-11 18:12 - 2014-05-31 04:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2015-01-11 18:12 - 2014-05-27 09:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2015-01-11 18:12 - 2014-05-27 09:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2015-01-11 17:48 - 2015-01-11 17:48 - 00000000 ____D () C:\ProgramData\3528706942
2015-01-11 17:01 - 2015-01-11 17:01 - 00001814 _____ () C:\ProgramData\tempimage.bmp
2015-01-11 17:00 - 2014-07-15 18:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2015-01-11 17:00 - 2014-07-15 08:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2015-01-11 17:00 - 2014-07-15 08:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2015-01-11 17:00 - 2014-07-15 08:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2015-01-10 15:03 - 2014-08-02 00:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-01-10 14:37 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-10 14:37 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-10 14:32 - 2015-01-14 19:15 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EF9F7BC0-5032-4BA6-8210-4EC47F3518E2}
2015-01-10 14:26 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-10 14:26 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-10 13:29 - 2015-01-10 13:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-01-09 22:42 - 2015-01-09 22:42 - 01065120 _____ (Download Manager) C:\Users\Katie\Downloads\Unconfirmed 232624.crdownload
2015-01-09 22:06 - 2015-01-09 22:06 - 00000000 __SHD () C:\Users\Katie\AppData\Local\EmieUserList
2015-01-09 22:06 - 2015-01-09 22:06 - 00000000 __SHD () C:\Users\Katie\AppData\Local\EmieSiteList
2015-01-09 22:06 - 2015-01-09 22:06 - 00000000 __SHD () C:\Users\Katie\AppData\Local\EmieBrowserModeList
2015-01-08 09:56 - 2015-01-08 09:56 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-08 09:56 - 2015-01-08 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-08 09:55 - 2015-01-08 09:56 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-08 09:55 - 2015-01-08 09:56 - 00000000 ____D () C:\Program Files\iTunes
2015-01-08 09:55 - 2015-01-08 09:56 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-08 09:55 - 2015-01-08 09:55 - 00000000 ____D () C:\Program Files\iPod
2015-01-07 17:21 - 2015-01-14 19:13 - 00000000 ____D () C:\Users\Katie\OneDrive
2015-01-07 17:20 - 2015-01-07 17:20 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2015-01-07 17:15 - 2015-01-07 17:15 - 00000020 ___SH () C:\Users\Katie\ntuser.ini
2015-01-07 14:08 - 2015-01-07 14:08 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-01-07 13:51 - 2015-01-07 13:51 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-07 13:51 - 2015-01-07 13:51 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2015-01-07 13:51 - 2015-01-07 13:51 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2015-01-07 13:40 - 2015-01-07 13:40 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-01-07 13:37 - 2015-01-11 17:53 - 00000000 ____D () C:\Users\Katie
2015-01-07 13:37 - 2015-01-07 14:02 - 00000000 ____D () C:\Users\Administrator
2015-01-07 13:37 - 2015-01-07 13:39 - 00000000 ___RD () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-07 13:37 - 2015-01-07 13:39 - 00000000 ___RD () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-07 13:37 - 2015-01-07 13:38 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-07 13:37 - 2015-01-07 13:38 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-07 13:37 - 2014-09-24 16:30 - 00000369 _____ () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-07 13:37 - 2014-09-24 16:30 - 00000369 _____ () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-07 13:37 - 2014-09-24 16:30 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-07 13:37 - 2014-09-24 16:30 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-07 13:37 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-07 13:37 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-07 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-07 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-07 13:36 - 2015-01-07 14:09 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2015-01-07 13:36 - 2015-01-07 14:09 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2015-01-07 13:27 - 2015-01-07 13:27 - 00922144 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-01-07 13:25 - 2015-01-07 13:39 - 00012096 _____ () C:\WINDOWS\iis.log
2015-01-07 13:21 - 2015-01-07 13:21 - 00060601 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201501071321443974.log
2015-01-07 13:21 - 2015-01-07 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-07 13:21 - 2015-01-07 13:21 - 00000000 ____D () C:\ProgramData\AMD
2015-01-07 13:21 - 2015-01-07 13:21 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-07 13:20 - 2015-01-07 13:21 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-07 13:19 - 2015-01-14 19:30 - 01053640 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-07 13:19 - 2015-01-07 13:19 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2015-01-07 13:19 - 2015-01-07 13:19 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-01-07 13:19 - 2015-01-07 13:19 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-07 13:19 - 2015-01-07 13:19 - 00000000 ____D () C:\Program Files\Synaptics
2015-01-07 13:18 - 2015-01-07 13:18 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2015-01-07 13:18 - 2015-01-07 13:18 - 00000000 ____D () C:\Program Files\AMD
2015-01-07 13:18 - 2015-01-07 13:18 - 00000000 ____D () C:\AMD
2015-01-07 13:18 - 2015-01-07 13:18 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-01-07 13:14 - 2015-01-08 10:14 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-07 13:14 - 2015-01-07 13:14 - 00000000 __SHD () C:\Recovery
2015-01-07 13:12 - 2015-01-13 22:08 - 00000000 ____D () C:\Windows.old
2015-01-07 13:05 - 2015-01-07 13:05 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-01-07 13:05 - 2015-01-07 13:05 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-07 13:04 - 2015-01-07 13:04 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-07 13:04 - 2015-01-07 13:04 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-07 13:04 - 2015-01-07 13:04 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-01-07 13:04 - 2015-01-07 13:04 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-01-07 13:04 - 2015-01-07 13:04 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-07 13:04 - 2015-01-07 13:04 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-07 13:02 - 2015-01-07 13:02 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-07 13:02 - 2015-01-07 13:02 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-07 13:02 - 2015-01-07 13:02 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2015-01-07 13:02 - 2015-01-07 13:02 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-01-07 13:01 - 2015-01-07 13:01 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-07 13:01 - 2015-01-07 13:01 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-07 13:00 - 2015-01-07 13:00 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-07 13:00 - 2015-01-07 13:00 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-01-07 13:00 - 2015-01-07 13:00 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-07 13:00 - 2015-01-07 13:00 - 00054592 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdusb.dll
2015-01-07 13:00 - 2015-01-07 13:00 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-07 12:59 - 2015-01-07 12:59 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-07 12:59 - 2015-01-07 12:59 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-01-07 12:59 - 2015-01-07 12:59 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-07 12:59 - 2015-01-07 12:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-01-07 12:59 - 2015-01-07 12:59 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-01-07 12:58 - 2015-01-07 12:58 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-01-07 12:58 - 2015-01-07 12:58 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-01-07 12:58 - 2015-01-07 12:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-01-07 12:57 - 2015-01-07 12:57 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-01-07 12:57 - 2015-01-07 12:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-01-07 12:57 - 2015-01-07 12:57 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2015-01-07 12:57 - 2015-01-07 12:57 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2015-01-07 12:57 - 2015-01-07 12:57 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2015-01-07 12:53 - 2015-01-07 12:53 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-07 12:53 - 2015-01-07 12:53 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-07 12:53 - 2015-01-07 12:53 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-07 12:53 - 2015-01-07 12:53 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-07 12:53 - 2015-01-07 12:53 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-07 12:53 - 2015-01-07 12:53 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2015-01-07 12:53 - 2015-01-07 12:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-01-07 12:53 - 2015-01-07 12:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2015-01-07 12:51 - 2015-01-07 12:51 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-07 12:51 - 2015-01-07 12:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-07 12:51 - 2015-01-07 12:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-07 12:51 - 2015-01-07 12:51 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-07 12:51 - 2015-01-07 12:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-07 12:51 - 2015-01-07 12:51 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-07 12:51 - 2015-01-07 12:51 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-07 12:50 - 2015-01-07 12:50 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-01-07 12:49 - 2015-01-07 12:49 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-01-07 12:45 - 2015-01-07 12:45 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-07 12:45 - 2015-01-07 12:45 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-07 12:45 - 2015-01-07 12:45 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-07 12:45 - 2015-01-07 12:45 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-07 12:45 - 2015-01-07 12:45 - 00000000 ____D () C:\inetpub
2015-01-07 12:44 - 2013-08-03 04:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-01-07 12:44 - 2013-08-03 04:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-07 12:44 - 2013-08-03 04:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-01-07 12:44 - 2013-08-03 04:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-07 10:44 - 2015-01-07 10:44 - 00628496 _____ (CMI Limited) C:\Users\Katie\AppData\Local\nsfF07C.tmp
2015-01-07 10:26 - 2015-01-07 10:26 - 00003086 _____ () C:\WINDOWS\System32\Tasks\upfs7235
2015-01-06 17:56 - 2015-01-08 08:10 - 00000000 ___HD () C:\Users\Public\Temp
2015-01-06 17:46 - 2015-01-06 17:46 - 00000000 ____D () C:\Users\Katie\AppData\Local\com
2015-01-06 17:39 - 2015-01-06 17:39 - 00000000 ____D () C:\Program Files (x86)\7962a5ae-170e-4502-8bdf-c0414c605c3f
2015-01-06 17:38 - 2015-01-06 17:38 - 02036704 _____ (Cinema ProV06.01) C:\Users\Katie\AppData\Roaming\VKIXKZ.exe
2015-01-06 17:37 - 2015-01-06 17:37 - 02036704 _____ (Enter) C:\Users\Katie\AppData\Roaming\DUITSQ.exe
2015-01-06 17:35 - 2015-01-06 17:35 - 00003402 _____ () C:\WINDOWS\System32\Tasks\DonutQuotes
2015-01-06 17:34 - 2015-01-07 10:23 - 00000000 ____D () C:\ProgramData\donutleads
2015-01-05 18:43 - 2015-01-07 14:09 - 00008094 _____ () C:\WINDOWS\comsetup.log
2015-01-02 14:48 - 2015-01-02 14:48 - 00000000 ____D () C:\Users\Katie\Documents\OneNote Notebooks
2014-12-30 18:32 - 2015-01-13 22:35 - 00000000 ____D () C:\WINDOWS\system32\appraiser

