Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I was infected, removed the malware but still getting suspicious connections


  • Please log in to reply
2 replies to this topic

#1 green_orange

green_orange

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Egypt & UK
  • Local time:06:06 AM

Posted 16 January 2015 - 03:38 PM

Hi guys,

A few days ago I found out that my PC was infected with some sort of malware(probably my little brother used an infected USB disk without telling me).

How I found out I was infected: :o

The PC had nothing wrong with it till yesterday when I got a popup from MBAM telling me that an executable file is trying to connect to a malicious IP address. That exe file is called "SBCint2.exe". (in its properties, the file type property said it was a UPX-packed EXE or something).

Steps I took to remove the malware: :afro:

1- I did a full scan using MBAM after updating it, got nothing.

2- I found a record in the startup (from msconfig) for another executable file called "java32[1].exe" which when I checked, I found that it had the same icon as the previous one that was connecting out to a malicious IP address (the SBCint2.exe one and said it was UPX-packed too).

3- I deleted the startup line belonging to it, killed processes of both executable files, and then took compressed (7zipped with a password) copies of both EXEs before deleting them.

4- No more malicious connections were being made, but I found 2 other suspicious EXEs in the "windows\temp" directory... "pooface.exe" and "7za.exe", and I also compressed then deleted both.

Current issues:

I have just noticed that every now and then, there are a couple of TCP requests made to the addresses "87.243.6.136", "87.243.6.137", "77.232.217.121" without me touching anything :alien2: . I see those results in a program called "PeerBlock". I tried a couple of freewares called "cports" and "tcplogview" but none of them showed the requests to those 2 malicious IP addresses, also "Comodo firewall" and "ESet SMart security" don't detect those requests either :unsure: . Till now, I can't find out what program or service is connecting to those IPs.

 

More info:

1- Googling a little bit about those IPs showed that the IPs are ROmanian.

reverse IP lookup showed: "a87-243-6-136.deploy.akamaitechnologies.com", and sometimes showed "download.microsoft.com".

2- I can now intitate those connections by disabling my wireless internet adapter then re-enabling it, but I still can't find the source. (I can reproduce that activity now, I think that will help).

3- Tried the command "netstat -ano" in the command prompt, nothing showed up with that address.

4- Here is a picture of the requests from "Peerblock". I got them by disabling/enabling the network adapter :ph34r: .

 

l2A0mWD.png

 

5.Here is a picture of the compressed malware files and their sizes (if there is anything I could do to analyze them or something):

LtBSlhH.jpg

 

6. When I enable my wireless network adapter, the HIPS (Host Intrusion-Prevention System) from the Eset Smart security says that svchost.exe wants to delete 11 registry keys.... every single time I enable the adapter, svchost.exe does that :unsure: . I notice the "DHCP" part in there, even though I don't use DHCP.

Here is a picture: (I apologize for the big size, I had to edit them all in)

i97R23O.jpg

 

Thanks in advance for the help, bleeps... :rolleyes:

 



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:06 PM

Posted 16 January 2015 - 08:34 PM

Hello G O that file belonged to Java. you may have an exploited version.

lets look at these.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 green_orange

green_orange
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Egypt & UK
  • Local time:06:06 AM

Posted 16 January 2015 - 10:05 PM

First... thanks for replying, boopme.

Here is "Result.txt" from Minitoolbox:

 

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Skull (administrator) on 17-01-2015 at 04:34:00
Running from "C:\Users\Skull\Downloads\Programs\Advanced malware removal"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.backup.ftp", "222.88.236.236"
"network.proxy.backup.ftp_port", 80
"network.proxy.backup.socks", "222.88.236.236"
"network.proxy.backup.socks_port", 80
"network.proxy.backup.ssl", "222.88.236.236"
"network.proxy.backup.ssl_port", 80
"network.proxy.ftp", "190.204.12.71"
"network.proxy.ftp_port", 9064
"network.proxy.http", "190.204.12.71"
"network.proxy.http_port", 9064
"network.proxy.share_proxy_settings", true
"network.proxy.socks", "190.204.12.71"
"network.proxy.socks_port", 9064
"network.proxy.ssl", "190.204.12.71"
"network.proxy.ssl_port", 9064
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

TAP-Windows Adapter V9 = Local Area Connection (Disconnected)
Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Wireless Network Connection" nexthop=192.168.1.1 publish=Yes
add address name="Wireless Network Connection" address=192.168.1.17 mask=255.255.255.0
add address name="Local Area Connection" address=169.254.123.199 mask=255.255.0.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Skull-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
   Physical Address. . . . . . . . . : 00-87-12-19-25-92
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.17(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 89.41.60.38
                                       95.169.183.219
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{4460DB25-75DF-4081-B9D9-6FAD79DCAC22}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  89.41.60.38

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Address:  2a00:1450:400c:c02::8b


Pinging google.com [74.125.71.113] with 32 bytes of data:
Reply from 74.125.71.113: bytes=32 time=84ms TTL=44
Reply from 74.125.71.113: bytes=32 time=97ms TTL=44

Ping statistics for 74.125.71.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 84ms, Maximum = 97ms, Average = 90ms
Server:  ns02.cyberghostvpn.com
Address:  89.41.60.38

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=231ms TTL=41
Reply from 206.190.36.45: bytes=32 time=233ms TTL=41

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 231ms, Maximum = 233ms, Average = 232ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...00 87 12 19 25 92 ......Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.17    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.17    281
     192.168.1.17  255.255.255.255         On-link      192.168.1.17    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.17    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.17    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.17    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.1.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/16/2015 08:47:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 03:05:17 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
    Access is denied.  (HRESULT : 0x80070005) (0x80070005)

Error: (01/16/2015 02:53:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2015 01:16:12 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed ESET Smart Security; Error = 0x80042302).

Error: (01/16/2015 01:16:12 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.

Error: (01/16/2015 01:16:12 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and name Coordinator cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]

Error: (01/16/2015 01:15:30 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed ESET Smart Security; Error = 0x80042302).

Error: (01/16/2015 01:15:30 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.

Error: (01/16/2015 01:15:30 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and name Coordinator cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]

Error: (01/16/2015 00:49:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/17/2015 03:43:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:41:34 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:40:17 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:35:51 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:35:51 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:34:03 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:34:01 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:30:18 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:30:18 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058

Error: (01/17/2015 03:30:18 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-02 20:41:58.085
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:41:58.084
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:41:00.087
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:40:59.793
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:40:49.092
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:40:49.091
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:40:48.966
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:40:48.964
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:40:42.275
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-02 20:40:42.274
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40522 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{8D95B61A-9759-40F7-69BF-54DCE6675143}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0522.2156.37579 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0522.2157.37579 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version:  - CyberGhost S.R.L.)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
ESET Smart Security (HKLM\...\{EE219E91-FFC2-42D7-95AF-E84603C30415}) (Version: 7.0.325.1 - ESET, spol s r. o.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.118 - Etron Technology) Hidden
Free Video to JPG Converter version 5.0.29.925 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.29.925 - DVDVideoSoft Ltd.)
Freemake Video Converter version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Performance Collection Tools - ENU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
MPC-BE x64 1.4.3.5182 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.4.3.5182 - MPC-BE Team)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1+ (r691) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.691 - PeerBlock, LLC)
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Skype™ 6.14 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.14.104 - Skype Technologies S.A.)
Snagit 12 (HKLM-x32\...\{8f4df1fe-49bb-4295-99d2-0e29ad8f99c6}) (Version: 12.2.0.1656 - TechSmith Corporation)
Snagit 12 (x32 Version: 12.2.0 - TechSmith Corporation) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Time Adjuster STANDARD 3.1 (HKCU\...\TimeAdjuster) (Version:  - IrekSoftware.com)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805221) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805226) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.7.8 - Shark007)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Grep 2.3 (HKLM-x32\...\Windows Grep_is1) (Version:  - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
x64 Components v3.9.0 (HKLM\...\x64 Components_is1) (Version: 3.9.0 - Shark007)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zebra Screen Recorder version 1.5 (HKLM-x32\...\Zebra Screen Recorder_is1) (Version: 1.5 - Zebra-Media)

