Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hurri rootkit


  • This topic is locked This topic is locked
36 replies to this topic

#1 sendmebeer

sendmebeer

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 19 March 2015 - 01:52 PM

Hi there, back again after a number of virus free years.

 

Avast is detecting a rootkit called Hurri. Please find attached a screenshot/snip of the message from avast.

I have run ccleaner, adaware, malewarebytes and non of these have found any infection.

 

So what to do next? I shall await further instructions from one of your incredibly knowledgeable and helpful experts.

 

Regards

Brendan

Attached Files


Edited by sendmebeer, 19 March 2015 - 01:56 PM.


BC AdBot (Login to Remove)

 


#2 sendmebeer

sendmebeer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 19 March 2015 - 02:08 PM

Scans from FRST

Attached Files



#3 sendmebeer

sendmebeer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 19 March 2015 - 02:09 PM

For some reason I cannot attach this log file, so cut and paste it is. Sorry

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by millernizam (administrator) on MILLERNIZAM-PC on 19-03-2015 21:05:33
Running from C:\Users\millernizam\Downloads
Loaded Profiles: millernizam (Available profiles: millernizam)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(http://www.ruby-lang.org/) C:\Users\millernizam\AppData\Local\Temp\ocr364B.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\millernizam\AppData\Local\Temp\ocr5BC5.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
() C:\Program Files\pia_manager\openvpn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-705870241-3325048264-2110044704-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\Users\millernizam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\millernizam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-705870241-3325048264-2110044704-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-705870241-3325048264-2110044704-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-17] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} ->  No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-28] (Oracle Corporation)
BHO-x32: No Name -> {82D2E569-25A7-4e4d-9FA3-C5025B4B7912} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-17] (Avast Software s.r.o.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -  No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - No Name - {945C8270-A848-11d5-A805-00B0D092F45B} -  No File
Toolbar: HKU\S-1-5-21-705870241-3325048264-2110044704-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll [2015-01-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll [2015-01-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-18]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2015-01-18]
 