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 19:30 - 2014-12-12 00:46 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Katie\Desktop\TDSSKiller.exe
2015-01-14 19:30 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-14 19:29 - 2014-09-06 08:38 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3167733842-4274554459-538376418-1002
2015-01-14 19:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-14 19:13 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-14 19:10 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-13 22:35 - 2014-09-24 18:55 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-01-13 22:34 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-01-13 22:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-13 21:43 - 2014-09-06 05:16 - 00000000 ____D () C:\Users\Katie\AppData\Local\VirtualStore
2015-01-13 21:13 - 2014-09-24 08:08 - 00025918 _____ () C:\WINDOWS\PFRO.log
2015-01-13 21:12 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-13 20:53 - 2014-09-07 14:44 - 00001112 _____ () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-13 20:53 - 2014-09-07 14:44 - 00001082 _____ () C:\Users\Katie\Desktop\Search.lnk
2015-01-13 20:53 - 2014-09-06 05:19 - 00000999 _____ () C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-13 20:21 - 2014-09-24 16:21 - 00956540 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-13 20:18 - 2013-08-22 14:46 - 00333807 _____ () C:\WINDOWS\setupact.log
2015-01-11 19:21 - 2014-09-15 20:38 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-11 18:37 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-11 18:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-01-11 18:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-01-11 18:02 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-01-11 17:46 - 2014-09-07 14:56 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-11 17:45 - 2014-09-07 15:02 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Opera Software
2015-01-11 17:45 - 2014-09-07 15:02 - 00000000 ____D () C:\Users\Katie\AppData\Local\Opera Software
2015-01-11 17:04 - 2014-09-07 11:30 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-01-08 09:57 - 2014-12-09 16:01 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-01-08 09:57 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-01-08 09:55 - 2014-09-07 11:32 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-08 09:55 - 2014-09-07 11:29 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-07 20:05 - 2014-11-06 16:04 - 00000000 ____D () C:\Users\Katie\Documents\Yr 3 Stran
2015-01-07 17:21 - 2014-03-05 17:08 - 00000000 ___RD () C:\Users\Katie\OneDrive.old
2015-01-07 17:21 - 2012-12-02 15:34 - 00000000 ____D () C:\Users\Katie\AppData\Local\Packages
2015-01-07 17:14 - 2012-08-30 05:47 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-01-07 14:11 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-07 14:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-07 14:04 - 2013-08-22 15:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-01-07 14:04 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-07 13:55 - 2013-08-22 14:44 - 00386472 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-07 13:53 - 2014-11-04 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-07 13:53 - 2014-09-15 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-07 13:53 - 2014-09-07 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-07 13:53 - 2014-09-06 05:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2015-01-07 13:53 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-01-07 13:53 - 2012-08-30 05:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-01-07 13:53 - 2012-08-30 05:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-01-07 13:53 - 2012-08-30 05:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint
2015-01-07 13:53 - 2012-08-30 05:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-01-07 13:53 - 2012-08-16 20:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-07 13:53 - 2012-08-16 20:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-01-07 13:53 - 2012-08-16 20:14 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-01-07 13:53 - 2012-08-16 20:14 - 00000000 ____D () C:\WINDOWS\en
2015-01-07 13:51 - 2014-09-24 15:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-01-07 13:51 - 2014-09-24 15:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-01-07 13:51 - 2014-09-24 15:35 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-01-07 13:51 - 2013-08-22 15:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2015-01-07 13:51 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-01-07 13:51 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-01-07 13:51 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-01-07 13:51 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-01-07 13:51 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-01-07 13:51 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-01-07 13:51 - 2012-08-30 04:55 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-01-07 13:51 - 2012-08-16 20:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2015-01-07 13:51 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated
2015-01-07 13:50 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-01-07 13:50 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-01-07 13:50 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-01-07 13:50 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-07 13:49 - 2013-08-22 15:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-01-07 13:49 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Help
2015-01-07 13:49 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-01-07 13:48 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-01-07 13:48 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-01-07 13:48 - 2012-08-16 20:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-01-07 13:48 - 2012-08-03 22:29 - 00000000 ____D () C:\ProgramData\PRICache
2015-01-07 13:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-07 13:47 - 2012-08-30 04:52 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-07 13:39 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-01-07 13:38 - 2012-08-03 22:28 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2015-01-07 13:16 - 2013-08-22 13:36 - 00000000 __RHD () C:\Users\Default
2015-01-07 13:12 - 2013-08-22 15:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-01-07 13:04 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-01-07 13:02 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-07 12:59 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-07 12:59 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-07 12:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-07 12:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-07 12:53 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-01-07 12:53 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-01-07 12:53 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2015-01-07 12:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2015-01-07 12:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-01-07 12:45 - 2013-08-22 11:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-01-07 12:45 - 2013-08-22 11:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-01-07 12:45 - 2013-08-22 11:19 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-01-07 12:45 - 2013-08-22 11:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-01-07 12:45 - 2013-08-22 11:18 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-01-07 12:45 - 2013-08-22 10:03 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-01-07 12:45 - 2013-08-22 03:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-01-07 12:45 - 2013-08-22 03:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-01-07 12:45 - 2013-08-22 03:53 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-01-07 12:45 - 2013-08-22 03:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-01-07 12:45 - 2013-08-22 03:51 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-01-07 12:45 - 2013-08-22 02:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-01-07 12:30 - 2014-09-06 02:48 - 01971363 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-01-05 17:55 - 2012-07-26 08:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-01-02 12:32 - 2013-11-04 14:36 - 00000000 ____D () C:\Users\Katie\Documents\Yr 2 Stran
2014-12-30 19:37 - 2012-08-30 05:47 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-12-30 19:37 - 2012-08-30 05:45 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-12-30 18:32 - 2014-09-09 16:23 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-30 18:27 - 2014-09-09 16:23 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-30 17:16 - 2014-11-04 14:10 - 00000000 ____D () C:\Program Files\Microsoft Office 15

Some content of TEMP:
====================
C:\Users\Katie\AppData\Local\Temp\7auhuinc.dll
C:\Users\Katie\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Katie\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Katie\AppData\Local\Temp\Quarantine.exe
C:\Users\Katie\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Katie\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Katie\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

The addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2015 01
Ran by Katie at 2015-01-14 19:33:07
Running from C:\Users\Katie\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

I then tried to run GMER but although it tried then failed with the following error: which I have attached as a file:

 

Finally I ran TDSS and the log is here:

21:55:52.0770 0x0cf8  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
21:55:52.0770 0x0cf8  UEFI system
21:55:58.0161 0x0cf8  ============================================================
21:55:58.0161 0x0cf8  Current date / time: 2015/01/14 21:55:58.0161
21:55:58.0161 0x0cf8  SystemInfo:
21:55:58.0161 0x0cf8  
21:55:58.0161 0x0cf8  OS Version: 6.3.9600 ServicePack: 0.0
21:55:58.0161 0x0cf8  Product type: Workstation
21:55:58.0161 0x0cf8  ComputerName: KATIES
21:55:58.0161 0x0cf8  UserName: Katie
21:55:58.0161 0x0cf8  Windows directory: C:\WINDOWS
21:55:58.0176 0x0cf8  System windows directory: C:\WINDOWS
21:55:58.0176 0x0cf8  Running under WOW64
21:55:58.0176 0x0cf8  Processor architecture: Intel x64
21:55:58.0176 0x0cf8  Number of processors: 2
21:55:58.0176 0x0cf8  Page size: 0x1000
21:55:58.0176 0x0cf8  Boot type: Normal boot
21:55:58.0176 0x0cf8  ============================================================
21:55:59.0333 0x0cf8  KLMD registered as C:\WINDOWS\system32\drivers\15836598.sys
21:56:00.0318 0x0cf8  System UUID: {B3000A86-F4AE-6BAF-DA27-FC2884087DBA}
21:56:00.0990 0x0cf8  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:56:01.0005 0x0cf8  ============================================================
21:56:01.0005 0x0cf8  \Device\Harddisk0\DR0:
21:56:01.0021 0x0cf8  GPT partitions:
21:56:01.0021 0x0cf8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {152FFB68-8262-4D63-80AF-68E417D0CA2B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
21:56:01.0021 0x0cf8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0732138B-8AC8-4917-944C-D6F9C0B21EFA}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
21:56:01.0021 0x0cf8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {19C27E33-4414-491C-AFFA-3F99FAE2C4C2}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
21:56:01.0021 0x0cf8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A0F6C43D-06CF-4D77-A8BB-8EF1F7187AA6}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x54B42800
21:56:01.0021 0x0cf8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A2EE0225-9135-4C94-858C-3357D7ED1EDB}, Name: , StartLBA 0x54CCD000, BlocksNum 0xE1000
21:56:01.0021 0x0cf8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {96E9A048-37DA-4CBB-86D6-BB28266D0BBB}, Name: Basic data partition, StartLBA 0x54DAE000, BlocksNum 0x2798000
21:56:01.0021 0x0cf8  MBR partitions:
21:56:01.0021 0x0cf8  ============================================================
21:56:01.0052 0x0cf8  C: <-> \Device\Harddisk0\DR0\Partition4
21:56:01.0177 0x0cf8  D: <-> \Device\Harddisk0\DR0\Partition6
21:56:01.0177 0x0cf8  ============================================================
21:56:01.0177 0x0cf8  Initialize success
21:56:01.0177 0x0cf8  ============================================================
21:56:09.0899 0x038c  ============================================================
21:56:09.0899 0x038c  Scan started
21:56:09.0899 0x038c  Mode: Manual; 
21:56:09.0899 0x038c  ============================================================
21:56:09.0899 0x038c  KSN ping started
21:56:12.0369 0x038c  KSN ping finished: true
21:56:16.0060 0x038c  ================ Scan system memory ========================
21:56:16.0060 0x038c  System memory - ok
21:56:16.0060 0x038c  ================ Scan services =============================
21:56:16.0420 0x038c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
21:56:16.0451 0x038c  1394ohci - ok
21:56:16.0498 0x038c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
21:56:16.0529 0x038c  3ware - ok
21:56:16.0608 0x038c  [ C4C5D1AB35D1F931928056D61A1C4616, E4EBEFDA6E89A61C16F2CADC908F2242907695232236B2A771A409D48EAF39DC ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
21:56:16.0608 0x038c  Accelerometer - ok
21:56:16.0670 0x038c  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
21:56:16.0701 0x038c  ACPI - ok
21:56:16.0717 0x038c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
21:56:16.0732 0x038c  acpiex - ok
21:56:16.0748 0x038c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
21:56:16.0748 0x038c  acpipagr - ok
21:56:16.0795 0x038c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
21:56:16.0795 0x038c  AcpiPmi - ok
21:56:16.0842 0x038c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
21:56:16.0842 0x038c  acpitime - ok
21:56:16.0904 0x038c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:56:16.0936 0x038c  ADP80XX - ok
21:56:16.0998 0x038c  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
21:56:17.0014 0x038c  AeLookupSvc - ok
21:56:17.0076 0x038c  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
21:56:17.0092 0x038c  AFD - ok
21:56:17.0139 0x038c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
21:56:17.0154 0x038c  agp440 - ok
21:56:17.0170 0x038c  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:56:17.0186 0x038c  ahcache - ok
21:56:17.0248 0x038c  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
21:56:17.0248 0x038c  ALG - ok
21:56:17.0326 0x038c  [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:56:17.0342 0x038c  AMD External Events Utility - ok
21:56:17.0467 0x038c  AMD FUEL Service - ok
21:56:17.0529 0x038c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
21:56:17.0529 0x038c  AmdK8 - ok
21:56:18.0436 0x038c  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
21:56:19.0093 0x038c  amdkmdag - ok
21:56:19.0186 0x038c  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
21:56:19.0218 0x038c  amdkmdap - ok
21:56:19.0249 0x038c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
21:56:19.0265 0x038c  AmdPPM - ok
21:56:19.0280 0x038c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
21:56:19.0280 0x038c  amdsata - ok
21:56:19.0343 0x038c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
21:56:19.0358 0x038c  amdsbs - ok
21:56:19.0374 0x038c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
21:56:19.0374 0x038c  amdxata - ok
21:56:19.0421 0x038c  [ A2EFE3869B976296E097DEF368280F95, 121CD4A16146A9DF59D6E415181F48CA0D1DCD4D2B6BC4CBDABC2F3D296E28C6 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
21:56:19.0421 0x038c  amd_sata - ok
21:56:19.0483 0x038c  [ 625396421C29FB305C6C6235D01130B8, 3FAF8D3B530F1B74B2C9B0ED3377836746CE2D0A4008E1BC454095671AC9E1AF ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
21:56:19.0483 0x038c  amd_xata - ok
21:56:19.0577 0x038c  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
21:56:19.0577 0x038c  AppHostSvc - ok
21:56:19.0624 0x038c  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
21:56:19.0624 0x038c  AppID - ok
21:56:19.0671 0x038c  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
21:56:19.0671 0x038c  AppIDSvc - ok
21:56:19.0718 0x038c  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
21:56:19.0718 0x038c  Appinfo - ok
21:56:19.0827 0x038c  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:56:19.0827 0x038c  Apple Mobile Device - ok
21:56:19.0905 0x038c  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
21:56:19.0952 0x038c  AppReadiness - ok
21:56:20.0030 0x038c  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
21:56:20.0093 0x038c  AppXSvc - ok
21:56:20.0249 0x038c  [ 44695679881DEB85CAD7C249B151066E, A44413ACA911DDB5757DE9F9ECC3968979C47617CF9DF81B24E7ECDE7E0D54BC ] APXACC          C:\WINDOWS\system32\DRIVERS\appexDrv.sys
21:56:20.0314 0x038c  APXACC - ok
21:56:20.0361 0x038c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
21:56:20.0377 0x038c  arcsas - ok
21:56:20.0564 0x038c  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:56:20.0596 0x038c  aspnet_state - ok
21:56:20.0642 0x038c  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:56:20.0658 0x038c  AsyncMac - ok
21:56:20.0658 0x038c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
21:56:20.0674 0x038c  atapi - ok
21:56:20.0955 0x038c  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
21:56:21.0142 0x038c  athr - ok
21:56:21.0236 0x038c  [ 506907D2E7F3A5B67DBD39C00A788B7C, 618C91FB9F49C69F88A993F164D7E9E4B7CAD0F34DCF77CF0C6F259A28448171 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
21:56:21.0236 0x038c  AtiHDAudioService - ok
21:56:21.0283 0x038c  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:56:21.0299 0x038c  AudioEndpointBuilder - ok
21:56:21.0361 0x038c  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
21:56:21.0408 0x038c  Audiosrv - ok
21:56:21.0471 0x038c  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
21:56:21.0486 0x038c  AxInstSV - ok
21:56:21.0564 0x038c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
21:56:21.0580 0x038c  b06bdrv - ok
21:56:21.0611 0x038c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:56:21.0627 0x038c  BasicDisplay - ok
21:56:21.0642 0x038c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
21:56:21.0642 0x038c  BasicRender - ok
21:56:21.0674 0x038c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
21:56:21.0674 0x038c  bcmfn2 - ok
21:56:21.0736 0x038c  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
21:56:21.0752 0x038c  BDESVC - ok
21:56:21.0799 0x038c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:56:21.0814 0x038c  Beep - ok
21:56:21.0892 0x038c  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
21:56:21.0924 0x038c  BFE - ok
21:56:22.0189 0x038c  [ D90F5136CB6512B2B9A855C94F79B0B5, 7E2FFDF2B1147E25EA2530DB55667352116EE676D0B6F76ED4C6FEAFC88AB5D4 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20141024.001\BHDrvx64.sys
21:56:22.0252 0x038c  BHDrvx64 - ok
21:56:22.0362 0x038c  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
21:56:22.0408 0x038c  BITS - ok
21:56:22.0533 0x038c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:56:22.0549 0x038c  Bonjour Service - ok
21:56:22.0580 0x038c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
21:56:22.0612 0x038c  bowser - ok
21:56:22.0643 0x038c  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:56:22.0658 0x038c  BrokerInfrastructure - ok
21:56:22.0705 0x038c  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
21:56:22.0705 0x038c  Browser - ok
21:56:22.0752 0x038c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:56:22.0752 0x038c  BthAvrcpTg - ok
21:56:22.0768 0x038c  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
21:56:22.0768 0x038c  BthHFEnum - ok
21:56:22.0783 0x038c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
21:56:22.0783 0x038c  bthhfhid - ok
21:56:22.0830 0x038c  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
21:56:22.0830 0x038c  BTHMODEM - ok
21:56:22.0846 0x038c  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
21:56:22.0862 0x038c  bthserv - ok
21:56:22.0987 0x038c  [ 56685951208AC81CF923B9B08BEDF3B7, F5FF438B9A54AD8D54E82DE60E1771C9685A95D5E590D69EB1E4E78D3B9B7769 ] ccSet_NIS       C:\WINDOWS\system32\drivers\NISx64\1406000.01B\ccSetx64.sys