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 8175.12 MB
Available physical RAM: 5937.31 MB
Total Pagefile: 16348.41 MB
Available Pagefile: 13667.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.34 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:45.17 GB) (Free:2.29 GB) NTFS
2 Drive d: (Game sources) (Fixed) (Total:449.09 GB) (Free:58.91 GB) NTFS
3 Drive g: (Games 2) (Fixed) (Total:163.2 GB) (Free:8.39 GB) NTFS
4 Drive j: (Games) (Fixed) (Total:100 GB) (Free:47.8 GB) NTFS
5 Drive k: (Library) (Fixed) (Total:250 GB) (Free:111.19 GB) NTFS
6 Drive l: (Dumps) (Fixed) (Total:536.34 GB) (Free:127.15 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator            Guest                    Skull                    


**** End of log ****
 

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

 

Here is the log from TDSSkiller:

 

04:41:44.0956 0x0f88  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
04:41:50.0400 0x0f88  ============================================================
04:41:50.0400 0x0f88  Current date / time: 2015/01/17 04:41:50.0400
04:41:50.0400 0x0f88  SystemInfo:
04:41:50.0401 0x0f88  
04:41:50.0401 0x0f88  OS Version: 6.1.7601 ServicePack: 1.0
04:41:50.0401 0x0f88  Product type: Workstation
04:41:50.0401 0x0f88  ComputerName: SKULL-PC
04:41:50.0401 0x0f88  UserName: Skull
04:41:50.0401 0x0f88  Windows directory: C:\Windows
04:41:50.0401 0x0f88  System windows directory: C:\Windows
04:41:50.0401 0x0f88  Running under WOW64
04:41:50.0401 0x0f88  Processor architecture: Intel x64
04:41:50.0401 0x0f88  Number of processors: 4
04:41:50.0401 0x0f88  Page size: 0x1000
04:41:50.0401 0x0f88  Boot type: Normal boot
04:41:50.0401 0x0f88  ============================================================
04:41:59.0128 0x0f88  KLMD registered as C:\Windows\system32\drivers\40304129.sys
04:41:59.0520 0x0f88  System UUID: {3980325F-23C7-38D9-83C4-CCD08DC23CF5}
04:42:00.0477 0x0f88  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C100DE00 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3F161, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
04:42:00.0485 0x0f88  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
04:42:00.0508 0x0f88  ============================================================
04:42:00.0508 0x0f88  \Device\Harddisk0\DR0:
04:42:00.0508 0x0f88  MBR partitions:
04:42:00.0508 0x0f88  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
04:42:00.0517 0x0f88  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5BD1468, BlocksNum 0x3822E382
04:42:00.0529 0x0f88  \Device\Harddisk0\DR0\Partition3: MBR, Type 0xE, StartLBA 0x3DDFF829, BlocksNum 0x4FFD5E6
04:42:00.0537 0x0f88  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x42E00D0F, BlocksNum 0x3AC019AC
04:42:00.0548 0x0f88  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x7DA026FA, BlocksNum 0x14664CF9
04:42:00.0565 0x0f88  \Device\Harddisk0\DR0\Partition6: MBR, Type 0xB, StartLBA 0x92067432, BlocksNum 0x3E107D4
04:42:00.0581 0x0f88  \Device\Harddisk0\DR0\Partition7: MBR, Type 0x7, StartLBA 0x95E77C45, BlocksNum 0x52F8F87C
04:42:00.0581 0x0f88  \Device\Harddisk1\DR1:
04:42:00.0582 0x0f88  MBR partitions:
04:42:00.0582 0x0f88  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5A58B8A
04:42:00.0628 0x0f88  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x5A58C08, BlocksNum 0xC7FF53F
04:42:00.0661 0x0f88  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x12258186, BlocksNum 0x1F3FE57C
04:42:00.0676 0x0f88  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x31656741, BlocksNum 0x430AF280
04:42:00.0676 0x0f88  ============================================================
04:42:00.0688 0x0f88  C: <-> \Device\Harddisk1\DR1\Partition1
04:42:00.0716 0x0f88  D: <-> \Device\Harddisk0\DR0\Partition2
04:42:00.0770 0x0f88  G: <-> \Device\Harddisk0\DR0\Partition5
04:42:00.0838 0x0f88  J: <-> \Device\Harddisk1\DR1\Partition2
04:42:00.0863 0x0f88  K: <-> \Device\Harddisk1\DR1\Partition3
04:42:00.0902 0x0f88  L: <-> \Device\Harddisk1\DR1\Partition4
04:42:00.0902 0x0f88  ============================================================
04:42:00.0902 0x0f88  Initialize success
04:42:00.0902 0x0f88  ============================================================
04:42:04.0379 0x0664  ============================================================
04:42:04.0379 0x0664  Scan started
04:42:04.0379 0x0664  Mode: Manual;
04:42:04.0379 0x0664  ============================================================
04:42:04.0379 0x0664  KSN ping started
04:42:09.0316 0x0664  KSN ping finished: true
04:42:11.0578 0x0664  ================ Scan system memory ========================
04:42:11.0579 0x0664  System memory - ok
04:42:11.0579 0x0664  ================ Scan services =============================
04:42:11.0792 0x0664  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
04:42:11.0798 0x0664  1394ohci - ok
04:42:11.0842 0x0664  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
04:42:11.0851 0x0664  ACPI - ok
04:42:11.0888 0x0664  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
04:42:11.0890 0x0664  AcpiPmi - ok
04:42:12.0034 0x0664  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
04:42:12.0038 0x0664  AdobeARMservice - ok
04:42:12.0109 0x0664  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
04:42:12.0125 0x0664  adp94xx - ok
04:42:12.0181 0x0664  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
04:42:12.0192 0x0664  adpahci - ok
04:42:12.0255 0x0664  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
04:42:12.0262 0x0664  adpu320 - ok
04:42:12.0303 0x0664  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
04:42:12.0306 0x0664  AeLookupSvc - ok
04:42:12.0415 0x0664  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
04:42:12.0430 0x0664  AFD - ok
04:42:12.0449 0x0664  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
04:42:12.0451 0x0664  agp440 - ok
04:42:12.0517 0x0664  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
04:42:12.0521 0x0664  ALG - ok
04:42:12.0525 0x0664  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
04:42:12.0527 0x0664  aliide - ok
04:42:12.0585 0x0664  [ 91CED777074974890AF6E93839245678, 23FE30391AD4DD184909B6ACB035F92A11EF912A5B5E0E8CF9ED08C8F6B5E489 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
04:42:12.0594 0x0664  AMD External Events Utility - ok
04:42:12.0599 0x0664  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
04:42:12.0600 0x0664  amdide - ok
04:42:12.0605 0x0664  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
04:42:12.0607 0x0664  AmdK8 - ok
04:42:13.0008 0x0664  [ 74B39BA3FB6A934FEFEDEC1C89D5AD64, 15D92791FF46203FCED99FB6DB9E86E5AE91B6BC94AF64A35C28ABCCA5C82E8A ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
04:42:13.0310 0x0664  amdkmdag - ok
04:42:13.0426 0x0664  [ DA9BFE42D2B4BF410DE9700698E7C150, AB7743D0DBD0A3B2CC016F2C6FE417B9023AB52B0E926E9D09A753F739928C15 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
04:42:13.0446 0x0664  amdkmdap - ok
04:42:13.0451 0x0664  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
04:42:13.0454 0x0664  AmdPPM - ok
04:42:13.0496 0x0664  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
04:42:13.0500 0x0664  amdsata - ok
04:42:13.0507 0x0664  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
04:42:13.0513 0x0664  amdsbs - ok
04:42:13.0549 0x0664  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
04:42:13.0551 0x0664  amdxata - ok
04:42:13.0585 0x0664  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
04:42:13.0589 0x0664  AppID - ok
04:42:13.0622 0x0664  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
04:42:13.0625 0x0664  AppIDSvc - ok
04:42:13.0674 0x0664  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
04:42:13.0677 0x0664  Appinfo - ok
04:42:13.0724 0x0664  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
04:42:13.0731 0x0664  AppMgmt - ok
04:42:13.0737 0x0664  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
04:42:13.0741 0x0664  arc - ok
04:42:13.0746 0x0664  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
04:42:13.0749 0x0664  arcsas - ok
04:42:13.0897 0x0664  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
04:42:13.0907 0x0664  aspnet_state - ok
04:42:13.0968 0x0664  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
04:42:13.0970 0x0664  AsyncMac - ok
04:42:13.0973 0x0664  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
04:42:13.0974 0x0664  atapi - ok
04:42:14.0020 0x0664  [ FF50A62EFA151EBCFCDD37A76CA9EA92, FFD5AAEFF5D717237CE244B1FAB6D2EF30A7F6C4DF094F8212BA6F85FB3AE902 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
04:42:14.0024 0x0664  AtiHDAudioService - ok
04:42:14.0078 0x0664  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
04:42:14.0093 0x0664  AudioEndpointBuilder - ok