Chrome: 
=======
CHR StartupUrls: Default -> "https://www.google.co.uk/"
CHR Profile: C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-18]
CHR Extension: (Google Drive) - C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-18]
CHR Extension: (YouTube) - C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-18]
CHR Extension: (Google Search) - C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Skype Click to Call) - C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-19]
CHR Extension: (Google Wallet) - C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-18]
CHR Extension: (Gmail) - C:\Users\millernizam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-17] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-17] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-01-18] (Macrovision Europe Ltd.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-17] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-17] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-17] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-17] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-17] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-17] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
R3 SPC530; C:\Windows\System32\drivers\SPC530.sys [583168 2008-05-21] (                                                            )
R3 SPC530m; C:\Windows\System32\drivers\SPC530m.sys [8192 2008-05-21] (                                                            )
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-17] (Avast Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-19 21:05 - 2015-03-19 21:05 - 02095616 _____ (Farbar) C:\Users\millernizam\Downloads\FRST64.exe
2015-03-19 21:05 - 2015-03-19 21:05 - 00021259 _____ () C:\Users\millernizam\Downloads\FRST.txt
2015-03-19 21:05 - 2015-03-19 21:05 - 00000000 ____D () C:\FRST
2015-03-19 20:37 - 2015-03-19 20:37 - 00000000 ___SD () C:\ComboFix
2015-03-19 20:33 - 2015-03-19 20:33 - 00035586 _____ () C:\ComboFix.txt
2015-03-19 19:44 - 2015-03-19 20:37 - 00000000 ____D () C:\Windows\erdnt
2015-03-19 19:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-19 19:06 - 2015-03-19 19:31 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-19 19:06 - 2015-03-19 19:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-19 19:06 - 2015-03-19 19:06 - 02171392 _____ () C:\Users\millernizam\Downloads\adwcleaner_4.112.exe
2015-03-19 19:06 - 2015-03-19 19:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-19 19:04 - 2015-03-19 19:24 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-19 19:04 - 2015-03-19 19:04 - 00000000 ____D () C:\Users\millernizam\maleware
2015-03-17 20:54 - 2015-03-17 20:54 - 00002075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-bit.lnk
2015-03-17 20:54 - 2015-03-17 20:54 - 00002055 _____ () C:\Users\Public\Desktop\Lightroom 5.7 64-bit.lnk
2015-03-17 18:59 - 2015-03-19 20:37 - 00000560 _____ () C:\Windows\setupact.log
2015-03-17 18:59 - 2015-03-19 20:34 - 00006498 _____ () C:\Windows\PFRO.log
2015-03-17 18:59 - 2015-03-17 18:59 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-17 18:37 - 2015-03-17 18:37 - 00000000 ____D () C:\Users\millernizam\Documents\Adobe
2015-03-17 18:36 - 2015-03-17 18:36 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-17 18:36 - 2015-03-17 18:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-17 18:30 - 2015-03-17 20:49 - 00000000 ____D () C:\Users\millernizam\Desktop\Adobe
2015-03-17 18:29 - 2015-03-17 18:30 - 00000197 _____ () C:\Windows\system32\2015-03-17-16-29-51.007-AvastVBoxSVC.exe-2748.log
2015-03-17 06:43 - 2015-03-17 06:43 - 00000197 _____ () C:\Windows\system32\2015-03-17-04-43-43.050-AvastVBoxSVC.exe-2764.log
2015-03-16 16:32 - 2015-03-16 16:33 - 00000197 _____ () C:\Windows\system32\2015-03-16-14-32-36.070-AvastVBoxSVC.exe-2996.log
2015-03-14 18:18 - 2015-03-14 18:18 - 00000197 _____ () C:\Windows\system32\2015-03-14-16-18-30.008-AvastVBoxSVC.exe-2844.log
2015-03-14 18:16 - 2015-03-17 18:55 - 00000000 ____D () C:\Windows\Minidump
2015-03-13 19:36 - 2015-03-13 19:37 - 00000197 _____ () C:\Windows\system32\2015-03-13-17-36-50.075-AvastVBoxSVC.exe-2568.log
2015-03-13 19:06 - 2015-03-13 19:07 - 00000197 _____ () C:\Windows\system32\2015-03-13-17-06-40.043-AvastVBoxSVC.exe-2836.log
2015-03-13 16:10 - 2015-03-13 16:10 - 00050735 ____H () C:\Users\millernizam\Desktop\~WRL2445.tmp
2015-03-13 15:27 - 2015-03-13 15:27 - 00000197 _____ () C:\Windows\system32\2015-03-13-13-27-16.020-AvastVBoxSVC.exe-2844.log
2015-03-13 15:27 - 2015-03-13 15:27 - 00000118 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-03-12 16:09 - 2015-03-12 16:10 - 00000197 _____ () C:\Windows\system32\2015-03-12-14-09-47.052-AvastVBoxSVC.exe-2612.log
2015-03-12 16:09 - 2015-03-12 16:09 - 00000425 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-03-11 19:05 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 19:05 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 19:05 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 19:05 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 19:05 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 19:05 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 19:05 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 19:05 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 19:05 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 19:05 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 19:05 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 19:05 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 19:05 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 19:05 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 19:05 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 19:05 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 19:05 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 19:05 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 19:05 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 19:05 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 19:05 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 19:05 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 19:05 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 19:05 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 19:05 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 19:05 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 19:05 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 19:05 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 19:05 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 19:05 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 19:05 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 19:05 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 19:05 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 19:05 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 19:05 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 18:58 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 18:58 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 18:58 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 18:58 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 18:58 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 18:58 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 18:58 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 18:58 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 18:58 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 18:58 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 18:58 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 18:58 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 18:58 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 18:58 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 18:58 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 18:58 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 18:58 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 18:58 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 18:58 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 18:58 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 18:58 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 18:58 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 18:58 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 18:51 - 2015-03-11 18:51 - 00000197 _____ () C:\Windows\system32\2015-03-11-16-51-52.075-AvastVBoxSVC.exe-2656.log
2015-03-11 18:50 - 2015-03-19 21:05 - 00749692 _____ () C:\Windows\system32\perfh00C.dat
2015-03-11 18:50 - 2015-03-19 21:05 - 00747474 _____ () C:\Windows\system32\perfh013.dat
2015-03-11 18:50 - 2015-03-19 21:05 - 00485478 _____ () C:\Windows\system32\perfh00B.dat
2015-03-11 18:50 - 2015-03-19 21:05 - 00156946 _____ () C:\Windows\system32\perfc013.dat
2015-03-11 18:50 - 2015-03-19 21:05 - 00153424 _____ () C:\Windows\system32\perfc00C.dat
2015-03-11 18:50 - 2015-03-19 21:05 - 00105364 _____ () C:\Windows\system32\perfc00B.dat
2015-03-11 18:50 - 2015-03-11 17:46 - 00344522 _____ () C:\Windows\system32\perfi00C.dat
2015-03-11 18:50 - 2015-03-11 17:46 - 00038160 _____ () C:\Windows\system32\perfd00C.dat
2015-03-11 18:50 - 2015-03-11 17:41 - 00341322 _____ () C:\Windows\system32\perfi013.dat
2015-03-11 18:50 - 2015-03-11 17:41 - 00043068 _____ () C:\Windows\system32\perfd013.dat
2015-03-11 18:50 - 2015-03-11 17:37 - 00279790 _____ () C:\Windows\system32\perfi00B.dat
2015-03-11 18:50 - 2015-03-11 17:37 - 00038258 _____ () C:\Windows\system32\perfd00B.dat