21:56:23.0002 0x038c  ccSet_NIS - ok
21:56:23.0034 0x038c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:56:23.0034 0x038c  cdfs - ok
21:56:23.0065 0x038c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
21:56:23.0065 0x038c  cdrom - ok
21:56:23.0112 0x038c  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
21:56:23.0112 0x038c  CertPropSvc - ok
21:56:23.0174 0x038c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
21:56:23.0174 0x038c  circlass - ok
21:56:23.0237 0x038c  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
21:56:23.0268 0x038c  CLFS - ok
21:56:23.0580 0x038c  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:56:23.0705 0x038c  ClickToRunSvc - ok
21:56:23.0799 0x038c  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
21:56:23.0815 0x038c  CLVirtualDrive - ok
21:56:23.0846 0x038c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
21:56:23.0846 0x038c  CmBatt - ok
21:56:23.0908 0x038c  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
21:56:23.0940 0x038c  CNG - ok
21:56:23.0955 0x038c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
21:56:23.0971 0x038c  CompositeBus - ok
21:56:23.0971 0x038c  COMSysApp - ok
21:56:24.0002 0x038c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
21:56:24.0002 0x038c  condrv - ok
21:56:24.0034 0x038c  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
21:56:24.0049 0x038c  CryptSvc - ok
21:56:24.0080 0x038c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
21:56:24.0080 0x038c  dam - ok
21:56:24.0158 0x038c  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:56:24.0190 0x038c  DcomLaunch - ok
21:56:24.0252 0x038c  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
21:56:24.0268 0x038c  defragsvc - ok
21:56:24.0331 0x038c  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:56:24.0362 0x038c  DeviceAssociationService - ok
21:56:24.0393 0x038c  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
21:56:24.0409 0x038c  DeviceInstall - ok
21:56:24.0471 0x038c  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
21:56:24.0487 0x038c  Dfsc - ok
21:56:24.0581 0x038c  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
21:56:24.0596 0x038c  Dhcp - ok
21:56:24.0612 0x038c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
21:56:24.0628 0x038c  disk - ok
21:56:24.0643 0x038c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
21:56:24.0643 0x038c  dmvsc - ok
21:56:24.0690 0x038c  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:56:24.0706 0x038c  Dnscache - ok
21:56:24.0768 0x038c  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:56:24.0784 0x038c  dot3svc - ok
21:56:24.0815 0x038c  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
21:56:24.0815 0x038c  DPS - ok
21:56:24.0862 0x038c  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:56:24.0862 0x038c  drmkaud - ok
21:56:24.0893 0x038c  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
21:56:24.0909 0x038c  DsmSvc - ok
21:56:25.0034 0x038c  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:56:25.0096 0x038c  DXGKrnl - ok
21:56:25.0159 0x038c  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
21:56:25.0174 0x038c  Eaphost - ok
21:56:25.0440 0x038c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
21:56:25.0659 0x038c  ebdrv - ok
21:56:25.0768 0x038c  [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:56:25.0800 0x038c  eeCtrl - ok
21:56:25.0846 0x038c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
21:56:25.0846 0x038c  EFS - ok
21:56:25.0940 0x038c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
21:56:25.0971 0x038c  EhStorClass - ok
21:56:26.0018 0x038c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:56:26.0018 0x038c  EhStorTcgDrv - ok
21:56:26.0081 0x038c  [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:56:26.0081 0x038c  EraserUtilRebootDrv - ok
21:56:26.0096 0x038c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
21:56:26.0096 0x038c  ErrDev - ok
21:56:26.0190 0x038c  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
21:56:26.0221 0x038c  EventSystem - ok
21:56:26.0284 0x038c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
21:56:26.0316 0x038c  exfat - ok
21:56:26.0347 0x038c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
21:56:26.0363 0x038c  fastfat - ok
21:56:26.0456 0x038c  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
21:56:26.0488 0x038c  Fax - ok
21:56:26.0550 0x038c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
21:56:26.0581 0x038c  fdc - ok
21:56:26.0628 0x038c  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
21:56:26.0628 0x038c  fdPHost - ok
21:56:26.0659 0x038c  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
21:56:26.0659 0x038c  FDResPub - ok
21:56:26.0675 0x038c  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
21:56:26.0691 0x038c  fhsvc - ok
21:56:26.0706 0x038c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
21:56:26.0722 0x038c  FileInfo - ok
21:56:26.0738 0x038c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
21:56:26.0738 0x038c  Filetrace - ok
21:56:26.0769 0x038c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
21:56:26.0769 0x038c  flpydisk - ok
21:56:26.0800 0x038c  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:56:26.0816 0x038c  FltMgr - ok
21:56:26.0925 0x038c  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
21:56:26.0988 0x038c  FontCache - ok
21:56:27.0175 0x038c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:56:27.0175 0x038c  FontCache3.0.0.0 - ok
21:56:27.0238 0x038c  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
21:56:27.0253 0x038c  FsDepends - ok
21:56:27.0269 0x038c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:56:27.0269 0x038c  Fs_Rec - ok
21:56:27.0316 0x038c  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:56:27.0409 0x038c  fvevol - ok
21:56:27.0441 0x038c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
21:56:27.0441 0x038c  FxPPM - ok
21:56:27.0503 0x038c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
21:56:27.0534 0x038c  gagp30kx - ok
21:56:27.0675 0x038c  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
21:56:27.0691 0x038c  GamesAppService - ok
21:56:27.0722 0x038c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:56:27.0722 0x038c  GEARAspiWDM - ok
21:56:27.0769 0x038c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
21:56:27.0769 0x038c  gencounter - ok
21:56:27.0816 0x038c  [ 5B1EDAFD02AEA9345C24F0B6537CC8A0, D36D4F20756D19CF0A4C6CD0FDB678F7D79D1AC66D62F55845DFE7E7CB433A2B ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:56:27.0831 0x038c  GPIOClx0101 - ok
21:56:27.0972 0x038c  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
21:56:28.0034 0x038c  gpsvc - ok
21:56:28.0128 0x038c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:28.0128 0x038c  gupdate - ok
21:56:28.0160 0x038c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:28.0160 0x038c  gupdatem - ok
21:56:28.0206 0x038c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
21:56:28.0206 0x038c  HDAudBus - ok
21:56:28.0253 0x038c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
21:56:28.0253 0x038c  HidBatt - ok
21:56:28.0317 0x038c  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
21:56:28.0317 0x038c  HidBth - ok
21:56:28.0364 0x038c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
21:56:28.0380 0x038c  hidi2c - ok
21:56:28.0395 0x038c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
21:56:28.0395 0x038c  HidIr - ok
21:56:28.0442 0x038c  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
21:56:28.0442 0x038c  hidserv - ok
21:56:28.0489 0x038c  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
21:56:28.0489 0x038c  HidUsb - ok
21:56:28.0536 0x038c  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
21:56:28.0536 0x038c  hkmsvc - ok
21:56:28.0583 0x038c  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:56:28.0598 0x038c  HomeGroupListener - ok
21:56:28.0661 0x038c  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:56:28.0676 0x038c  HomeGroupProvider - ok
21:56:28.0864 0x038c  [ 6515296E8F9D81BB6C4588C4878A9AC1, 4102FCA9CC6CDAA52E68F030034C6C15DF036D5E9B6E0A8007B72655A3D1E3DD ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:56:28.0864 0x038c  HP Support Assistant Service - ok
21:56:28.0911 0x038c  [ EF4BE0BB23BB14879050884E688F5178, C914FEB0627D17097968A9B66325305757E7A859A8F11FE69CA0F7F69E38CA2A ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
21:56:28.0911 0x038c  hpdskflt - ok
21:56:29.0051 0x038c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:56:29.0145 0x038c  hpqwmiex - ok
21:56:29.0177 0x038c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
21:56:29.0192 0x038c  HpSAMD - ok
21:56:29.0301 0x038c  [ 13B51E53073E4555E226871C7FCEF0E8, 04713F4C8D629E81388D5438CF94781A71007A81E223D90D893FF898E4BDA6B7 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
21:56:29.0301 0x038c  hpsrv - ok
21:56:29.0427 0x038c  [ F50912B0A861ED396F6062E79C37A4A7, 9B53EA5A03BB664EF5343B766C760BB8A96697ED4F2A0C81A4F58C443B4BC329 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:56:29.0442 0x038c  HPWMISVC - ok
21:56:29.0520 0x038c  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
21:56:29.0567 0x038c  HTTP - ok
21:56:29.0598 0x038c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
21:56:29.0598 0x038c  hwpolicy - ok
21:56:29.0661 0x038c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
21:56:29.0677 0x038c  hyperkbd - ok
21:56:29.0708 0x038c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
21:56:29.0708 0x038c  HyperVideo - ok
21:56:29.0755 0x038c  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
21:56:29.0755 0x038c  i8042prt - ok
21:56:29.0770 0x038c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:56:29.0786 0x038c  iaLPSSi_GPIO - ok
21:56:29.0801 0x038c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:56:29.0817 0x038c  iaLPSSi_I2C - ok
21:56:29.0880 0x038c  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\WINDOWS\System32\drivers\iaStorA.sys
21:56:29.0927 0x038c  iaStorA - ok
21:56:29.0989 0x038c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
21:56:30.0020 0x038c  iaStorAV - ok
21:56:30.0067 0x038c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
21:56:30.0098 0x038c  iaStorV - ok
21:56:30.0301 0x038c  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
21:56:30.0411 0x038c  IconMan_R - ok
21:56:30.0598 0x038c  [ 77AC93E28B5F4DCE317EFA695E3F59E3, 57D510CEE1B777CFB52CECBAB43B0698A53B048B7E0C622473DEA9E03E2D9BEF ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20141027.001\IDSvia64.sys
21:56:30.0630 0x038c  IDSVia64 - ok
21:56:30.0645 0x038c  IEEtwCollectorService - ok
21:56:30.0739 0x038c  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