04:42:14.0109 0x0664  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
04:42:14.0119 0x0664  AudioSrv - ok
04:42:14.0160 0x0664  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
04:42:14.0163 0x0664  AxInstSV - ok
04:42:14.0254 0x0664  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
04:42:14.0268 0x0664  b06bdrv - ok
04:42:14.0326 0x0664  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
04:42:14.0336 0x0664  b57nd60a - ok
04:42:14.0381 0x0664  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
04:42:14.0386 0x0664  BDESVC - ok
04:42:14.0390 0x0664  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
04:42:14.0391 0x0664  Beep - ok
04:42:14.0438 0x0664  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
04:42:14.0456 0x0664  BFE - ok
04:42:14.0521 0x0664  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
04:42:14.0579 0x0664  BITS - ok
04:42:14.0584 0x0664  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
04:42:14.0586 0x0664  blbdrive - ok
04:42:14.0603 0x0664  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
04:42:14.0606 0x0664  bowser - ok
04:42:14.0608 0x0664  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
04:42:14.0610 0x0664  BrFiltLo - ok
04:42:14.0612 0x0664  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
04:42:14.0613 0x0664  BrFiltUp - ok
04:42:14.0691 0x0664  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
04:42:14.0696 0x0664  Browser - ok
04:42:14.0708 0x0664  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
04:42:14.0717 0x0664  Brserid - ok
04:42:14.0722 0x0664  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
04:42:14.0724 0x0664  BrSerWdm - ok
04:42:14.0727 0x0664  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
04:42:14.0729 0x0664  BrUsbMdm - ok
04:42:14.0732 0x0664  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
04:42:14.0733 0x0664  BrUsbSer - ok
04:42:14.0736 0x0664  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
04:42:14.0738 0x0664  BTHMODEM - ok
04:42:14.0786 0x0664  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
04:42:14.0790 0x0664  bthserv - ok
04:42:14.0820 0x0664  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
04:42:14.0823 0x0664  cdfs - ok
04:42:14.0831 0x0664  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
04:42:14.0837 0x0664  cdrom - ok
04:42:14.0893 0x0664  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
04:42:14.0897 0x0664  CertPropSvc - ok
04:42:15.0045 0x0664  [ 08D4BD3F12DFF3A11E4F2C09745DA0FA, 99A19D3B43F5B21A3E23B9A91D9443ED2710C14B954C769B837626181FC4F630 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
04:42:15.0048 0x0664  CGVPNCliService - ok
04:42:15.0053 0x0664  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
04:42:15.0055 0x0664  circlass - ok
04:42:15.0101 0x0664  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
04:42:15.0115 0x0664  CLFS - ok
04:42:15.0221 0x0664  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:42:15.0225 0x0664  clr_optimization_v2.0.50727_32 - ok
04:42:15.0340 0x0664  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
04:42:15.0345 0x0664  clr_optimization_v2.0.50727_64 - ok
04:42:15.0433 0x0664  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:42:15.0524 0x0664  clr_optimization_v4.0.30319_32 - ok
04:42:15.0568 0x0664  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
04:42:15.0614 0x0664  clr_optimization_v4.0.30319_64 - ok
04:42:15.0637 0x0664  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
04:42:15.0639 0x0664  CmBatt - ok
04:42:15.0643 0x0664  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
04:42:15.0645 0x0664  cmdide - ok
04:42:15.0682 0x0664  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
04:42:15.0695 0x0664  CNG - ok
04:42:15.0728 0x0664  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
04:42:15.0730 0x0664  Compbatt - ok
04:42:15.0734 0x0664  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
04:42:15.0737 0x0664  CompositeBus - ok
04:42:15.0740 0x0664  COMSysApp - ok
04:42:15.0761 0x0664  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
04:42:15.0762 0x0664  crcdisk - ok
04:42:15.0811 0x0664  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
04:42:15.0817 0x0664  CryptSvc - ok
04:42:15.0875 0x0664  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
04:42:15.0885 0x0664  CSC - ok
04:42:15.0899 0x0664  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
04:42:15.0909 0x0664  CscService - ok
04:42:15.0973 0x0664  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
04:42:15.0991 0x0664  DcomLaunch - ok
04:42:16.0052 0x0664  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
04:42:16.0063 0x0664  defragsvc - ok
04:42:16.0070 0x0664  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
04:42:16.0074 0x0664  DfsC - ok
04:42:16.0096 0x0664  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
04:42:16.0106 0x0664  Dhcp - ok
04:42:16.0111 0x0664  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
04:42:16.0113 0x0664  discache - ok
04:42:16.0117 0x0664  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
04:42:16.0120 0x0664  Disk - ok
04:42:16.0167 0x0664  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
04:42:16.0170 0x0664  dmvsc - ok
04:42:16.0291 0x0664  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
04:42:16.0297 0x0664  Dnscache - ok
04:42:16.0346 0x0664  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
04:42:16.0356 0x0664  dot3svc - ok
04:42:16.0398 0x0664  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
04:42:16.0404 0x0664  DPS - ok
04:42:16.0453 0x0664  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
04:42:16.0455 0x0664  drmkaud - ok
04:42:16.0539 0x0664  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
04:42:16.0566 0x0664  DXGKrnl - ok
04:42:16.0605 0x0664  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
04:42:16.0611 0x0664  E1G60 - ok
04:42:16.0741 0x0664  [ AAE0B51C19849792806636946E9D1079, 71EFE1CED220F26EE5C12783E33D882E703250AA375E9B28D9763BC4875651ED ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
04:42:16.0749 0x0664  eamonm - ok
04:42:16.0822 0x0664  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
04:42:16.0826 0x0664  EapHost - ok
04:42:16.0980 0x0664  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
04:42:17.0039 0x0664  ebdrv - ok
04:42:17.0091 0x0664  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
04:42:17.0093 0x0664  EFS - ok
04:42:17.0157 0x0664  [ B1453BFB7674F3C212090C59D15D4346, 0B913486E4F68966279E1DB0CF1EAEF102E2E4302B703EC5E357F6BC227CDB6F ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
04:42:17.0164 0x0664  ehdrv - ok
04:42:17.0293 0x0664  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
04:42:17.0313 0x0664  ehRecvr - ok
04:42:17.0341 0x0664  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
04:42:17.0345 0x0664  ehSched - ok
04:42:17.0563 0x0664  [ 985A2325C562D1AB19A01F912D5E8AE8, 15160326B34174C6F6FB80E432B92267F8703A7EA99277FC334D17099F8A990F ] ekrn            C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
04:42:17.0590 0x0664  ekrn - ok
04:42:17.0650 0x0664  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
04:42:17.0668 0x0664  elxstor - ok
04:42:17.0710 0x0664  [ 863EF8B672B5CED87002DA9419B896D4, 379CF7F16FC669258F4F2BFDE96CAD0376B6B8DE1165CF095C462EF042A91338 ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
04:42:17.0718 0x0664  epfw - ok
04:42:17.0780 0x0664  [ 05492967D961F80B363D744DF272E740, A900BEA8839B78FDDE8AFB3EAFAFDF49D2CF62EB46339085E8D0C8BF671E087A ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
04:42:17.0783 0x0664  EpfwLWF - ok
04:42:17.0821 0x0664  [ A266A2FCF1F0F2384ABA5AE2B25919B0, 2840AF123B94235420A29B5D3086050656245F65EB32DE37A1AAE3815085920A ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
04:42:17.0824 0x0664  epfwwfp - ok
04:42:17.0828 0x0664  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
04:42:17.0830 0x0664  ErrDev - ok
04:42:17.0911 0x0664  [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
04:42:17.0914 0x0664  EtronHub3 - ok
04:42:17.0969 0x0664  [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
04:42:17.0973 0x0664  EtronXHCI - ok
04:42:18.0053 0x0664  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
04:42:18.0067 0x0664  EventSystem - ok
04:42:18.0106 0x0664  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
04:42:18.0113 0x0664  exfat - ok
04:42:18.0158 0x0664  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
04:42:18.0166 0x0664  fastfat - ok
04:42:18.0182 0x0664  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
04:42:18.0184 0x0664  fdc - ok
04:42:18.0217 0x0664  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
04:42:18.0219 0x0664  fdPHost - ok
04:42:18.0232 0x0664  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