2015-03-11 18:48 - 2015-03-11 18:48 - 00000000 ____D () C:\Windows\SysWOW64\fr
2015-03-11 18:48 - 2015-03-11 18:48 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\et-EE
2015-03-11 18:48 - 2015-03-11 18:48 - 00000000 ____D () C:\Windows\SysWOW64\040C
2015-03-11 18:48 - 2015-03-11 18:48 - 00000000 ____D () C:\Windows\system32\fr
2015-03-11 18:48 - 2015-03-11 18:48 - 00000000 ____D () C:\Windows\system32\Drivers\et-EE
2015-03-11 18:48 - 2015-03-11 18:48 - 00000000 ____D () C:\Windows\system32\040C
2015-03-11 18:48 - 2015-03-11 18:48 - 00000000 ____D () C:\Windows\et-EE
2015-03-11 18:47 - 2015-03-11 18:48 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-03-11 18:47 - 2015-03-11 18:47 - 00000000 ____D () C:\Windows\SysWOW64\nl
2015-03-11 18:47 - 2015-03-11 18:47 - 00000000 ____D () C:\Windows\SysWOW64\fi
2015-03-11 18:47 - 2015-03-11 18:47 - 00000000 ____D () C:\Windows\SysWOW64\0413
2015-03-11 18:47 - 2015-03-11 18:47 - 00000000 ____D () C:\Windows\system32\nl
2015-03-11 18:47 - 2015-03-11 18:47 - 00000000 ____D () C:\Windows\system32\fi
2015-03-11 18:47 - 2015-03-11 18:47 - 00000000 ____D () C:\Windows\system32\0413
2015-03-11 18:46 - 2015-03-11 18:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-11 18:45 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-11 18:45 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-11 18:32 - 2008-05-21 14:30 - 00583168 _____ ( ) C:\Windows\system32\Drivers\SPC530.sys
2015-03-11 18:32 - 2008-05-21 14:30 - 00323584 _____ (Philips) C:\Windows\SysWOW64\stvspc.ax
2015-03-11 18:32 - 2008-05-21 14:30 - 00008192 _____ ( ) C:\Windows\system32\Drivers\SPC530m.sys
2015-03-11 18:21 - 2015-03-11 18:21 - 00000000 ____D () C:\Program Files\Intel
2015-03-11 18:21 - 2015-03-11 18:21 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-03-11 17:53 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-03-11 17:53 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-03-11 17:53 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-03-11 17:53 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-03-11 17:53 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-03-11 17:53 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-03-11 17:53 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-03-11 17:53 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-03-11 17:35 - 2015-03-11 17:35 - 00002693 _____ () C:\Windows\system32\RaCoInst.log
2015-03-11 17:35 - 2015-03-11 17:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_phaudlwr_01005.Wdf
2015-03-11 17:34 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-03-11 17:34 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-03-11 16:49 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-03-11 16:49 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-03-11 16:49 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-11 16:49 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-11 16:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-03-11 16:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-03-11 16:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-03-11 16:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-03-11 16:49 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-03-11 16:49 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-03-11 16:49 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-03-11 16:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-03-11 16:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-03-11 16:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-03-11 16:49 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-03-11 16:49 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-03-11 16:49 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-03-11 16:49 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-03-11 16:49 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-03-11 16:49 - 2011-03-11 08:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-03-11 16:49 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-03-11 16:49 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-03-11 16:49 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-03-11 16:49 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-03-11 16:49 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-03-11 16:49 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-03-11 16:49 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-03-11 16:49 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-03-11 16:49 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-03-11 16:48 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-03-11 16:48 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-03-11 16:48 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-03-11 16:48 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-03-11 16:48 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-03-11 16:48 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-03-11 16:48 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-03-11 16:48 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-03-11 16:48 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-03-11 16:48 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-03-11 16:48 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-03-11 16:48 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-03-11 16:48 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-03-11 16:48 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-03-11 16:48 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-03-11 16:48 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-03-11 16:48 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-03-11 16:48 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-03-11 16:48 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-03-11 16:48 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-03-11 16:48 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-03-11 16:48 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-03-11 16:48 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-03-11 16:48 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-03-11 16:48 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-03-11 16:48 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-03-11 16:48 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-03-11 16:48 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-03-11 16:48 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-03-11 16:48 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-03-11 16:48 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-03-11 16:47 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-11 16:47 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-11 16:47 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-11 16:47 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-11 16:47 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-11 16:47 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-11 16:47 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-03-11 16:47 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-03-11 16:47 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-03-11 16:47 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-11 16:47 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-11 16:47 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-03-11 16:47 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-03-11 16:47 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-03-11 16:47 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-03-11 16:47 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-03-11 16:47 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-03-11 16:47 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-03-11 16:47 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-03-11 16:47 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-03-11 16:47 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-03-11 16:47 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-03-11 16:47 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 16:47 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-03-11 16:47 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-03-11 16:47 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-03-11 16:47 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-03-11 16:47 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-03-11 16:44 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 16:44 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 16:44 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 16:44 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 16:44 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 16:44 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 16:44 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 16:44 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 16:44 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 16:44 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 16:44 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 16:44 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 16:44 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 16:44 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 16:44 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 16:44 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 16:44 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 16:44 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 16:44 