21:56:30.0802 0x038c  IKEEXT - ok
21:56:30.0833 0x038c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
21:56:30.0848 0x038c  intelide - ok
21:56:30.0911 0x038c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
21:56:30.0911 0x038c  intelpep - ok
21:56:30.0958 0x038c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
21:56:30.0958 0x038c  intelppm - ok
21:56:30.0989 0x038c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:56:31.0005 0x038c  IpFilterDriver - ok
21:56:31.0083 0x038c  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
21:56:31.0130 0x038c  iphlpsvc - ok
21:56:31.0161 0x038c  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:56:31.0177 0x038c  IPMIDRV - ok
21:56:31.0192 0x038c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
21:56:31.0208 0x038c  IPNAT - ok
21:56:31.0255 0x038c  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:56:31.0286 0x038c  iPod Service - ok
21:56:31.0329 0x038c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
21:56:31.0329 0x038c  IRENUM - ok
21:56:31.0360 0x038c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
21:56:31.0360 0x038c  isapnp - ok
21:56:31.0407 0x038c  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
21:56:31.0422 0x038c  iScsiPrt - ok
21:56:31.0454 0x038c  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
21:56:31.0454 0x038c  kbdclass - ok
21:56:31.0501 0x038c  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
21:56:31.0501 0x038c  kbdhid - ok
21:56:31.0532 0x038c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
21:56:31.0532 0x038c  kdnic - ok
21:56:31.0547 0x038c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
21:56:31.0547 0x038c  KeyIso - ok
21:56:31.0579 0x038c  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
21:56:31.0579 0x038c  KSecDD - ok
21:56:31.0641 0x038c  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:56:31.0657 0x038c  KSecPkg - ok
21:56:31.0688 0x038c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
21:56:31.0688 0x038c  ksthunk - ok
21:56:31.0751 0x038c  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
21:56:31.0766 0x038c  KtmRm - ok
21:56:31.0813 0x038c  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
21:56:31.0844 0x038c  LanmanServer - ok
21:56:31.0891 0x038c  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:56:31.0922 0x038c  LanmanWorkstation - ok
21:56:32.0000 0x038c  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
21:56:32.0016 0x038c  lfsvc - ok
21:56:32.0063 0x038c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
21:56:32.0063 0x038c  lltdio - ok
21:56:32.0126 0x038c  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
21:56:32.0157 0x038c  lltdsvc - ok
21:56:32.0204 0x038c  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
21:56:32.0204 0x038c  lmhosts - ok
21:56:32.0266 0x038c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
21:56:32.0282 0x038c  LSI_SAS - ok
21:56:32.0313 0x038c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
21:56:32.0329 0x038c  LSI_SAS2 - ok
21:56:32.0344 0x038c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
21:56:32.0344 0x038c  LSI_SAS3 - ok
21:56:32.0376 0x038c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
21:56:32.0376 0x038c  LSI_SSS - ok
21:56:32.0454 0x038c  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
21:56:32.0485 0x038c  LSM - ok
21:56:32.0516 0x038c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
21:56:32.0516 0x038c  luafv - ok
21:56:32.0594 0x038c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
21:56:32.0594 0x038c  megasas - ok
21:56:32.0657 0x038c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
21:56:32.0704 0x038c  megasr - ok
21:56:32.0735 0x038c  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
21:56:32.0735 0x038c  MMCSS - ok
21:56:32.0798 0x038c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
21:56:32.0813 0x038c  Modem - ok
21:56:32.0844 0x038c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
21:56:32.0844 0x038c  monitor - ok
21:56:32.0907 0x038c  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
21:56:32.0907 0x038c  mouclass - ok
21:56:32.0938 0x038c  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
21:56:32.0938 0x038c  mouhid - ok
21:56:32.0954 0x038c  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
21:56:32.0969 0x038c  mountmgr - ok
21:56:32.0969 0x038c  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
21:56:32.0985 0x038c  mpsdrv - ok
21:56:33.0063 0x038c  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
21:56:33.0110 0x038c  MpsSvc - ok
21:56:33.0157 0x038c  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
21:56:33.0157 0x038c  MRxDAV - ok
21:56:33.0219 0x038c  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:56:33.0251 0x038c  mrxsmb - ok
21:56:33.0297 0x038c  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:56:33.0330 0x038c  mrxsmb10 - ok
21:56:33.0346 0x038c  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:56:33.0361 0x038c  mrxsmb20 - ok
21:56:33.0393 0x038c  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
21:56:33.0408 0x038c  MsBridge - ok
21:56:33.0455 0x038c  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
21:56:33.0471 0x038c  MSDTC - ok
21:56:33.0502 0x038c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:56:33.0502 0x038c  Msfs - ok
21:56:33.0549 0x038c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:56:33.0549 0x038c  msgpiowin32 - ok
21:56:33.0564 0x038c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:56:33.0580 0x038c  mshidkmdf - ok
21:56:33.0596 0x038c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
21:56:33.0596 0x038c  mshidumdf - ok
21:56:33.0611 0x038c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
21:56:33.0611 0x038c  msisadrv - ok
21:56:33.0674 0x038c  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
21:56:33.0674 0x038c  MSiSCSI - ok
21:56:33.0689 0x038c  msiserver - ok
21:56:33.0705 0x038c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:56:33.0705 0x038c  MSKSSRV - ok
21:56:33.0721 0x038c  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
21:56:33.0736 0x038c  MsLldp - ok
21:56:33.0752 0x038c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:56:33.0752 0x038c  MSPCLOCK - ok
21:56:33.0783 0x038c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:56:33.0799 0x038c  MSPQM - ok
21:56:33.0830 0x038c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
21:56:33.0846 0x038c  MsRPC - ok
21:56:33.0877 0x038c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
21:56:33.0877 0x038c  mssmbios - ok
21:56:33.0908 0x038c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
21:56:33.0908 0x038c  MSTEE - ok
21:56:33.0939 0x038c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
21:56:33.0939 0x038c  MTConfig - ok
21:56:33.0955 0x038c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
21:56:33.0955 0x038c  Mup - ok
21:56:33.0971 0x038c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
21:56:33.0986 0x038c  mvumis - ok
21:56:34.0049 0x038c  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
21:56:34.0096 0x038c  napagent - ok
21:56:34.0158 0x038c  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:56:34.0174 0x038c  NativeWifiP - ok
21:56:34.0346 0x038c  [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20141027.001\ENG64.SYS
21:56:34.0346 0x038c  NAVENG - ok
21:56:34.0564 0x038c  [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20141027.001\EX64.SYS
21:56:34.0674 0x038c  NAVEX15 - ok
21:56:34.0752 0x038c  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
21:56:34.0752 0x038c  NcaSvc - ok
21:56:34.0799 0x038c  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
21:56:34.0814 0x038c  NcbService - ok
21:56:34.0861 0x038c  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
21:56:34.0861 0x038c  NcdAutoSetup - ok
21:56:34.0986 0x038c  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
21:56:35.0033 0x038c  NDIS - ok
21:56:35.0080 0x038c  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
21:56:35.0080 0x038c  NdisCap - ok
21:56:35.0096 0x038c  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
21:56:35.0111 0x038c  NdisImPlatform - ok
21:56:35.0127 0x038c  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:56:35.0127 0x038c  NdisTapi - ok
21:56:35.0158 0x038c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:56:35.0158 0x038c  Ndisuio - ok
21:56:35.0189 0x038c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:56:35.0189 0x038c  NdisVirtualBus - ok
21:56:35.0236 0x038c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:56:35.0252 0x038c  NdisWan - ok
21:56:35.0283 0x038c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:56:35.0299 0x038c  NdisWanLegacy - ok
21:56:35.0324 0x038c  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:56:35.0340 0x038c  NDProxy - ok
21:56:35.0355 0x038c  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
21:56:35.0371 0x038c  Ndu - ok
21:56:35.0387 0x038c  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:56:35.0387 0x038c  NetBIOS - ok
21:56:35.0433 0x038c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:56:35.0449 0x038c  NetBT - ok
21:56:35.0480 0x038c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:56:35.0480 0x038c  Netlogon - ok
21:56:35.0558 0x038c  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
21:56:35.0590 0x038c  Netman - ok
21:56:35.0652 0x038c  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
21:56:35.0683 0x038c  netprofm - ok
21:56:35.0730 0x038c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:35.0808 0x038c  NetTcpPortSharing - ok
21:56:35.0855 0x038c  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
21:56:35.0871 0x038c  netvsc - ok
21:56:36.0090 0x038c  [ 1BF9D6476061B31CD7FC2BF848529A56, 95B585543240E823D7850ADEEEA7A4738EF9E18A4B07D921F145F6EF466F0271 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe
21:56:36.0090 0x038c  NIS - ok
21:56:36.0152 0x038c  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
21:56:36.0168 0x038c  NlaSvc - ok
21:56:36.0199 0x038c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:56:36.0199 0x038c  Npfs - ok
21:56:36.0215 0x038c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
21:56:36.0215 0x038c  npsvctrig - ok
21:56:36.0246 0x038c  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
21:56:36.0246 0x038c  nsi - ok
21:56:36.0309 0x038c  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
21:56:36.0309 0x038c  nsiproxy - ok
21:56:36.0433 0x038c  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:56:36.0512 0x038c  Ntfs - ok
21:56:36.0558 0x038c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:56:36.0574 0x038c  Null - ok
21:56:36.0637 0x038c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
21:56:36.0637 0x038c  nvraid - ok