04:42:18.0235 0x0664  FDResPub - ok
04:42:18.0285 0x0664  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
04:42:18.0288 0x0664  FileInfo - ok
04:42:18.0293 0x0664  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
04:42:18.0295 0x0664  Filetrace - ok
04:42:18.0412 0x0664  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
04:42:18.0429 0x0664  FLEXnet Licensing Service - ok
04:42:18.0432 0x0664  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
04:42:18.0433 0x0664  flpydisk - ok
04:42:18.0453 0x0664  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
04:42:18.0459 0x0664  FltMgr - ok
04:42:18.0562 0x0664  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
04:42:18.0589 0x0664  FontCache - ok
04:42:18.0668 0x0664  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
04:42:18.0671 0x0664  FontCache3.0.0.0 - ok
04:42:18.0676 0x0664  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
04:42:18.0679 0x0664  FsDepends - ok
04:42:18.0683 0x0664  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
04:42:18.0685 0x0664  Fs_Rec - ok
04:42:18.0714 0x0664  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
04:42:18.0721 0x0664  fvevol - ok
04:42:18.0764 0x0664  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
04:42:18.0767 0x0664  gagp30kx - ok
04:42:18.0875 0x0664  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
04:42:18.0889 0x0664  gpsvc - ok
04:42:18.0915 0x0664  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
04:42:18.0917 0x0664  hcw85cir - ok
04:42:18.0984 0x0664  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
04:42:18.0996 0x0664  HdAudAddService - ok
04:42:19.0033 0x0664  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
04:42:19.0037 0x0664  HDAudBus - ok
04:42:19.0041 0x0664  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
04:42:19.0043 0x0664  HidBatt - ok
04:42:19.0078 0x0664  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
04:42:19.0082 0x0664  HidBth - ok
04:42:19.0085 0x0664  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
04:42:19.0088 0x0664  HidIr - ok
04:42:19.0128 0x0664  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
04:42:19.0130 0x0664  hidserv - ok
04:42:19.0260 0x0664  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
04:42:19.0366 0x0664  HidUsb - ok
04:42:19.0412 0x0664  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
04:42:19.0417 0x0664  hkmsvc - ok
04:42:19.0438 0x0664  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
04:42:19.0446 0x0664  HomeGroupListener - ok
04:42:19.0479 0x0664  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
04:42:19.0487 0x0664  HomeGroupProvider - ok
04:42:19.0493 0x0664  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
04:42:19.0497 0x0664  HpSAMD - ok
04:42:19.0564 0x0664  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
04:42:19.0576 0x0664  HTTP - ok
04:42:19.0579 0x0664  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
04:42:19.0580 0x0664  hwpolicy - ok
04:42:19.0615 0x0664  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
04:42:19.0617 0x0664  i8042prt - ok
04:42:19.0649 0x0664  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
04:42:19.0661 0x0664  iaStorV - ok
04:42:19.0696 0x0664  [ 188338EAB1E483BC715CDF5A2B0996E3, CBC811FD7FFA36746FFB6E6C186A77F8018C6A5F279EDDE8C633DFD74075BCFF ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
04:42:19.0701 0x0664  IDMWFP - ok
04:42:19.0767 0x0664  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
04:42:19.0791 0x0664  idsvc - ok
04:42:19.0796 0x0664  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
04:42:19.0798 0x0664  iirsp - ok
04:42:19.0837 0x0664  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
04:42:19.0850 0x0664  IKEEXT - ok
04:42:19.0987 0x0664  [ 07E34A18AB9DAD1F680B1066D9782BFB, 62285189743CAA57B0108D8D4A197E5BB22143311026AD4AC5BA7BBEA7DC4299 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
04:42:20.0052 0x0664  IntcAzAudAddService - ok
04:42:20.0181 0x0664  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
04:42:20.0200 0x0664  Intel® Capability Licensing Service Interface - ok
04:42:20.0244 0x0664  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
04:42:20.0260 0x0664  Intel® Capability Licensing Service TCP IP Interface - ok
04:42:20.0263 0x0664  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
04:42:20.0264 0x0664  intelide - ok
04:42:20.0294 0x0664  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
04:42:20.0295 0x0664  intelppm - ok
04:42:20.0343 0x0664  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
04:42:20.0348 0x0664  IPBusEnum - ok
04:42:20.0355 0x0664  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:42:20.0358 0x0664  IpFilterDriver - ok
04:42:20.0420 0x0664  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
04:42:20.0436 0x0664  iphlpsvc - ok
04:42:20.0439 0x0664  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
04:42:20.0441 0x0664  IPMIDRV - ok
04:42:20.0445 0x0664  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
04:42:20.0448 0x0664  IPNAT - ok
04:42:20.0450 0x0664  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
04:42:20.0451 0x0664  IRENUM - ok
04:42:20.0467 0x0664  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
04:42:20.0468 0x0664  isapnp - ok
04:42:20.0544 0x0664  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
04:42:20.0554 0x0664  iScsiPrt - ok
04:42:20.0634 0x0664  [ 9C6F3F69163133FB8E56AC4A6E163452, BD6CAB093B5451B4CC85B4528DC0251C97A3D11CB3C1493D25F37B06F8CD2238 ] ISODrive        C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
04:42:20.0639 0x0664  ISODrive - ok
04:42:20.0659 0x0664  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
04:42:20.0661 0x0664  kbdclass - ok
04:42:20.0677 0x0664  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
04:42:20.0679 0x0664  kbdhid - ok
04:42:20.0718 0x0664  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
04:42:20.0720 0x0664  KeyIso - ok
04:42:20.0776 0x0664  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
04:42:20.0780 0x0664  KSecDD - ok
04:42:20.0828 0x0664  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
04:42:20.0834 0x0664  KSecPkg - ok
04:42:20.0839 0x0664  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
04:42:20.0841 0x0664  ksthunk - ok
04:42:20.0875 0x0664  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
04:42:20.0887 0x0664  KtmRm - ok
04:42:20.0939 0x0664  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
04:42:20.0947 0x0664  LanmanServer - ok
04:42:20.0987 0x0664  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:42:20.0993 0x0664  LanmanWorkstation - ok
04:42:21.0013 0x0664  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
04:42:21.0015 0x0664  lltdio - ok
04:42:21.0049 0x0664  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
04:42:21.0058 0x0664  lltdsvc - ok
04:42:21.0095 0x0664  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
04:42:21.0097 0x0664  lmhosts - ok
04:42:21.0156 0x0664  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
04:42:21.0161 0x0664  LSI_FC - ok
04:42:21.0168 0x0664  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
04:42:21.0173 0x0664  LSI_SAS - ok
04:42:21.0178 0x0664  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
04:42:21.0181 0x0664  LSI_SAS2 - ok
04:42:21.0186 0x0664  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
04:42:21.0189 0x0664  LSI_SCSI - ok
04:42:21.0200 0x0664  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
04:42:21.0202 0x0664  luafv - ok
04:42:21.0270 0x0664  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
04:42:21.0272 0x0664  MBAMProtector - ok
04:42:21.0397 0x0664  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
04:42:21.0431 0x0664  MBAMScheduler - ok
04:42:21.0500 0x0664  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
04:42:21.0528 0x0664  MBAMService - ok
04:42:21.0579 0x0664  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
04:42:21.0584 0x0664  MBAMSwissArmy - ok
04:42:21.0633 0x0664  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
04:42:21.0636 0x0664  MBAMWebAccessControl - ok
04:42:21.0708 0x0664  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
04:42:21.0713 0x0664  Mcx2Svc - ok
04:42:21.0738 0x0664  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
04:42:21.0740 0x0664  megasas - ok
04:42:21.0751 0x0664  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
04:42:21.0759 0x0664  MegaSR - ok
04:42:21.0806 0x0664  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
04:42:21.0810 0x0664  MEIx64 - ok
04:42:21.0927 0x0664  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
04:42:21.0931 0x0664  Microsoft Office Groove Audit Service - ok
04:42:21.0962 0x0664  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
04:42:21.0965 0x0664  MMCSS - ok