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 16:44 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 16:44 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 16:44 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 16:44 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 16:44 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 16:44 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 16:44 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:44 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 16:44 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 16:44 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 16:44 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 16:44 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 16:44 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 16:44 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 16:44 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 16:44 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 16:44 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 16:44 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 16:44 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 16:44 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 16:44 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 16:44 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 16:44 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:44 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 16:44 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 16:44 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 16:44 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 16:44 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 16:44 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 16:44 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 16:44 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 16:44 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 16:44 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 16:44 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 16:44 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 16:44 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 16:44 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 16:44 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 16:44 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 16:44 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 16:44 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 16:44 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 16:44 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 16:44 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 16:44 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 16:44 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 16:44 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 16:43 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 16:43 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 16:43 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 16:43 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 16:42 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 16:42 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:42 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:42 - 2015-01-31 05:48 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 16:42 - 2015-01-31 05:05 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 16:42 - 2015-01-31 05:04 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 16:42 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 16:42 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 16:37 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 16:37 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 16:32 - 2015-03-11 16:33 - 00000197 _____ () C:\Windows\system32\2015-03-11-14-32-34.060-AvastVBoxSVC.exe-2448.log
2015-03-10 18:40 - 2015-03-10 18:41 - 00000197 _____ () C:\Windows\system32\2015-03-10-16-40-41.086-AvastVBoxSVC.exe-2636.log
2015-03-09 17:04 - 2015-03-09 17:05 - 00000197 _____ () C:\Windows\system32\2015-03-09-15-04-48.038-AvastVBoxSVC.exe-2660.log
2015-03-07 10:30 - 2015-03-07 10:31 - 00000197 _____ () C:\Windows\system32\2015-03-07-08-30-27.014-AvastVBoxSVC.exe-2428.log
2015-03-06 19:14 - 2015-03-06 19:14 - 00000247 _____ () C:\Windows\system32\2015-03-06-17-14-37.009-aswFe.exe-5408.log
2015-03-06 19:10 - 2015-03-06 19:14 - 00000247 _____ () C:\Windows\system32\2015-03-06-17-10-31.082-aswFe.exe-3700.log
2015-03-06 19:10 - 2015-03-06 19:10 - 00000197 _____ () C:\Windows\system32\2015-03-06-17-10-28.045-AvastVBoxSVC.exe-3456.log
2015-03-06 19:09 - 2015-03-06 19:09 - 00000197 _____ () C:\Windows\system32\2015-03-06-17-09-27.084-AvastVBoxSVC.exe-2388.log
2015-03-06 19:02 - 2015-03-06 19:03 - 00000197 _____ () C:\Windows\system32\2015-03-06-17-02-52.008-AvastVBoxSVC.exe-2492.log
2015-03-06 18:37 - 2015-03-06 18:37 - 00000000 ____D () C:\Users\millernizam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2015-03-06 18:37 - 2015-03-06 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2015-03-06 18:37 - 2015-03-06 18:37 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2015-03-06 17:59 - 2015-03-06 17:59 - 00000197 _____ () C:\Windows\system32\2015-03-06-15-59-13.057-AvastVBoxSVC.exe-2568.log
2015-03-06 14:35 - 2015-03-06 14:35 - 00000197 _____ () C:\Windows\system32\2015-03-06-12-35-14.051-AvastVBoxSVC.exe-2544.log
2015-03-06 14:12 - 2015-03-06 14:12 - 00000197 _____ () C:\Windows\system32\2015-03-06-12-12-51.000-AvastVBoxSVC.exe-2476.log
2015-03-06 13:48 - 2015-03-06 13:48 - 00000197 _____ () C:\Windows\system32\2015-03-06-11-48-10.061-AvastVBoxSVC.exe-2480.log
2015-03-06 12:54 - 2015-03-06 12:54 - 00000197 _____ () C:\Windows\system32\2015-03-06-10-54-12.007-AvastVBoxSVC.exe-2564.log
2015-03-06 11:38 - 2015-03-06 11:38 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-06 11:38 - 2015-03-06 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-06 11:38 - 2015-03-06 11:38 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-06 11:38 - 2015-03-06 11:38 - 00000000 ____D () C:\Program Files\iTunes
2015-03-06 11:38 - 2015-03-06 11:38 - 00000000 ____D () C:\Program Files\iPod
2015-03-06 11:38 - 2015-03-06 11:38 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-06 11:02 - 2015-03-09 22:22 - 00000000 ____D () C:\ProgramData\Suunto
2015-03-06 11:02 - 2015-03-06 11:02 - 00684377 _____ () C:\Windows\unins000.exe
2015-03-06 11:02 - 2015-03-06 11:02 - 00002484 _____ () C:\Windows\unins000.dat
2015-03-06 11:02 - 2015-03-06 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suunto
2015-03-06 11:02 - 2015-03-06 11:02 - 00000000 ____D () C:\Program Files (x86)\Suunto
2015-03-06 11:02 - 2008-11-27 18:11 - 00383488 _____ (Borland Software Corporation) C:\Windows\midas.dll
2015-03-06 11:02 - 2008-03-13 14:52 - 00054600 _____ (FTDI Ltd.) C:\Windows\system32\ftserui2.dll
2015-03-06 11:02 - 2008-03-13 14:51 - 00068800 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys
2015-03-06 11:02 - 2008-03-13 14:50 - 00202048 _____ (FTDI Ltd.) C:\Windows\SysWOW64\ftd2xx.dll
2015-03-06 11:02 - 2008-03-13 14:49 - 00320840 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll
2015-03-06 11:02 - 2008-03-13 14:49 - 00270144 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll
2015-03-06 11:02 - 2008-03-13 14:49 - 00143680 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll
2015-03-06 11:02 - 2008-03-13 14:49 - 00084288 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftser2k.sys
2015-03-06 11:02 - 2008-01-15 17:47 - 00458752 _____ (Macromedia) C:\Windows\HHActiveX.dll
2015-03-06 10:58 - 2015-03-06 10:59 - 00000197 _____ () C:\Windows\system32\2015-03-06-08-58-55.031-AvastVBoxSVC.exe-2560.log
2015-03-05 19:46 - 2015-03-05 19:46 - 00000197 _____ () C:\Windows\system32\2015-03-05-17-46-20.058-AvastVBoxSVC.exe-2344.log
2015-03-04 16:30 - 2015-03-04 16:31 - 00000197 _____ () C:\Windows\system32\2015-03-04-14-30-41.008-AvastVBoxSVC.exe-2496.log
2015-03-03 20:42 - 2015-03-03 20:42 - 00301056 _____ () C:\Users\millernizam\Downloads\timetable Cairo 2014.pbsqlite
2015-03-03 20:07 - 2015-03-03 20:08 - 00000197 _____ () C:\Windows\system32\2015-03-03-18-07-57.076-AvastVBoxSVC.exe-2532.log
2015-03-02 22:01 - 2015-03-02 22:01 - 00000197 _____ () C:\Windows\system32\2015-03-02-20-01-50.007-AvastVBoxSVC.exe-2452.log
2015-03-02 22:00 - 2015-03-02 22:06 - 00000000 ____D () C:\Users\millernizam\AppData\Local\Microsoft Games
2015-03-02 21:26 - 2015-03-02 21:26 - 00000197 _____ () C:\Windows\system32\2015-03-02-19-26-38.074-AvastVBoxSVC.exe-2452.log
2015-03-02 19:03 - 2015-03-02 19:03 - 00000197 _____ () C:\Windows\system32\2015-03-02-17-03-41.052-AvastVBoxSVC.exe-2468.log
2015-03-02 16:35 - 2015-03-02 16:35 - 00000197 _____ () C:\Windows\system32\2015-03-02-14-35-17.045-AvastVBoxSVC.exe-2508.log
2015-03-01 06:16 - 2015-03-01 06:16 - 00000247 _____ () C:\Windows\system32\2015-03-01-04-16-41.043-aswFe.exe-704.log
2015-03-01 06:13 - 2015-03-01 06:16 - 00000247 _____ () C:\Windows\system32\2015-03-01-04-13-08.047-aswFe.exe-4880.log
2015-03-01 06:13 - 2015-03-01 06:13 - 00000197 _____ () C:\Windows\system32\2015-03-01-04-13-06.001-AvastVBoxSVC.exe-4312.log
2015-02-28 22:00 - 2015-02-28 22:00 - 00000197 _____ () C:\Windows\system32\2015-02-28-20-00-18.026-AvastVBoxSVC.exe-2364.log
2015-02-28 21:56 - 2015-03-19 19:19 - 00000000 ____D () C:\AdwCleaner
2015-02-28 21:43 - 2015-02-28 21:43 - 00000000 ____D () C:\Users\millernizam\AppData\Local\Hellmansoft