21:56:36.0683 0x038c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
21:56:36.0683 0x038c  nvstor - ok
21:56:36.0715 0x038c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
21:56:36.0730 0x038c  nv_agp - ok
21:56:36.0777 0x038c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:56:36.0793 0x038c  ose - ok
21:56:36.0840 0x038c  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
21:56:36.0871 0x038c  p2pimsvc - ok
21:56:36.0918 0x038c  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
21:56:36.0949 0x038c  p2psvc - ok
21:56:36.0980 0x038c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
21:56:36.0996 0x038c  Parport - ok
21:56:37.0012 0x038c  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
21:56:37.0027 0x038c  partmgr - ok
21:56:37.0074 0x038c  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
21:56:37.0121 0x038c  PcaSvc - ok
21:56:37.0152 0x038c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
21:56:37.0168 0x038c  pci - ok
21:56:37.0199 0x038c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
21:56:37.0199 0x038c  pciide - ok
21:56:37.0230 0x038c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
21:56:37.0246 0x038c  pcmcia - ok
21:56:37.0246 0x038c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
21:56:37.0262 0x038c  pcw - ok
21:56:37.0293 0x038c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
21:56:37.0308 0x038c  pdc - ok
21:56:37.0374 0x038c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
21:56:37.0405 0x038c  PEAUTH - ok
21:56:37.0577 0x038c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
21:56:37.0624 0x038c  PerfHost - ok
21:56:37.0827 0x038c  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
21:56:37.0889 0x038c  pla - ok
21:56:37.0936 0x038c  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
21:56:37.0936 0x038c  PlugPlay - ok
21:56:37.0983 0x038c  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
21:56:37.0999 0x038c  PNRPAutoReg - ok
21:56:38.0030 0x038c  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
21:56:38.0046 0x038c  PNRPsvc - ok
21:56:38.0139 0x038c  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
21:56:38.0155 0x038c  PolicyAgent - ok
21:56:38.0186 0x038c  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
21:56:38.0202 0x038c  Power - ok
21:56:38.0249 0x038c  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:56:38.0249 0x038c  PptpMiniport - ok
21:56:39.0135 0x038c  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:56:39.0588 0x038c  PrintNotify - ok
21:56:39.0667 0x038c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
21:56:39.0667 0x038c  Processor - ok
21:56:39.0729 0x038c  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
21:56:39.0729 0x038c  ProfSvc - ok
21:56:39.0760 0x038c  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
21:56:39.0776 0x038c  Psched - ok
21:56:39.0838 0x038c  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
21:56:39.0854 0x038c  QWAVE - ok
21:56:39.0901 0x038c  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
21:56:39.0901 0x038c  QWAVEdrv - ok
21:56:39.0948 0x038c  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:56:39.0948 0x038c  RasAcd - ok
21:56:40.0010 0x038c  [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
21:56:40.0026 0x038c  RasAgileVpn - ok
21:56:40.0073 0x038c  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:56:40.0088 0x038c  RasAuto - ok
21:56:40.0120 0x038c  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:56:40.0120 0x038c  Rasl2tp - ok
21:56:40.0167 0x038c  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:56:40.0198 0x038c  RasMan - ok
21:56:40.0213 0x038c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:56:40.0213 0x038c  RasPppoe - ok
21:56:40.0229 0x038c  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
21:56:40.0245 0x038c  RasSstp - ok
21:56:40.0260 0x038c  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:56:40.0292 0x038c  rdbss - ok
21:56:40.0338 0x038c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
21:56:40.0338 0x038c  rdpbus - ok
21:56:40.0387 0x038c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
21:56:40.0405 0x038c  RDPDR - ok
21:56:40.0437 0x038c  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:56:40.0452 0x038c  RdpVideoMiniport - ok
21:56:40.0468 0x038c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
21:56:40.0484 0x038c  rdyboost - ok
21:56:40.0562 0x038c  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
21:56:40.0609 0x038c  ReFS - ok
21:56:40.0687 0x038c  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:56:40.0702 0x038c  RemoteAccess - ok
21:56:40.0749 0x038c  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:56:40.0765 0x038c  RemoteRegistry - ok
21:56:40.0812 0x038c  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
21:56:40.0812 0x038c  RpcEptMapper - ok
21:56:40.0859 0x038c  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:56:40.0859 0x038c  RpcLocator - ok
21:56:40.0921 0x038c  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:56:40.0952 0x038c  RpcSs - ok
21:56:41.0015 0x038c  [ D38250F459BF60D6F4B69B79DCD948CC, E68C864C1A4C9352EA939062F28789ADE9F0672E8CB3F3909D2891786C76F06F ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
21:56:41.0031 0x038c  RSP2STOR - ok
21:56:41.0062 0x038c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
21:56:41.0077 0x038c  rspndr - ok
21:56:41.0155 0x038c  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
21:56:41.0187 0x038c  RTL8168 - ok
21:56:41.0218 0x038c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
21:56:41.0218 0x038c  s3cap - ok
21:56:41.0265 0x038c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:56:41.0281 0x038c  SamSs - ok
21:56:41.0359 0x038c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
21:56:41.0374 0x038c  sbp2port - ok
21:56:41.0421 0x038c  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
21:56:41.0437 0x038c  SCardSvr - ok
21:56:41.0452 0x038c  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
21:56:41.0468 0x038c  ScDeviceEnum - ok
21:56:41.0499 0x038c  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:56:41.0499 0x038c  scfilter - ok
21:56:41.0593 0x038c  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:56:41.0656 0x038c  Schedule - ok
21:56:41.0718 0x038c  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
21:56:41.0718 0x038c  SCPolicySvc - ok
21:56:41.0812 0x038c  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
21:56:41.0827 0x038c  sdbus - ok
21:56:41.0874 0x038c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
21:56:41.0890 0x038c  sdstor - ok
21:56:41.0921 0x038c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
21:56:41.0937 0x038c  secdrv - ok
21:56:41.0984 0x038c  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
21:56:41.0984 0x038c  seclogon - ok
21:56:42.0015 0x038c  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
21:56:42.0015 0x038c  SENS - ok
21:56:42.0046 0x038c  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
21:56:42.0062 0x038c  SensrSvc - ok
21:56:42.0093 0x038c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
21:56:42.0093 0x038c  SerCx - ok
21:56:42.0140 0x038c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
21:56:42.0140 0x038c  SerCx2 - ok
21:56:42.0171 0x038c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
21:56:42.0171 0x038c  Serenum - ok
21:56:42.0202 0x038c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
21:56:42.0218 0x038c  Serial - ok
21:56:42.0249 0x038c  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
21:56:42.0249 0x038c  sermouse - ok
21:56:42.0312 0x038c  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
21:56:42.0327 0x038c  SessionEnv - ok
21:56:42.0390 0x038c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
21:56:42.0392 0x038c  sfloppy - ok
21:56:42.0470 0x038c  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:56:42.0517 0x038c  SharedAccess - ok
21:56:42.0595 0x038c  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:56:42.0626 0x038c  ShellHWDetection - ok
21:56:42.0673 0x038c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:56:42.0673 0x038c  SiSRaid2 - ok
21:56:42.0720 0x038c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
21:56:42.0720 0x038c  SiSRaid4 - ok
21:56:42.0767 0x038c  [ AF5CC3F9B88F140D78FC967ABF0F4EC7, 7CE3AB7B0A36635CF00E35E84C14B8661FAF794ABCFA61AE45A0E5E8EA996A3B ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
21:56:42.0767 0x038c  SmbDrv - ok
21:56:42.0782 0x038c  [ 19555D03CB179BED8B8AAA239A36BDA4, 7B975821D52ABE077496B3CFC010B33D478CD2C36E6A74D8F72D2BF582B8C84A ] SmbDrvI         C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
21:56:42.0782 0x038c  SmbDrvI - ok
21:56:42.0829 0x038c  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
21:56:42.0861 0x038c  smphost - ok
21:56:42.0923 0x038c  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
21:56:42.0923 0x038c  SNMPTRAP - ok
21:56:42.0986 0x038c  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
21:56:43.0017 0x038c  spaceport - ok
21:56:43.0032 0x038c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
21:56:43.0048 0x038c  SpbCx - ok
21:56:43.0111 0x038c  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
21:56:43.0173 0x038c  Spooler - ok
21:56:43.0626 0x038c  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
21:56:44.0017 0x038c  sppsvc - ok
21:56:44.0204 0x038c  [ 2FD9346F9D76CB4192D37329CFA47A82, 4CD75B4006147D469116F3CBC10528928A592510DA8037D709CB198D89853CAB ] SRTSP           C:\WINDOWS\System32\Drivers\NISx64\1406000.01B\SRTSP64.SYS
21:56:44.0236 0x038c  SRTSP - ok
21:56:44.0267 0x038c  [ 0E76CEF892C45734F7AED09FDDF35D4D, C25AF31E411AC3A090859C883132B9AE6A80C8D791168FF219BC0895E35A0359 ] SRTSPX          C:\WINDOWS\system32\drivers\NISx64\1406000.01B\SRTSPX64.SYS
21:56:44.0267 0x038c  SRTSPX - ok
21:56:44.0314 0x038c  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:56:44.0330 0x038c  srv - ok
21:56:44.0392 0x038c  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
21:56:44.0415 0x038c  srv2 - ok
21:56:44.0446 0x038c  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:56:44.0446 0x038c  srvnet - ok
21:56:44.0493 0x038c  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:56:44.0508 0x038c  SSDPSRV - ok
21:56:44.0555 0x038c  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
21:56:44.0571 0x038c  SstpSvc - ok
21:56:44.0696 0x038c  [ F452B51D895D894BF5487057E11D44CF, 4B4F54646B1069EA27D4A4F17CB85A66FF7B36A6087F3D07F12221B29DFBF8F2 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
21:56:44.0712 0x038c  STacSV - ok
21:56:44.0743 0x038c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
21:56:44.0743 0x038c  stexstor - ok