04:42:21.0970 0x0664  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
04:42:21.0972 0x0664  Modem - ok
04:42:21.0993 0x0664  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
04:42:21.0995 0x0664  monitor - ok
04:42:22.0003 0x0664  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
04:42:22.0005 0x0664  mouclass - ok
04:42:22.0037 0x0664  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
04:42:22.0039 0x0664  mouhid - ok
04:42:22.0043 0x0664  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
04:42:22.0047 0x0664  mountmgr - ok
04:42:22.0053 0x0664  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
04:42:22.0058 0x0664  mpio - ok
04:42:22.0080 0x0664  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
04:42:22.0082 0x0664  mpsdrv - ok
04:42:22.0141 0x0664  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
04:42:22.0162 0x0664  MpsSvc - ok
04:42:22.0234 0x0664  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
04:42:22.0239 0x0664  MRxDAV - ok
04:42:22.0253 0x0664  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
04:42:22.0259 0x0664  mrxsmb - ok
04:42:22.0269 0x0664  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:42:22.0277 0x0664  mrxsmb10 - ok
04:42:22.0293 0x0664  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:42:22.0297 0x0664  mrxsmb20 - ok
04:42:22.0355 0x0664  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
04:42:22.0357 0x0664  msahci - ok
04:42:22.0395 0x0664  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
04:42:22.0399 0x0664  msdsm - ok
04:42:22.0421 0x0664  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
04:42:22.0426 0x0664  MSDTC - ok
04:42:22.0444 0x0664  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
04:42:22.0445 0x0664  Msfs - ok
04:42:22.0450 0x0664  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
04:42:22.0451 0x0664  mshidkmdf - ok
04:42:22.0458 0x0664  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
04:42:22.0460 0x0664  msisadrv - ok
04:42:22.0482 0x0664  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
04:42:22.0487 0x0664  MSiSCSI - ok
04:42:22.0489 0x0664  msiserver - ok
04:42:22.0540 0x0664  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
04:42:22.0542 0x0664  MSKSSRV - ok
04:42:22.0546 0x0664  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
04:42:22.0547 0x0664  MSPCLOCK - ok
04:42:22.0550 0x0664  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
04:42:22.0552 0x0664  MSPQM - ok
04:42:22.0567 0x0664  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
04:42:22.0578 0x0664  MsRPC - ok
04:42:22.0588 0x0664  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
04:42:22.0589 0x0664  mssmbios - ok
04:42:22.0592 0x0664  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
04:42:22.0593 0x0664  MSTEE - ok
04:42:22.0607 0x0664  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
04:42:22.0608 0x0664  MTConfig - ok
04:42:22.0611 0x0664  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
04:42:22.0613 0x0664  Mup - ok
04:42:22.0685 0x0664  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
04:42:22.0699 0x0664  napagent - ok
04:42:22.0753 0x0664  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
04:42:22.0765 0x0664  NativeWifiP - ok
04:42:22.0841 0x0664  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
04:42:22.0866 0x0664  NDIS - ok
04:42:22.0902 0x0664  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
04:42:22.0905 0x0664  NdisCap - ok
04:42:22.0929 0x0664  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
04:42:22.0931 0x0664  NdisTapi - ok
04:42:22.0948 0x0664  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
04:42:22.0952 0x0664  Ndisuio - ok
04:42:22.0959 0x0664  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
04:42:22.0965 0x0664  NdisWan - ok
04:42:22.0969 0x0664  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
04:42:22.0972 0x0664  NDProxy - ok
04:42:22.0996 0x0664  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
04:42:22.0998 0x0664  NetBIOS - ok
04:42:23.0007 0x0664  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
04:42:23.0014 0x0664  NetBT - ok
04:42:23.0040 0x0664  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
04:42:23.0041 0x0664  Netlogon - ok
04:42:23.0087 0x0664  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
04:42:23.0099 0x0664  Netman - ok
04:42:23.0195 0x0664  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:42:23.0232 0x0664  NetMsmqActivator - ok
04:42:23.0239 0x0664  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:42:23.0244 0x0664  NetPipeActivator - ok
04:42:23.0259 0x0664  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
04:42:23.0267 0x0664  netprofm - ok
04:42:23.0271 0x0664  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:42:23.0274 0x0664  NetTcpActivator - ok
04:42:23.0278 0x0664  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
04:42:23.0280 0x0664  NetTcpPortSharing - ok
04:42:23.0352 0x0664  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
04:42:23.0355 0x0664  nfrd960 - ok
04:42:23.0403 0x0664  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
04:42:23.0411 0x0664  NlaSvc - ok
04:42:23.0462 0x0664  [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
04:42:23.0463 0x0664  nmwcd - ok
04:42:23.0501 0x0664  [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
04:42:23.0504 0x0664  nmwcdc - ok
04:42:23.0508 0x0664  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
04:42:23.0511 0x0664  Npfs - ok
04:42:23.0548 0x0664  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
04:42:23.0550 0x0664  nsi - ok
04:42:23.0577 0x0664  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
04:42:23.0579 0x0664  nsiproxy - ok
04:42:23.0668 0x0664  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
04:42:23.0699 0x0664  Ntfs - ok
04:42:23.0720 0x0664  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
04:42:23.0721 0x0664  Null - ok
04:42:23.0744 0x0664  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
04:42:23.0750 0x0664  nvraid - ok
04:42:23.0759 0x0664  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
04:42:23.0765 0x0664  nvstor - ok
04:42:23.0771 0x0664  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
04:42:23.0776 0x0664  nv_agp - ok
04:42:23.0925 0x0664  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
04:42:23.0940 0x0664  odserv - ok
04:42:23.0958 0x0664  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
04:42:23.0961 0x0664  ohci1394 - ok
04:42:23.0993 0x0664  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
04:42:23.0999 0x0664  ose - ok
04:42:24.0038 0x0664  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
04:42:24.0044 0x0664  p2pimsvc - ok
04:42:24.0106 0x0664  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
04:42:24.0115 0x0664  p2psvc - ok
04:42:24.0164 0x0664  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
04:42:24.0166 0x0664  Parport - ok
04:42:24.0201 0x0664  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
04:42:24.0205 0x0664  partmgr - ok
04:42:24.0363 0x0664  [ F7865A4676556717D7AB6829B36FE964, 7EAB899989A02D5947669160BD4A68AB547FAB27F99042D8B37821EBA52DE128 ] pbfilter        C:\Program Files\PeerBlock\pbfilter.sys
04:42:24.0364 0x0664  pbfilter - ok
04:42:24.0389 0x0664  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
04:42:24.0395 0x0664  PcaSvc - ok
04:42:24.0476 0x0664  [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
04:42:24.0478 0x0664  pccsmcfd - ok
04:42:24.0525 0x0664  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
04:42:24.0529 0x0664  pci - ok
04:42:24.0545 0x0664  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
04:42:24.0546 0x0664  pciide - ok
04:42:24.0585 0x0664  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
04:42:24.0590 0x0664  pcmcia - ok
04:42:24.0593 0x0664  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
04:42:24.0595 0x0664  pcw - ok
04:42:24.0608 0x0664  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
04:42:24.0621 0x0664  PEAUTH - ok
04:42:24.0693 0x0664  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
04:42:24.0713 0x0664  PeerDistSvc - ok
04:42:24.0849 0x0664  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
04:42:24.0851 0x0664  PerfHost - ok
04:42:24.0918 0x0664  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
04:42:24.0946 0x0664  pla - ok
04:42:24.0999 0x0664  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
04:42:25.0006 0x0664  PlugPlay - ok
04:42:25.0022 0x0664  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
04:42:25.0024 0x0664  PNRPAutoReg - ok
04:42:25.0044 0x0664  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
04:42:25.0049 0x0664  PNRPsvc - ok
04:42:25.0103 0x0664  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
04:42:25.0118 0x0664  PolicyAgent - ok