2015-02-28 21:41 - 2015-02-28 21:41 - 00000000 ____D () C:\Users\millernizam\AppData\Local\Downloaded Installations
2015-02-28 21:41 - 2015-02-28 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hellmansoft
2015-02-28 21:41 - 2015-02-28 21:41 - 00000000 ____D () C:\Program Files (x86)\Hellmansoft
2015-02-28 21:37 - 2015-02-28 21:37 - 00000197 _____ () C:\Windows\system32\2015-02-28-19-37-03.090-AvastVBoxSVC.exe-2648.log
2015-02-28 17:39 - 2015-02-28 17:39 - 00000197 _____ () C:\Windows\system32\2015-02-28-15-39-19.012-AvastVBoxSVC.exe-2484.log
2015-02-28 17:19 - 2015-02-28 17:19 - 00000197 _____ () C:\Windows\system32\2015-02-28-15-19-09.025-AvastVBoxSVC.exe-2476.log
2015-02-28 16:04 - 2015-02-28 16:04 - 00000197 _____ () C:\Windows\system32\2015-02-28-14-04-53.016-AvastVBoxSVC.exe-2508.log
2015-02-28 14:26 - 2015-02-28 14:26 - 00000197 _____ () C:\Windows\system32\2015-02-28-12-26-45.008-AvastVBoxSVC.exe-2536.log
2015-02-28 11:59 - 2015-02-28 12:00 - 00000197 _____ () C:\Windows\system32\2015-02-28-09-59-49.015-AvastVBoxSVC.exe-2792.log
2015-02-27 18:41 - 2015-02-27 18:41 - 00000197 _____ () C:\Windows\system32\2015-02-27-16-41-16.085-AvastVBoxSVC.exe-2508.log
2015-02-26 16:23 - 2015-02-26 16:23 - 00000000 ____D () C:\Users\millernizam\AppData\Roaming\EndNote
2015-02-26 16:22 - 2015-02-26 16:22 - 00000000 ____D () C:\ProgramData\Thomson.ResearchSoft.Installers
2015-02-26 16:22 - 2015-02-26 16:22 - 00000000 ____D () C:\Program Files\Common Files\ResearchSoft
2015-02-26 16:22 - 2015-02-26 16:22 - 00000000 ____D () C:\Program Files (x86)\EndNote Plug-Ins
2015-02-26 15:30 - 2015-02-26 15:30 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-30-43.025-AvastVBoxSVC.exe-2384.log
2015-02-24 18:15 - 2015-03-06 17:59 - 00000000 ____D () C:\Users\millernizam\AppData\Roaming\OBS
2015-02-24 18:15 - 2015-03-06 17:58 - 00000000 ____D () C:\Program Files (x86)\OBS
2015-02-24 18:15 - 2015-02-24 18:15 - 00000935 _____ () C:\Users\millernizam\Desktop\Open Broadcaster Software.lnk
2015-02-24 18:15 - 2015-02-24 18:15 - 00000000 ____D () C:\Users\millernizam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-02-24 18:15 - 2015-02-24 18:15 - 00000000 ____D () C:\Program Files\OBS
2015-02-24 18:02 - 2015-02-24 18:02 - 00000197 _____ () C:\Windows\system32\2015-02-24-16-02-15.001-AvastVBoxSVC.exe-2444.log
2015-02-23 06:04 - 2015-02-23 06:04 - 00000197 _____ () C:\Windows\system32\2015-02-23-04-04-16.091-AvastVBoxSVC.exe-2612.log
2015-02-21 22:08 - 2015-02-21 22:09 - 00000197 _____ () C:\Windows\system32\2015-02-21-20-08-39.096-AvastVBoxSVC.exe-2528.log
2015-02-19 17:59 - 2015-02-19 21:55 - 00000000 ____D () C:\Fraps
2015-02-19 17:51 - 2015-02-19 17:51 - 00000197 _____ () C:\Windows\system32\2015-02-19-15-51-52.082-AvastVBoxSVC.exe-2544.log
2015-02-19 17:13 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-02-19 17:13 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-02-19 17:13 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-02-19 17:13 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-02-19 17:13 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-02-19 17:13 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-02-19 17:13 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-02-19 17:13 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-02-19 17:13 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-02-19 17:13 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-02-19 17:13 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-02-19 17:13 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-02-19 17:13 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-02-19 17:13 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-02-19 17:13 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-02-19 17:13 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-02-19 17:13 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-02-19 17:13 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-02-19 17:13 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-02-19 17:13 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-02-19 17:13 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-02-19 17:13 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-02-19 17:13 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-02-19 17:13 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-02-19 17:13 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-02-19 17:13 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-02-19 17:13 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-02-19 17:13 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-02-19 17:13 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-02-19 17:13 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-02-19 17:13 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-02-19 17:13 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-02-19 17:13 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-02-19 17:13 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-02-19 17:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-02-19 17:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-02-19 17:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-02-19 17:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-02-19 17:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-02-19 17:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-02-19 17:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-02-19 17:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-02-19 17:13 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-02-19 17:13 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-02-19 17:13 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-02-19 17:13 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-02-19 17:13 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-02-19 17:13 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-02-19 17:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-02-19 17:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-02-19 17:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-02-19 17:13 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-02-19 17:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-02-19 17:13 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-02-19 17:13 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-02-19 17:13 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-02-19 17:13 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-02-19 17:13 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-02-19 17:13 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-02-19 17:13 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-02-19 17:13 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-02-19 17:13 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-02-19 17:13 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-02-19 17:13 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-02-19 17:13 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-02-19 17:13 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-02-19 17:13 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-02-19 17:13 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-02-19 17:13 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-02-19 17:13 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-02-19 17:13 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-02-19 17:13 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-02-19 17:13 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-02-19 17:13 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-02-19 17:13 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-02-19 17:13 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-02-19 17:13 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-02-19 17:13 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-02-19 17:13 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-02-19 17:13 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-02-19 17:13 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-02-19 17:13 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-02-19 17:13 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-02-19 17:13 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-02-19 17:13 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-02-19 17:13 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-02-19 17:13 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-02-19 17:13 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-02-19 17:13 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-02-19 17:13 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-02-19 17:13 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-02-19 17:13 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-02-19 17:13 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-02-19 17:13 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-02-19 17:13 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-02-19 17:13 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-02-19 17:13 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-02-19 17:13 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-02-19 17:13 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-02-19 17:13 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-02-19 17:13 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-02-19 17:13 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-02-19 17:13 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-02-19 