21:56:44.0821 0x038c  [ B05AEC4014FFDC1793B5CCB6D9BD28D1, ED9CC2B5954BDB12868357703B451D8A086FC9DDA0A8F0EA486E3834B0854EE6 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
21:56:44.0837 0x038c  STHDA - ok
21:56:44.0915 0x038c  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
21:56:44.0946 0x038c  stisvc - ok
21:56:44.0993 0x038c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
21:56:45.0008 0x038c  storahci - ok
21:56:45.0024 0x038c  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
21:56:45.0024 0x038c  storflt - ok
21:56:45.0055 0x038c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
21:56:45.0055 0x038c  stornvme - ok
21:56:45.0102 0x038c  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
21:56:45.0102 0x038c  StorSvc - ok
21:56:45.0149 0x038c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
21:56:45.0149 0x038c  storvsc - ok
21:56:45.0196 0x038c  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
21:56:45.0196 0x038c  svsvc - ok
21:56:45.0227 0x038c  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
21:56:45.0227 0x038c  swenum - ok
21:56:45.0274 0x038c  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
21:56:45.0305 0x038c  swprv - ok
21:56:45.0352 0x038c  [ 52DC0048D667757A8A2E4C87182890AC, 7B43DF6DADFDDBBC5402477FE832052ADB6A39B90111CDA89B5E01CE900F55C5 ] SymDS           C:\WINDOWS\system32\drivers\NISx64\1406000.01B\SYMDS64.SYS
21:56:45.0383 0x038c  SymDS - ok
21:56:45.0477 0x038c  [ 599872BAD7CFB45C7CE47CDED4B726D8, 5B15B1B22C3ACA1BC56CAFCAFFC2E974C75C77C0AB7355FBA91F2147C0911499 ] SymEFA          C:\WINDOWS\system32\drivers\NISx64\1406000.01B\SYMEFA64.SYS
21:56:45.0524 0x038c  SymEFA - ok
21:56:45.0571 0x038c  [ 42947647F71E9EF2167B42B372F1DDB7, AE825B7DFFAE8BCF5598C512EFAF5645C5A6C4DC90F8B3073A255223DF3AAA4A ] SymELAM         C:\WINDOWS\system32\drivers\NISx64\1406000.01B\SymELAM.sys
21:56:45.0571 0x038c  SymELAM - ok
21:56:45.0633 0x038c  [ F19E5E37ED8134B9E5F6287F2D3A75D7, 5804D6DF529213CCF7CD2C345483940554CAA5C6EA065A1B09AA54D114C612F8 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:56:45.0665 0x038c  SymEvent - ok
21:56:45.0696 0x038c  [ ADF37F1A715D6C56C8E065FD8569A9A4, 33E895CB326F62D4D22E345563B0641EB88D23B2104A07E8CEBE5ED150882767 ] SymIRON         C:\WINDOWS\system32\drivers\NISx64\1406000.01B\Ironx64.SYS
21:56:45.0712 0x038c  SymIRON - ok
21:56:45.0758 0x038c  [ 9CDCA70485BD6B9D230365F67C31F132, 137995F1F0124E3A10AAA25551F811602BB5FE8361AE8CBA899C6B98486F4CF3 ] SymNetS         C:\WINDOWS\System32\Drivers\NISx64\1406000.01B\SYMNETS.SYS
21:56:45.0774 0x038c  SymNetS - ok
21:56:45.0821 0x038c  [ 3F45C3FE208CA5E68832B65C597A35A6, EACE9AAFC01C2BA52F4DA129AEF7BFA3CF7F10146E4F4330CD344BFC39DC959C ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:56:45.0852 0x038c  SynTP - ok
21:56:45.0962 0x038c  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
21:56:46.0024 0x038c  SysMain - ok
21:56:46.0071 0x038c  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:56:46.0102 0x038c  SystemEventsBroker - ok
21:56:46.0149 0x038c  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:56:46.0165 0x038c  TabletInputService - ok
21:56:46.0212 0x038c  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:56:46.0227 0x038c  TapiSrv - ok
21:56:46.0417 0x038c  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
21:56:46.0526 0x038c  Tcpip - ok
21:56:46.0651 0x038c  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:56:46.0745 0x038c  TCPIP6 - ok
21:56:46.0808 0x038c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
21:56:46.0823 0x038c  tcpipreg - ok
21:56:46.0886 0x038c  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
21:56:46.0886 0x038c  tdx - ok
21:56:46.0917 0x038c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
21:56:46.0917 0x038c  terminpt - ok
21:56:47.0026 0x038c  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:56:47.0073 0x038c  TermService - ok
21:56:47.0105 0x038c  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
21:56:47.0120 0x038c  Themes - ok
21:56:47.0214 0x038c  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
21:56:47.0230 0x038c  THREADORDER - ok
21:56:47.0323 0x038c  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
21:56:47.0354 0x038c  TimeBroker - ok
21:56:47.0386 0x038c  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
21:56:47.0433 0x038c  TPM - ok
21:56:47.0480 0x038c  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
21:56:47.0495 0x038c  TrkWks - ok
21:56:47.0542 0x038c  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:56:47.0542 0x038c  TrustedInstaller - ok
21:56:47.0620 0x038c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
21:56:47.0651 0x038c  TsUsbFlt - ok
21:56:47.0683 0x038c  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:56:47.0683 0x038c  TsUsbGD - ok
21:56:47.0714 0x038c  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
21:56:47.0730 0x038c  tunnel - ok
21:56:47.0761 0x038c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
21:56:47.0776 0x038c  uagp35 - ok
21:56:47.0792 0x038c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
21:56:47.0808 0x038c  UASPStor - ok
21:56:47.0839 0x038c  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
21:56:47.0839 0x038c  UCX01000 - ok
21:56:47.0886 0x038c  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
21:56:47.0901 0x038c  udfs - ok
21:56:47.0917 0x038c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
21:56:47.0917 0x038c  UEFI - ok
21:56:47.0964 0x038c  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
21:56:47.0979 0x038c  UI0Detect - ok
21:56:47.0995 0x038c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
21:56:48.0011 0x038c  uliagpkx - ok
21:56:48.0042 0x038c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
21:56:48.0042 0x038c  umbus - ok
21:56:48.0058 0x038c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
21:56:48.0073 0x038c  UmPass - ok
21:56:48.0120 0x038c  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
21:56:48.0167 0x038c  UmRdpService - ok
21:56:48.0230 0x038c  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:56:48.0261 0x038c  upnphost - ok
21:56:48.0292 0x038c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
21:56:48.0308 0x038c  USBAAPL64 - ok
21:56:48.0339 0x038c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
21:56:48.0339 0x038c  usbccgp - ok
21:56:48.0386 0x038c  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
21:56:48.0401 0x038c  usbcir - ok
21:56:48.0434 0x038c  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
21:56:48.0434 0x038c  usbehci - ok
21:56:48.0465 0x038c  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
21:56:48.0465 0x038c  usbfilter - ok
21:56:48.0512 0x038c  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
21:56:48.0528 0x038c  usbhub - ok
21:56:48.0575 0x038c  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
21:56:48.0622 0x038c  USBHUB3 - ok
21:56:48.0653 0x038c  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
21:56:48.0653 0x038c  usbohci - ok
21:56:48.0684 0x038c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
21:56:48.0684 0x038c  usbprint - ok
21:56:48.0731 0x038c  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:56:48.0747 0x038c  USBSTOR - ok
21:56:48.0778 0x038c  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
21:56:48.0778 0x038c  usbuhci - ok
21:56:48.0825 0x038c  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
21:56:48.0840 0x038c  usbvideo - ok
21:56:48.0872 0x038c  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:56:48.0887 0x038c  USBXHCI - ok
21:56:48.0903 0x038c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
21:56:48.0918 0x038c  VaultSvc - ok
21:56:48.0918 0x038c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
21:56:48.0934 0x038c  vdrvroot - ok
21:56:49.0012 0x038c  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
21:56:49.0090 0x038c  vds - ok
21:56:49.0168 0x038c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
21:56:49.0168 0x038c  VerifierExt - ok
21:56:49.0231 0x038c  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
21:56:49.0278 0x038c  vhdmp - ok
21:56:49.0325 0x038c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
21:56:49.0325 0x038c  viaide - ok
21:56:49.0372 0x038c  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
21:56:49.0372 0x038c  vmbus - ok
21:56:49.0387 0x038c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
21:56:49.0387 0x038c  VMBusHID - ok
21:56:49.0465 0x038c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
21:56:49.0497 0x038c  vmicguestinterface - ok
21:56:49.0528 0x038c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
21:56:49.0559 0x038c  vmicheartbeat - ok
21:56:49.0622 0x038c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:56:49.0653 0x038c  vmickvpexchange - ok
21:56:49.0684 0x038c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
21:56:49.0700 0x038c  vmicrdv - ok
21:56:49.0731 0x038c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
21:56:49.0762 0x038c  vmicshutdown - ok
21:56:49.0793 0x038c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
21:56:49.0809 0x038c  vmictimesync - ok
21:56:49.0856 0x038c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
21:56:49.0887 0x038c  vmicvss - ok
21:56:49.0918 0x038c  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
21:56:49.0918 0x038c  volmgr - ok
21:56:49.0950 0x038c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
21:56:49.0981 0x038c  volmgrx - ok
21:56:50.0012 0x038c  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
21:56:50.0043 0x038c  volsnap - ok
21:56:50.0075 0x038c  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
21:56:50.0075 0x038c  vpci - ok
21:56:50.0122 0x038c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
21:56:50.0137 0x038c  vsmraid - ok
21:56:50.0247 0x038c  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
21:56:50.0309 0x038c  VSS - ok
21:56:50.0372 0x038c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
21:56:50.0403 0x038c  VSTXRAID - ok
21:56:50.0481 0x038c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
21:56:50.0481 0x038c  vwifibus - ok
21:56:50.0528 0x038c  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
21:56:50.0543 0x038c  vwififlt - ok
21:56:50.0559 0x038c  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
21:56:50.0559 0x038c  vwifimp - ok
21:56:50.0622 0x038c  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
21:56:50.0653 0x038c  W32Time - ok
21:56:50.0731 0x038c  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
21:56:50.0762 0x038c  w3logsvc - ok
21:56:50.0809 0x038c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
21:56:50.0809 0x038c  WacomPen - ok
21:56:50.0840 0x038c  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:56:50.0856 0x038c  Wanarp - ok