04:42:25.0127 0x0664  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
04:42:25.0132 0x0664  Power - ok
04:42:25.0161 0x0664  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
04:42:25.0165 0x0664  PptpMiniport - ok
04:42:25.0199 0x0664  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
04:42:25.0201 0x0664  Processor - ok
04:42:25.0236 0x0664  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
04:42:25.0240 0x0664  ProfSvc - ok
04:42:25.0252 0x0664  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
04:42:25.0253 0x0664  ProtectedStorage - ok
04:42:25.0264 0x0664  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
04:42:25.0266 0x0664  Psched - ok
04:42:25.0334 0x0664  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
04:42:25.0362 0x0664  ql2300 - ok
04:42:25.0367 0x0664  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
04:42:25.0370 0x0664  ql40xx - ok
04:42:25.0408 0x0664  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
04:42:25.0413 0x0664  QWAVE - ok
04:42:25.0427 0x0664  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
04:42:25.0429 0x0664  QWAVEdrv - ok
04:42:25.0431 0x0664  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
04:42:25.0432 0x0664  RasAcd - ok
04:42:25.0483 0x0664  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
04:42:25.0486 0x0664  RasAgileVpn - ok
04:42:25.0504 0x0664  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
04:42:25.0509 0x0664  RasAuto - ok
04:42:25.0520 0x0664  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
04:42:25.0525 0x0664  Rasl2tp - ok
04:42:25.0547 0x0664  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
04:42:25.0557 0x0664  RasMan - ok
04:42:25.0562 0x0664  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
04:42:25.0565 0x0664  RasPppoe - ok
04:42:25.0569 0x0664  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
04:42:25.0572 0x0664  RasSstp - ok
04:42:25.0582 0x0664  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
04:42:25.0590 0x0664  rdbss - ok
04:42:25.0602 0x0664  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
04:42:25.0603 0x0664  rdpbus - ok
04:42:25.0605 0x0664  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
04:42:25.0606 0x0664  RDPCDD - ok
04:42:25.0664 0x0664  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
04:42:25.0671 0x0664  RDPDR - ok
04:42:25.0716 0x0664  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
04:42:25.0718 0x0664  RDPENCDD - ok
04:42:25.0729 0x0664  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
04:42:25.0731 0x0664  RDPREFMP - ok
04:42:25.0798 0x0664  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
04:42:25.0800 0x0664  RdpVideoMiniport - ok
04:42:25.0877 0x0664  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
04:42:25.0886 0x0664  RDPWD - ok
04:42:25.0896 0x0664  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
04:42:25.0902 0x0664  rdyboost - ok
04:42:25.0967 0x0664  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
04:42:25.0972 0x0664  RemoteAccess - ok
04:42:26.0006 0x0664  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
04:42:26.0013 0x0664  RemoteRegistry - ok
04:42:26.0060 0x0664  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
04:42:26.0064 0x0664  RpcEptMapper - ok
04:42:26.0076 0x0664  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
04:42:26.0078 0x0664  RpcLocator - ok
04:42:26.0112 0x0664  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
04:42:26.0125 0x0664  RpcSs - ok
04:42:26.0129 0x0664  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
04:42:26.0132 0x0664  rspndr - ok
04:42:26.0201 0x0664  [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187         C:\Windows\system32\DRIVERS\RTL8187.sys
04:42:26.0214 0x0664  RTL8187 - ok
04:42:26.0276 0x0664  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
04:42:26.0277 0x0664  s3cap - ok
04:42:26.0314 0x0664  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
04:42:26.0316 0x0664  SamSs - ok
04:42:26.0336 0x0664  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
04:42:26.0341 0x0664  sbp2port - ok
04:42:26.0399 0x0664  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
04:42:26.0405 0x0664  SCardSvr - ok
04:42:26.0412 0x0664  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
04:42:26.0413 0x0664  scfilter - ok
04:42:26.0449 0x0664  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
04:42:26.0465 0x0664  Schedule - ok
04:42:26.0515 0x0664  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
04:42:26.0517 0x0664  SCPolicySvc - ok
04:42:26.0529 0x0664  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
04:42:26.0533 0x0664  SDRSVC - ok
04:42:26.0547 0x0664  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
04:42:26.0548 0x0664  secdrv - ok
04:42:26.0560 0x0664  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
04:42:26.0562 0x0664  seclogon - ok
04:42:26.0570 0x0664  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
04:42:26.0572 0x0664  SENS - ok
04:42:26.0624 0x0664  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
04:42:26.0626 0x0664  SensrSvc - ok
04:42:26.0674 0x0664  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
04:42:26.0676 0x0664  Serenum - ok
04:42:26.0683 0x0664  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
04:42:26.0687 0x0664  Serial - ok
04:42:26.0742 0x0664  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
04:42:26.0745 0x0664  sermouse - ok
04:42:26.0858 0x0664  [ C3BB6CF8F9EE199005A2AAE2815AD756, 7A817599C2F3AD819D643223AA714CCCB790EE5983096D8D9CD2D626D6924837 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
04:42:26.0878 0x0664  ServiceLayer - ok
04:42:26.0904 0x0664  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
04:42:26.0909 0x0664  SessionEnv - ok
04:42:26.0925 0x0664  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
04:42:26.0926 0x0664  sffdisk - ok
04:42:26.0938 0x0664  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
04:42:26.0939 0x0664  sffp_mmc - ok
04:42:26.0942 0x0664  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
04:42:26.0943 0x0664  sffp_sd - ok
04:42:26.0946 0x0664  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
04:42:26.0947 0x0664  sfloppy - ok
04:42:26.0970 0x0664  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
04:42:26.0979 0x0664  SharedAccess - ok
04:42:27.0022 0x0664  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:42:27.0082 0x0664  ShellHWDetection - ok
04:42:27.0186 0x0664  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
04:42:27.0189 0x0664  SiSRaid2 - ok
04:42:27.0195 0x0664  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
04:42:27.0199 0x0664  SiSRaid4 - ok
04:42:27.0235 0x0664  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
04:42:27.0238 0x0664  Smb - ok
04:42:27.0286 0x0664  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
04:42:27.0288 0x0664  SNMPTRAP - ok
04:42:27.0301 0x0664  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
04:42:27.0303 0x0664  spldr - ok
04:42:27.0331 0x0664  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
04:42:27.0344 0x0664  Spooler - ok
04:42:27.0436 0x0664  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
04:42:27.0500 0x0664  sppsvc - ok
04:42:27.0505 0x0664  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
04:42:27.0508 0x0664  sppuinotify - ok
04:42:27.0531 0x0664  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
04:42:27.0540 0x0664  srv - ok
04:42:27.0549 0x0664  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
04:42:27.0557 0x0664  srv2 - ok
04:42:27.0562 0x0664  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
04:42:27.0566 0x0664  srvnet - ok
04:42:27.0584 0x0664  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
04:42:27.0589 0x0664  SSDPSRV - ok
04:42:27.0592 0x0664  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
04:42:27.0595 0x0664  SstpSvc - ok
04:42:27.0629 0x0664  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
04:42:27.0630 0x0664  stexstor - ok
04:42:27.0699 0x0664  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
04:42:27.0717 0x0664  stisvc - ok
04:42:27.0754 0x0664  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
04:42:27.0757 0x0664  storflt - ok
04:42:27.0814 0x0664  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
04:42:27.0816 0x0664  StorSvc - ok
04:42:27.0854 0x0664  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
04:42:27.0856 0x0664  storvsc - ok
04:42:27.0888 0x0664  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
04:42:27.0890 0x0664  swenum - ok
04:42:28.0057 0x0664  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04:42:28.0067 0x0664  SwitchBoard - ok
04:42:28.0121 0x0664  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
04:42:28.0131 0x0664  swprv - ok