17:13 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-02-19 17:13 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-02-19 17:13 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-02-19 17:13 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-02-19 17:13 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-02-19 17:13 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-02-19 17:13 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-02-19 17:13 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-02-19 17:13 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-02-19 17:13 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-02-19 17:13 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-02-19 17:13 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-02-19 17:13 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-02-19 17:13 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-02-19 17:13 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-02-19 17:13 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-02-19 17:13 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-02-19 17:13 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-02-19 17:13 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-02-19 17:13 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-02-19 17:13 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-02-19 17:13 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-02-19 17:13 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-02-19 17:13 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-02-19 17:13 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-02-19 17:13 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-02-19 17:13 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-02-19 17:13 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-02-19 17:13 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-02-19 17:13 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-02-19 17:13 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-02-19 17:13 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-02-19 17:13 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-02-19 17:13 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-02-19 17:13 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-02-19 17:13 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-02-19 17:13 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-02-19 17:13 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-02-19 17:13 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-02-19 17:13 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-02-19 17:13 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-02-19 17:13 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-02-19 17:13 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-02-19 17:13 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-02-19 17:13 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-02-19 17:13 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-02-19 17:13 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-02-19 17:13 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-02-19 17:13 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-02-19 17:13 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-02-19 17:13 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-02-19 17:13 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-02-19 17:13 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-02-19 17:13 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-02-19 17:13 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-02-19 17:13 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-02-19 17:13 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-02-19 17:13 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-02-19 17:13 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-02-19 17:13 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-02-19 17:13 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-02-19 16:59 - 2015-02-19 17:13 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-19 16:54 - 2015-02-19 16:54 - 00000000 ____D () C:\Users\millernizam\AppData\Local\Steam
2015-02-19 16:32 - 2015-02-19 16:32 - 00000197 _____ () C:\Windows\system32\2015-02-19-14-32-18.062-AvastVBoxSVC.exe-2576.log
2015-02-17 16:46 - 2015-02-17 16:47 - 00000197 _____ () C:\Windows\system32\2015-02-17-14-46-44.035-AvastVBoxSVC.exe-2512.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-19 21:05 - 2009-07-14 07:13 - 03128022 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-19 20:59 - 2015-01-19 16:40 - 00005004 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for millernizam-PC-millernizam millernizam-PC
2015-03-19 20:59 - 2009-07-14 06:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-19 20:59 - 2009-07-14 06:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-19 20:51 - 2015-01-18 22:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-19 20:41 - 2015-01-19 05:06 - 01148496 _____ () C:\Windows\WindowsUpdate.log
2015-03-19 20:37 - 2015-01-18 19:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-19 20:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-19 20:32 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-19 20:26 - 2015-01-18 19:14 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 19:04 - 2015-01-18 19:11 - 00000000 ____D () C:\Users\millernizam
2015-03-17 22:23 - 2015-01-19 22:24 - 00000000 ____D () C:\Users\millernizam\AppData\Roaming\vlc
2015-03-17 20:53 - 2015-01-18 20:57 - 00000000 ____D () C:\Program Files\Adobe
2015-03-17 18:59 - 2015-01-18 20:24 - 00000000 ____D () C:\Users\millernizam\AppData\Roaming\Adobe
2015-03-17 18:55 - 2015-01-18 21:56 - 00000000 ____D () C:\Users\millernizam\AppData\Roaming\uTorrent
2015-03-17 18:37 - 2015-01-18 20:24 - 00000000 ____D () C:\Users\millernizam\AppData\Local\Adobe
2015-03-17 18:36 - 2015-01-18 19:31 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-17 18:36 - 2015-01-18 19:31 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-17 18:36 - 2015-01-18 19:31 - 00268640 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-17 18:36 - 2015-01-18 19:31 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-17 18:36 - 2015-01-18 19:31 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-17 18:36 - 2015-01-18 19:31 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-17 18:36 - 2015-01-18 19:31 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-17 18:36 - 2015-01-18 19:31 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-17 18:36 - 2015-01-18 19:31 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-17 18:33 - 2015-01-18 20:56 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-17 18:33 - 2015-01-18 20:21 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-16 21:12 - 2015-02-16 20:32 - 00000000 ____D () C:\Users\millernizam\Desktop\Tanya policy
2015-03-14 13:50 - 2015-01-24 19:20 - 00000000 ____D () C:\Program Files (x86)\BookSmart
2015-03-13 16:28 - 2015-01-18 19:18 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-12 17:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-12 16:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2015-03-12 16:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\et-EE
2015-03-12 16:10 - 2015-01-18 19:14 - 00118824 _____ () C:\Users\millernizam\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-12 16:09 - 2015-01-18 08:09 - 00000000 ____D () C:\Intel
2015-03-12 16:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-12 16:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 18:49 - 2009-07-14 06:45 - 04996472 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 18:48 - 2009-07-14 09:46 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\winrm
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\WCN
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\slmgr
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-03-11 18:48 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-03-11 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-03-11 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-11 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-11 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-11 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-03-11 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-03-11 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-11 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2015-03-11 18:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-11 18:29 - 2015-01-18 20:24 - 00765656 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-11 17:52 - 2015-01-19 06:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 17:47 - 2015-01-19 06:11 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-06 11:38 - 2015-01-18 22:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-01 20:20 - 2015-01-19 06:38 - 00000000 ____D () C:\Users\millernizam\AppData\Roaming\Skype
2015-03-01 16:48 - 2015-01-19 06:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-01 16:48 - 2015-01-19 06:38 - 00000000 ____D () C:\ProgramData\Skype
2015-03-01 10:06 - 2015-01-18 22:34 - 00000000 ____D () C:\Users\Public\CineForm
2015-03-01 10:05 - 2015-01-18 21:34 - 00000000 ____D () C:\ProgramData\Temp
2015-02-26 16:19 - 2015-01-18 20:43 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-24 18:15 - 2015-01-19 21:11 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 03:17 - 2015-01-18 19:40 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
 