21:56:50.0872 0x038c  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:56:50.0887 0x038c  Wanarpv6 - ok
21:56:50.0965 0x038c  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:56:50.0997 0x038c  WAS - ok
21:56:51.0106 0x038c  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
21:56:51.0168 0x038c  wbengine - ok
21:56:51.0231 0x038c  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
21:56:51.0262 0x038c  WbioSrvc - ok
21:56:51.0293 0x038c  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
21:56:51.0325 0x038c  Wcmsvc - ok
21:56:51.0372 0x038c  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
21:56:51.0403 0x038c  wcncsvc - ok
21:56:51.0439 0x038c  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:56:51.0454 0x038c  WcsPlugInService - ok
21:56:51.0486 0x038c  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
21:56:51.0486 0x038c  WdBoot - ok
21:56:51.0548 0x038c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
21:56:51.0595 0x038c  Wdf01000 - ok
21:56:51.0626 0x038c  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
21:56:51.0642 0x038c  WdFilter - ok
21:56:51.0673 0x038c  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
21:56:51.0673 0x038c  WdiServiceHost - ok
21:56:51.0689 0x038c  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
21:56:51.0704 0x038c  WdiSystemHost - ok
21:56:51.0736 0x038c  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:56:51.0736 0x038c  WdNisDrv - ok
21:56:51.0814 0x038c  WdNisSvc - ok
21:56:51.0892 0x038c  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:56:51.0923 0x038c  WebClient - ok
21:56:51.0970 0x038c  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
21:56:51.0986 0x038c  Wecsvc - ok
21:56:52.0001 0x038c  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
21:56:52.0001 0x038c  WEPHOSTSVC - ok
21:56:52.0048 0x038c  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
21:56:52.0048 0x038c  wercplsupport - ok
21:56:52.0064 0x038c  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
21:56:52.0079 0x038c  WerSvc - ok
21:56:52.0126 0x038c  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
21:56:52.0142 0x038c  WFPLWFS - ok
21:56:52.0157 0x038c  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
21:56:52.0173 0x038c  WiaRpc - ok
21:56:52.0220 0x038c  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
21:56:52.0251 0x038c  WIMMount - ok
21:56:52.0267 0x038c  WinDefend - ok
21:56:52.0345 0x038c  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:56:52.0376 0x038c  WinHttpAutoProxySvc - ok
21:56:52.0428 0x038c  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:56:52.0444 0x038c  Winmgmt - ok
21:56:52.0600 0x038c  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
21:56:52.0725 0x038c  WinRM - ok
21:56:52.0772 0x038c  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
21:56:52.0772 0x038c  WinUsb - ok
21:56:52.0819 0x038c  [ DAF801153E8F33E13AB278332250D78A, 0F277DA63E8A058A474994CF3A8345DEA967B78E54F4F97FEC995499A1D541A0 ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
21:56:52.0819 0x038c  WirelessButtonDriver - ok
21:56:52.0928 0x038c  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
21:56:53.0006 0x038c  WlanSvc - ok
21:56:53.0116 0x038c  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
21:56:53.0194 0x038c  wlidsvc - ok
21:56:53.0225 0x038c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
21:56:53.0241 0x038c  WmiAcpi - ok
21:56:53.0288 0x038c  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:56:53.0288 0x038c  wmiApSrv - ok
21:56:53.0319 0x038c  WMPNetworkSvc - ok
21:56:53.0350 0x038c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:56:53.0366 0x038c  Wof - ok
21:56:53.0475 0x038c  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
21:56:53.0553 0x038c  workfolderssvc - ok
21:56:53.0600 0x038c  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:56:53.0600 0x038c  wpcfltr - ok
21:56:53.0663 0x038c  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
21:56:53.0663 0x038c  WPCSvc - ok
21:56:53.0694 0x038c  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
21:56:53.0694 0x038c  WPDBusEnum - ok
21:56:53.0725 0x038c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:56:53.0725 0x038c  WpdUpFltr - ok
21:56:53.0756 0x038c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:56:53.0756 0x038c  ws2ifsl - ok
21:56:53.0803 0x038c  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
21:56:53.0819 0x038c  wscsvc - ok
21:56:53.0819 0x038c  WSearch - ok
21:56:54.0022 0x038c  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
21:56:54.0178 0x038c  WSService - ok
21:56:54.0397 0x038c  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
21:56:54.0603 0x038c  wuauserv - ok
21:56:54.0665 0x038c  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
21:56:54.0681 0x038c  WudfPf - ok
21:56:54.0712 0x038c  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
21:56:54.0728 0x038c  WUDFRd - ok
21:56:54.0743 0x038c  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:56:54.0759 0x038c  WUDFSensorLP - ok
21:56:54.0806 0x038c  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
21:56:54.0806 0x038c  wudfsvc - ok
21:56:54.0837 0x038c  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:56:54.0837 0x038c  WUDFWpdFs - ok
21:56:54.0853 0x038c  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:56:54.0868 0x038c  WUDFWpdMtp - ok
21:56:54.0931 0x038c  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
21:56:54.0962 0x038c  WwanSvc - ok
21:56:54.0993 0x038c  ================ Scan global ===============================
21:56:55.0040 0x038c  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
21:56:55.0071 0x038c  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
21:56:55.0118 0x038c  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
21:56:55.0149 0x038c  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
21:56:55.0181 0x038c  [ Global ] - ok
21:56:55.0181 0x038c  ================ Scan MBR ==================================
21:56:55.0196 0x038c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:56:55.0259 0x038c  \Device\Harddisk0\DR0 - ok
21:56:55.0259 0x038c  ================ Scan VBR ==================================
21:56:55.0290 0x038c  [ 1135E74614A879217406E31940531BAB ] \Device\Harddisk0\DR0\Partition1
21:56:55.0337 0x038c  \Device\Harddisk0\DR0\Partition1 - ok
21:56:55.0353 0x038c  [ 45D1E0DDF86F142F8BDCB1EE73E9F4A4 ] \Device\Harddisk0\DR0\Partition2
21:56:55.0368 0x038c  \Device\Harddisk0\DR0\Partition2 - ok
21:56:55.0384 0x038c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
21:56:55.0384 0x038c  \Device\Harddisk0\DR0\Partition3 - ok
21:56:55.0415 0x038c  [ F3B302B72B09400DEFD761DB6894C24B ] \Device\Harddisk0\DR0\Partition4
21:56:55.0415 0x038c  \Device\Harddisk0\DR0\Partition4 - ok
21:56:55.0462 0x038c  [ B07E26758D64D8BCE1D271C32F0EB65F ] \Device\Harddisk0\DR0\Partition5
21:56:55.0525 0x038c  \Device\Harddisk0\DR0\Partition5 - ok
21:56:55.0572 0x038c  [ 58C6C4010F099F4C6380CAF6EC461DB8 ] \Device\Harddisk0\DR0\Partition6
21:56:55.0619 0x038c  \Device\Harddisk0\DR0\Partition6 - ok
21:56:55.0619 0x038c  ================ Scan generic autorun ======================
21:56:55.0619 0x038c  SynTPEnh - ok
21:56:55.0775 0x038c  [ 21247A9F74DA9C8AF98E6847F82D07A8, BE84D3CD0A2149E3FC5EDC78C09C0A94FD3CE354B7C5C3F88457C6C1FAF82ECF ] C:\Program Files\IDT\WDM\sttray64.exe
21:56:55.0837 0x038c  SysTrayApp - ok
21:56:56.0009 0x038c  [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
21:56:56.0040 0x038c  StartCCC - ok
21:56:56.0212 0x038c  [ D6FF94ED4D086489A453134F0AE33FD3, 47E1CE640E9AB6B8DD148DACA80B1D07BCF69DF9F6B109285419447B9A4025FF ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
21:56:56.0228 0x038c  CLVirtualDrive - ok
21:56:56.0337 0x038c  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
21:56:56.0337 0x038c  RemoteControl10 - ok
21:56:56.0447 0x038c  [ EBAE9EE13F51F38B57D616CF4A420682, E27969D5F0B796C2C8DA7C46680AB6C797A8F297B105477B71B4871F8F7B62FD ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
21:56:56.0462 0x038c  HP Quick Launch - ok
21:56:56.0634 0x038c  [ 9F3655267BA37004F519ABDDB3AEE244, 971BA4937F103F09C166BBCAE6D48688251AD603A743C81D9A50480BFEF22C83 ] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
21:56:56.0681 0x038c  HP CoolSense - ok
21:56:56.0775 0x038c  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
21:56:56.0775 0x038c  iTunesHelper - ok
21:56:56.0900 0x038c  [ F4BBAAC708FA033EEA88BA070E43DF51, C0A99216B05790B83BBCF10732F5F8E907ABB732FA7F90C2F7B5E0AA2D8B7920 ] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
21:56:56.0962 0x038c  AppEx Accelerator UI - ok
21:56:57.0119 0x038c  [ 841ED26FBAE978C36323C935B2E8A613, 6803B573384D62246E258EB4D20238AEB55F63242383D4B3B2D2E1022B728D8C ] C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
21:56:57.0244 0x038c  Power2GoExpress8 - ok
21:56:57.0353 0x038c  [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
21:56:57.0369 0x038c  WAB Migrate - ok
21:56:57.0369 0x038c  Waiting for KSN requests completion. In queue: 147
21:56:58.0384 0x038c  Waiting for KSN requests completion. In queue: 147
21:56:59.0399 0x038c  Waiting for KSN requests completion. In queue: 147
21:57:00.0446 0x038c  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe ( 20.6.0.0 ), 0x54010 ( disabled : outofdate )
21:57:00.0493 0x038c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
21:57:00.0508 0x038c  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe ( 20.5.0.0 ), 0x54010 ( disabled : outofdate )
21:57:00.0508 0x038c  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe ( 20.5.0.0 ), 0x50010 ( disabled )
21:57:00.0524 0x038c  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe ( 20.6.0.0 ), 0x50010 ( disabled )
21:57:00.0540 0x038c  Win FW state via NFP2: enabled
21:57:02.0982 0x038c  ============================================================
21:57:02.0982 0x038c  Scan finished
21:57:02.0982 0x038c  ============================================================
21:57:02.0998 0x0fa8  Detected object count: 0
21:57:02.0998 0x0fa8  Actual detected object count: 0

I hope this is Ok. Please let me know if you need anything more. With thanks. Ian

 

Attached Files



#4 Cluelex

Cluelex
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:30 AM

Posted 16 January 2015 - 02:23 PM

Hi Marius

 

Just to let you know I have had to return this laptop to the owner as they are going abroad tomorrow for 6 months.

 

Thanks for all your help anyway.

 

With thanks



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 17 January 2015 - 06:13 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 17 January 2015 - 06:13 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users