04:42:28.0184 0x0664  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
04:42:28.0211 0x0664  SysMain - ok
04:42:28.0216 0x0664  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
04:42:28.0219 0x0664  TabletInputService - ok
04:42:28.0286 0x0664  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
04:42:28.0288 0x0664  tap0901 - ok
04:42:28.0302 0x0664  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
04:42:28.0315 0x0664  TapiSrv - ok
04:42:28.0330 0x0664  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
04:42:28.0332 0x0664  TBS - ok
04:42:28.0426 0x0664  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
04:42:28.0462 0x0664  Tcpip - ok
04:42:28.0499 0x0664  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
04:42:28.0526 0x0664  TCPIP6 - ok
04:42:28.0570 0x0664  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
04:42:28.0571 0x0664  tcpipreg - ok
04:42:28.0608 0x0664  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
04:42:28.0609 0x0664  TDPIPE - ok
04:42:28.0632 0x0664  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
04:42:28.0633 0x0664  TDTCP - ok
04:42:28.0663 0x0664  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
04:42:28.0666 0x0664  tdx - ok
04:42:28.0673 0x0664  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
04:42:28.0675 0x0664  TermDD - ok
04:42:28.0743 0x0664  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
04:42:28.0756 0x0664  TermService - ok
04:42:28.0771 0x0664  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
04:42:28.0773 0x0664  Themes - ok
04:42:28.0807 0x0664  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
04:42:28.0808 0x0664  THREADORDER - ok
04:42:28.0828 0x0664  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
04:42:28.0832 0x0664  TrkWks - ok
04:42:28.0895 0x0664  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
04:42:28.0903 0x0664  truecrypt - ok
04:42:29.0038 0x0664  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:42:29.0047 0x0664  TrustedInstaller - ok
04:42:29.0329 0x0664  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
04:42:29.0385 0x0664  tssecsrv - ok
04:42:29.0449 0x0664  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
04:42:29.0485 0x0664  TsUsbFlt - ok
04:42:29.0530 0x0664  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
04:42:29.0533 0x0664  TsUsbGD - ok
04:42:29.0578 0x0664  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
04:42:29.0583 0x0664  tunnel - ok
04:42:29.0601 0x0664  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
04:42:29.0604 0x0664  uagp35 - ok
04:42:29.0616 0x0664  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
04:42:29.0623 0x0664  udfs - ok
04:42:29.0649 0x0664  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
04:42:29.0652 0x0664  UI0Detect - ok
04:42:29.0655 0x0664  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
04:42:29.0658 0x0664  uliagpkx - ok
04:42:29.0661 0x0664  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
04:42:29.0664 0x0664  umbus - ok
04:42:29.0666 0x0664  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
04:42:29.0667 0x0664  UmPass - ok
04:42:29.0707 0x0664  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
04:42:29.0712 0x0664  UmRdpService - ok
04:42:29.0730 0x0664  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
04:42:29.0739 0x0664  upnphost - ok
04:42:29.0771 0x0664  [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
04:42:29.0773 0x0664  upperdev - ok
04:42:29.0822 0x0664  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
04:42:29.0826 0x0664  usbccgp - ok
04:42:29.0905 0x0664  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
04:42:29.0910 0x0664  usbcir - ok
04:42:29.0971 0x0664  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
04:42:29.0974 0x0664  usbehci - ok
04:42:29.0998 0x0664  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
04:42:30.0009 0x0664  usbhub - ok
04:42:30.0042 0x0664  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
04:42:30.0043 0x0664  usbohci - ok
04:42:30.0064 0x0664  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
04:42:30.0066 0x0664  usbprint - ok
04:42:30.0135 0x0664  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
04:42:30.0137 0x0664  usbser - ok
04:42:30.0160 0x0664  [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
04:42:30.0161 0x0664  UsbserFilt - ok
04:42:30.0193 0x0664  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:42:30.0196 0x0664  USBSTOR - ok
04:42:30.0266 0x0664  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
04:42:30.0268 0x0664  usbuhci - ok
04:42:30.0387 0x0664  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
04:42:30.0389 0x0664  UxSms - ok
04:42:30.0449 0x0664  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
04:42:30.0450 0x0664  VaultSvc - ok
04:42:30.0464 0x0664  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
04:42:30.0465 0x0664  vdrvroot - ok
04:42:30.0492 0x0664  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
04:42:30.0503 0x0664  vds - ok
04:42:30.0515 0x0664  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
04:42:30.0516 0x0664  vga - ok
04:42:30.0526 0x0664  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
04:42:30.0528 0x0664  VgaSave - ok
04:42:30.0552 0x0664  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
04:42:30.0560 0x0664  vhdmp - ok
04:42:30.0569 0x0664  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
04:42:30.0571 0x0664  viaide - ok
04:42:30.0625 0x0664  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
04:42:30.0629 0x0664  vmbus - ok
04:42:30.0632 0x0664  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
04:42:30.0633 0x0664  VMBusHID - ok
04:42:30.0668 0x0664  vmci - ok
04:42:30.0673 0x0664  VMnetAdapter - ok
04:42:30.0701 0x0664  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
04:42:30.0704 0x0664  volmgr - ok
04:42:30.0712 0x0664  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
04:42:30.0720 0x0664  volmgrx - ok
04:42:30.0727 0x0664  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
04:42:30.0733 0x0664  volsnap - ok
04:42:30.0792 0x0664  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
04:42:30.0795 0x0664  vsmraid - ok
04:42:31.0343 0x0664  [ 1928B9CA20F51BFBBAD54D2C2C447B13, BA9DADBD030ECE0A1CFAEB1ACCB5A54532A02CE2DEA505EE071D4D7A0F3501FB ] VSPerfDrv100    D:\Work Programs\Visual Studio 2010\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
04:42:31.0348 0x0664  VSPerfDrv100 - ok
04:42:31.0420 0x0664  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
04:42:31.0449 0x0664  VSS - ok
04:42:31.0460 0x0664  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
04:42:31.0460 0x0664  vwifibus - ok
04:42:31.0469 0x0664  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
04:42:31.0477 0x0664  W32Time - ok
04:42:31.0500 0x0664  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
04:42:31.0501 0x0664  WacomPen - ok
04:42:31.0505 0x0664  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
04:42:31.0507 0x0664  WANARP - ok
04:42:31.0510 0x0664  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
04:42:31.0512 0x0664  Wanarpv6 - ok
04:42:31.0615 0x0664  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
04:42:31.0648 0x0664  WatAdminSvc - ok
04:42:31.0681 0x0664  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
04:42:31.0709 0x0664  wbengine - ok
04:42:31.0727 0x0664  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
04:42:31.0732 0x0664  WbioSrvc - ok
04:42:31.0740 0x0664  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
04:42:31.0748 0x0664  wcncsvc - ok
04:42:31.0751 0x0664  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
04:42:31.0753 0x0664  WcsPlugInService - ok
04:42:31.0755 0x0664  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
04:42:31.0756 0x0664  Wd - ok
04:42:31.0808 0x0664  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
04:42:31.0823 0x0664  Wdf01000 - ok
04:42:31.0856 0x0664  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
04:42:31.0858 0x0664  WdiServiceHost - ok
04:42:31.0861 0x0664  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
04:42:31.0863 0x0664  WdiSystemHost - ok
04:42:31.0929 0x0664  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
04:42:31.0940 0x0664  WebClient - ok
04:42:31.0961 0x0664  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
04:42:31.0970 0x0664  Wecsvc - ok
04:42:31.0981 0x0664  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
04:42:31.0986 0x0664  wercplsupport - ok
04:42:32.0008 0x0664  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
04:42:32.0011 0x0664  WerSvc - ok
04:42:32.0039 0x0664  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
04:42:32.0040 0x0664  WfpLwf - ok
04:42:32.0088 0x0664  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
04:42:32.0090 0x0664  WIMMount - ok