2010-05-19 04:00 - 2010-05-19 04:00 - 0102400 _____ (Digital River, Inc.) C:\Program Files (x86)\Common Files\eWebControl365.dll
2012-08-31 08:01 - 2012-08-31 08:01 - 0348160 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\msvcr71.dll
2015-01-18 22:57 - 2015-01-18 22:57 - 0118724 _____ () C:\Users\millernizam\AppData\Local\30FDB2F6_stp.CIS
2015-01-18 22:57 - 2015-01-18 22:57 - 0000318 _____ () C:\Users\millernizam\AppData\Local\30FDB2F6_stp.CIS.part
 
Some content of TEMP:
====================
C:\Users\millernizam\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbvt4bz.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-15 16:48
 
==================== End Of Log ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:06 PM

Posted 19 March 2015 - 02:37 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

tdss.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 sendmebeer

sendmebeer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 19 March 2015 - 04:34 PM

Hi Jurgen.

Thank you for your reply. Please find attached the log as requested. 

1 threat was detected.

I am going to sleep now and will be turning my computer off. Is it ok to turn the pc off whilst we are trying to remove the virus?

Regards

Brendan

 

 

23:25:24.0974 0x0bcc  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
23:25:29.0919 0x0bcc  ============================================================
23:25:29.0919 0x0bcc  Current date / time: 2015/03/19 23:25:29.0919
23:25:29.0919 0x0bcc  SystemInfo:
23:25:29.0920 0x0bcc  
23:25:29.0920 0x0bcc  OS Version: 6.1.7601 ServicePack: 1.0
23:25:29.0920 0x0bcc  Product type: Workstation
23:25:29.0920 0x0bcc  ComputerName: MILLERNIZAM-PC
23:25:29.0920 0x0bcc  UserName: millernizam
23:25:29.0920 0x0bcc  Windows directory: C:\Windows
23:25:29.0920 0x0bcc  System windows directory: C:\Windows
23:25:29.0920 0x0bcc  Running under WOW64
23:25:29.0920 0x0bcc  Processor architecture: Intel x64
23:25:29.0920 0x0bcc  Number of processors: 4
23:25:29.0920 0x0bcc  Page size: 0x1000
23:25:29.0920 0x0bcc  Boot type: Normal boot
23:25:29.0920 0x0bcc  ============================================================
23:25:30.0335 0x0bcc  KLMD registered as C:\Windows\system32\drivers\99061394.sys
23:25:30.0435 0x0bcc  System UUID: {4EB44279-DE74-E15C-6783-627E3A51ED41}
23:25:30.0711 0x0bcc  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:25:30.0711 0x0bcc  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:25:30.0720 0x0bcc  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:25:30.0726 0x0bcc  ============================================================
23:25:30.0726 0x0bcc  \Device\Harddisk2\DR2:
23:25:30.0726 0x0bcc  MBR partitions:
23:25:30.0726 0x0bcc  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
23:25:30.0726 0x0bcc  \Device\Harddisk0\DR0:
23:25:30.0726 0x0bcc  MBR partitions:
23:25:30.0726 0x0bcc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:25:30.0726 0x0bcc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
23:25:30.0726 0x0bcc  \Device\Harddisk1\DR1:
23:25:30.0726 0x0bcc  MBR partitions:
23:25:30.0726 0x0bcc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
23:25:30.0726 0x0bcc  ============================================================
23:25:30.0727 0x0bcc  C: <-> \Device\Harddisk0\DR0\Partition2
23:25:30.0758 0x0bcc  F: <-> \Device\Harddisk2\DR2\Partition1
23:25:30.0781 0x0bcc  E: <-> \Device\Harddisk1\DR1\Partition1
23:25:30.0782 0x0bcc  ============================================================
23:25:30.0782 0x0bcc  Initialize success
23:25:30.0782 0x0bcc  ============================================================
23:26:03.0970 0x1a8c  ============================================================
23:26:03.0970 0x1a8c  Scan started
23:26:03.0970 0x1a8c  Mode: Manual; SigCheck; TDLFS; 
23:26:03.0970 0x1a8c  ============================================================
23:26:03.0970 0x1a8c  KSN ping started
23:26:09.0415 0x1a8c  KSN ping finished: true
23:26:10.0002 0x1a8c  ================ Scan system memory ========================
23:26:10.0002 0x1a8c  System memory - ok
23:26:10.0003 0x1a8c  ================ Scan services =============================
23:26:10.0096 0x1a8c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:26:10.0160 0x1a8c  1394ohci - ok
23:26:10.0172 0x1a8c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:26:10.0183 0x1a8c  ACPI - ok
23:26:10.0190 0x1a8c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:26:10.0199 0x1a8c  AcpiPmi - ok
23:26:10.0224 0x1a8c  [ CB1719E3EA00A0C114A8AD2655F43754, B38D21C4A7A83904CADEBA96A56AA5D1807C412A8E0BEFC889DF20D02941E570 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:26:10.0233 0x1a8c  AdobeFlashPlayerUpdateSvc - ok
23:26:10.0249 0x1a8c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:26:10.0263 0x1a8c  adp94xx - ok
23:26:10.0270 0x1a8c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:26:10.0281 0x1a8c  adpahci - ok
23:26:10.0286 0x1a8c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:26:10.0294 0x1a8c  adpu320 - ok
23:26:10.0298 0x1a8c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:26:10.0319 0x1a8c  AeLookupSvc - ok
23:26:10.0328 0x1a8c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
23:26:10.0344 0x1a8c  AFD - ok
23:26:10.0347 0x1a8c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:26:10.0354 0x1a8c  agp440 - ok
23:26:10.0357 0x1a8c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:26:10.0366 0x1a8c  ALG - ok
23:26:10.0369 0x1a8c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:26:10.0374 0x1a8c  aliide - ok
23:26:10.0380 0x1a8c  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:26:10.0393 0x1a8c  AMD External Events Utility - ok
23:26:10.0396 0x1a8c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:26:10.0402 0x1a8c  amdide - ok
23:26:10.0405 0x1a8c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:26:10.0413 0x1a8c  AmdK8 - ok
23:26:10.0712 0x1a8c  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:26:11.0013 0x1a8c  amdkmdag - ok
23:26:11.0044 0x1a8c  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:26:11.0062 0x1a8c  amdkmdap - ok
23:26:11.0066 0x1a8c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:26:11.0073 0x1a8c  AmdPPM - ok