04:42:32.0122 0x0664  WinDefend - ok
04:42:32.0128 0x0664  WinHttpAutoProxySvc - ok
04:42:32.0229 0x0664  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
04:42:32.0238 0x0664  Winmgmt - ok
04:42:32.0383 0x0664  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
04:42:32.0421 0x0664  WinRM - ok
04:42:32.0542 0x0664  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
04:42:32.0545 0x0664  WinUsb - ok
04:42:32.0602 0x0664  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
04:42:32.0615 0x0664  Wlansvc - ok
04:42:32.0653 0x0664  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
04:42:32.0654 0x0664  WmiAcpi - ok
04:42:32.0682 0x0664  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
04:42:32.0689 0x0664  wmiApSrv - ok
04:42:32.0700 0x0664  WMPNetworkSvc - ok
04:42:32.0730 0x0664  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
04:42:32.0732 0x0664  WPCSvc - ok
04:42:32.0748 0x0664  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
04:42:32.0753 0x0664  WPDBusEnum - ok
04:42:32.0811 0x0664  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
04:42:32.0813 0x0664  ws2ifsl - ok
04:42:32.0833 0x0664  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
04:42:32.0838 0x0664  wscsvc - ok
04:42:32.0841 0x0664  WSearch - ok
04:42:32.0983 0x0664  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
04:42:33.0099 0x0664  wuauserv - ok
04:42:33.0195 0x0664  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
04:42:33.0199 0x0664  WudfPf - ok
04:42:33.0238 0x0664  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
04:42:33.0244 0x0664  WUDFRd - ok
04:42:33.0276 0x0664  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
04:42:33.0280 0x0664  wudfsvc - ok
04:42:33.0311 0x0664  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
04:42:33.0320 0x0664  WwanSvc - ok
04:42:33.0395 0x0664  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
04:42:33.0414 0x0664  xnacc - ok
04:42:33.0435 0x0664  ================ Scan global ===============================
04:42:33.0465 0x0664  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
04:42:33.0521 0x0664  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
04:42:33.0539 0x0664  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
04:42:33.0585 0x0664  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
04:42:33.0611 0x0664  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
04:42:33.0619 0x0664  [ Global ] - ok
04:42:33.0620 0x0664  ================ Scan MBR ==================================
04:42:33.0622 0x0664  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
04:42:33.0981 0x0664  \Device\Harddisk0\DR0 - ok
04:42:33.0996 0x0664  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
04:42:34.0709 0x0664  \Device\Harddisk1\DR1 - ok
04:42:34.0709 0x0664  ================ Scan VBR ==================================
04:42:34.0711 0x0664  [ A675A87A4F7B61D5450D63568D37BE5F ] \Device\Harddisk0\DR0\Partition1
04:42:34.0787 0x0664  \Device\Harddisk0\DR0\Partition1 - ok
04:42:34.0789 0x0664  [ 29C225D9788FB41DDC94C4686732A26D ] \Device\Harddisk0\DR0\Partition2
04:42:34.0870 0x0664  \Device\Harddisk0\DR0\Partition2 - ok
04:42:34.0897 0x0664  [ 0827E70905710B26A588765FAF85D9F0 ] \Device\Harddisk0\DR0\Partition3
04:42:34.0897 0x0664  \Device\Harddisk0\DR0\Partition3 - ok
04:42:34.0899 0x0664  [ 57DFDC2B896940F53A9B25D4BF88E79B ] \Device\Harddisk0\DR0\Partition4
04:42:34.0899 0x0664  \Device\Harddisk0\DR0\Partition4 - ok
04:42:34.0902 0x0664  [ 3A257B0E16FDEAB76658624A6B800005 ] \Device\Harddisk0\DR0\Partition5
04:42:34.0940 0x0664  \Device\Harddisk0\DR0\Partition5 - ok
04:42:34.0942 0x0664  [ 6064E567B14BDB9DD5E9AA963B099C57 ] \Device\Harddisk0\DR0\Partition6
04:42:34.0942 0x0664  \Device\Harddisk0\DR0\Partition6 - ok
04:42:34.0944 0x0664  [ 5EF9839BDFCB584C948E8C3928994108 ] \Device\Harddisk0\DR0\Partition7
04:42:34.0945 0x0664  \Device\Harddisk0\DR0\Partition7 - ok
04:42:34.0947 0x0664  [ ABC24A020D4B6A207870B29C969778CF ] \Device\Harddisk1\DR1\Partition1
04:42:35.0057 0x0664  \Device\Harddisk1\DR1\Partition1 - ok
04:42:35.0060 0x0664  [ 5C8679F31223925ADC927BE6C85A78BE ] \Device\Harddisk1\DR1\Partition2
04:42:35.0142 0x0664  \Device\Harddisk1\DR1\Partition2 - ok
04:42:35.0189 0x0664  [ 752EA8F3EE9D51CEFC59452D9CFF45E2 ] \Device\Harddisk1\DR1\Partition3
04:42:35.0246 0x0664  \Device\Harddisk1\DR1\Partition3 - ok
04:42:35.0304 0x0664  [ AD62C39DBDAADA65A8AC1C839A5245FD ] \Device\Harddisk1\DR1\Partition4
04:42:35.0374 0x0664  \Device\Harddisk1\DR1\Partition4 - ok
04:42:35.0375 0x0664  ================ Scan generic autorun ======================
04:42:35.0734 0x0664  [ 66EB84DA5F31FDA757336444B8D1E3B2, FECAB747B321AD6ED2336C1FB2E756C39883275ED54A559CF7B6989DEA4DD7EB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
04:42:35.0978 0x0664  RtHDVCpl - ok
04:42:36.0225 0x0664  [ FF6D88207B5BC51696C45C8670A26AB8, 778D4C0CA6998A014C1B27A89B07327D54350CADE15051F187A5F6AA6FA52904 ] C:\Program Files\ESET\ESET Smart Security\egui.exe
04:42:36.0325 0x0664  egui - ok
04:42:36.0417 0x0664  CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} - ok
04:42:36.0558 0x0664  [ 4F521D834261058DACD22FC48CC72815, D10166DA58BC3CC67C16B95DA88C941B2620A09A8CAC76D3DEC5A4EF80C074DD ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
04:42:36.0572 0x0664  StartCCC - ok
04:42:36.0573 0x0664  Sidebar - ok
04:42:36.0676 0x0664  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
04:42:36.0679 0x0664  mctadmin - ok
04:42:36.0679 0x0664  Sidebar - ok
04:42:36.0683 0x0664  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
04:42:36.0685 0x0664  mctadmin - ok
04:42:36.0744 0x0664  [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files (x86)\RocketDock\RocketDock.exe
04:42:36.0753 0x0664  RocketDock - ok
04:42:37.0016 0x0664  [ CF73D8EA5C44CFB5F8CD2EB3AAD6DF3E, F7533B37E28631C9267DBDE04BC39325419D5B7FEE64C5BF5296A7DC667AF1E2 ] C:\Program Files\PeerBlock\peerblock.exe
04:42:37.0063 0x0664  PeerBlock - ok
04:42:37.0237 0x0664  [ D447736259F18CBCA9E4CE09465CBB5D, 650AA65B2EE50F5420BA49073E865E84BBAC8D553F3A1015C90FECD2F6F7156F ] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
04:42:37.0288 0x0664  IDMan - ok
04:42:37.0291 0x0664  Waiting for KSN requests completion. In queue: 8
04:42:38.0291 0x0664  Waiting for KSN requests completion. In queue: 8
04:42:39.0291 0x0664  Waiting for KSN requests completion. In queue: 8
04:42:40.0291 0x0664  Waiting for KSN requests completion. In queue: 8
04:42:41.0367 0x0664  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe (  ), 0x41000 ( enabled : updated )
04:42:41.0371 0x0664  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe (  ), 0x40010 ( disabled )
04:42:41.0371 0x0664  FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (  ), 0x61010 ( enabled )
04:42:42.0023 0x0664  ============================================================
04:42:42.0023 0x0664  Scan finished
04:42:42.0023 0x0664  ============================================================
04:42:42.0028 0x0b04  Detected object count: 0
04:42:42.0028 0x0b04  Actual detected object count: 0

 

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

 

Here is "AdwCleaner[S0].txt":

 

 

# AdwCleaner v4.107 - Report created 17/01/2015 at 04:47:16
# Updated 07/01/2015 by Xplode
# Database : 2014-12-21.4 [Local]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Skull - SKULL-PC
# Running from : C:\Users\Skull\Downloads\Programs\Advanced malware removal\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Skull\AppData\Roaming\Mozilla\Firefox\Profiles\yae2sut1.default\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v28.0 (en-US)


-\\ Google Chrome v

[C:\Users\Skull\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Skull\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [1621 octets] - [17/01/2015 04:45:29]
AdwCleaner[S0].txt - [1548 octets] - [17/01/2015 04:47:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1608 octets] ##########

 

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

 

And "JRT.txt":

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Skull on Sat 01/17/2015 at  4:53:43.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Skull\AppData\Roaming\mozilla\firefox\profiles\yae2sut1.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/17/2015 at  4:56:45.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

_____________________________________________________________________

 

Lastly, about the ESet one... I currently have ESet Smart security (30 day free trial) installed, and I have done a full scan once I installed it but it came out with no detections. Shall I do the ESet online scan too? (knowing that my internet connection is not that good).






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users