23:26:11.0077 0x1a8c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:26:11.0084 0x1a8c  amdsata - ok
23:26:11.0090 0x1a8c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:26:11.0098 0x1a8c  amdsbs - ok
23:26:11.0101 0x1a8c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:26:11.0106 0x1a8c  amdxata - ok
23:26:11.0111 0x1a8c  [ 4D8EBB1749651A5BAF59EB89878B2EE4, EE1DE79F078D60978219EEECB29520D6BC035D69A3D5C86C232BA1B92F55577D ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
23:26:11.0123 0x1a8c  AnyDVD - ok
23:26:11.0126 0x1a8c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
23:26:11.0134 0x1a8c  AppID - ok
23:26:11.0136 0x1a8c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:26:11.0145 0x1a8c  AppIDSvc - ok
23:26:11.0148 0x1a8c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
23:26:11.0156 0x1a8c  Appinfo - ok
23:26:11.0162 0x1a8c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:26:11.0168 0x1a8c  Apple Mobile Device Service - ok
23:26:11.0174 0x1a8c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:26:11.0184 0x1a8c  AppMgmt - ok
23:26:11.0187 0x1a8c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:26:11.0194 0x1a8c  arc - ok
23:26:11.0198 0x1a8c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:26:11.0205 0x1a8c  arcsas - ok
23:26:11.0216 0x1a8c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:26:11.0223 0x1a8c  aspnet_state - ok
23:26:11.0226 0x1a8c  [ BA4B999D245287608A79C92CDAE6F3C1, 799CC0FB185FDF3438687184944E6F6AB6EE73B3B542542D3C13C0FF1A8C0276 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
23:26:11.0233 0x1a8c  aswHwid - ok
23:26:11.0237 0x1a8c  [ 245D3A0670491E1F88759EC45C9F7314, 1FFBDDDC6FCD29770B439933EEB8BE1ABA9149193932B2481720E8E9F265A797 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
23:26:11.0244 0x1a8c  aswMonFlt - ok
23:26:11.0248 0x1a8c  [ BC18D5B42B19564BA09156410E1FB9BE, 0DA9636632462208AE4D360BFE5A8187644B036A0D43E981665D888A5363B953 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
23:26:11.0256 0x1a8c  aswRdr - ok
23:26:11.0259 0x1a8c  [ 713AFFD4E38553AEF04617C985B4030B, A09FBE4D49390024E8CF93352EACEB5AC53BEE5A4E5A76F5BE0341F8A002C4DD ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
23:26:11.0266 0x1a8c  aswRvrt - ok
23:26:11.0285 0x1a8c  [ 669F6B37965756E407B447272B5EE39F, FE2C0A8F96415191650485AED637A45B26E7B9A25A4BFB5D809844BD24FD6BA9 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
23:26:11.0307 0x1a8c  aswSnx - ok
23:26:11.0317 0x1a8c  [ 3A145C94A519E52FE7E99460DD0DF53C, 91E9544B1B72FCC32463BF34838DAA9F14DCABF3BE9FE9382087ACDB3B4FC598 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
23:26:11.0329 0x1a8c  aswSP - ok
23:26:11.0334 0x1a8c  [ 8CDA894FA86D03FB43063D5FD85EFCAE, 20D110ACC84300514557AB6E565CFA0101DA749559B52877A41A509E79314AF6 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
23:26:11.0343 0x1a8c  aswStm - ok
23:26:11.0349 0x1a8c  [ 11644D8399F4AC8BB12C2364DCB87CB4, 828C3A03AB9D5F0650C7B90B7479CCAAD586B22BB7AC6DB7C91E8D9D80427DFB ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
23:26:11.0360 0x1a8c  aswVmm - ok
23:26:11.0363 0x1a8c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:26:11.0383 0x1a8c  AsyncMac - ok
23:26:11.0386 0x1a8c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:26:11.0391 0x1a8c  atapi - ok
23:26:11.0396 0x1a8c  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:26:11.0404 0x1a8c  AtiHDAudioService - ok
23:26:11.0417 0x1a8c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:26:11.0434 0x1a8c  AudioEndpointBuilder - ok
23:26:11.0447 0x1a8c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:26:11.0465 0x1a8c  AudioSrv - ok
23:26:11.0475 0x1a8c  [ 35714DC1ADD995681D890D4382C75721, C1D10F2D47D348DCEA363B676E35A363FE8FA0E24295C4AD90F7EA37826A822D ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:26:11.0486 0x1a8c  avast! Antivirus - ok
23:26:11.0547 0x1a8c  [ 986B03BCC7679B181EC540249956B080, 35FD1229DD016B0837A2879E685A830034DD36D5F52ECBAFA358299DCB126989 ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
23:26:11.0617 0x1a8c  AvastVBoxSvc - ok
23:26:11.0624 0x1a8c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:26:11.0636 0x1a8c  AxInstSV - ok
23:26:11.0646 0x1a8c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:26:11.0659 0x1a8c  b06bdrv - ok
23:26:11.0666 0x1a8c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:26:11.0677 0x1a8c  b57nd60a - ok
23:26:11.0681 0x1a8c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:26:11.0690 0x1a8c  BDESVC - ok
23:26:11.0692 0x1a8c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:26:11.0712 0x1a8c  Beep - ok
23:26:11.0724 0x1a8c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:26:11.0742 0x1a8c  BFE - ok
23:26:11.0758 0x1a8c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:26:11.0792 0x1a8c  BITS - ok
23:26:11.0796 0x1a8c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:26:11.0804 0x1a8c  blbdrive - ok
23:26:11.0813 0x1a8c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:26:11.0824 0x1a8c  Bonjour Service - ok
23:26:11.0828 0x1a8c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:26:11.0836 0x1a8c  bowser - ok
23:26:11.0838 0x1a8c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:26:11.0848 0x1a8c  BrFiltLo - ok
23:26:11.0851 0x1a8c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:26:11.0860 0x1a8c  BrFiltUp - ok
23:26:11.0864 0x1a8c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:26:11.0885 0x1a8c  BridgeMP - ok
23:26:11.0890 0x1a8c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:26:11.0899 0x1a8c  Browser - ok
23:26:11.0906 0x1a8c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:26:11.0917 0x1a8c  Brserid - ok
23:26:11.0920 0x1a8c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:26:11.0929 0x1a8c  BrSerWdm - ok
23:26:11.0932 0x1a8c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:26:11.0941 0x1a8c  BrUsbMdm - ok
23:26:11.0944 0x1a8c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:26:11.0951 0x1a8c  BrUsbSer - ok
23:26:11.0954 0x1a8c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:26:11.0964 0x1a8c  BTHMODEM - ok
23:26:11.0969 0x1a8c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:26:11.0990 0x1a8c  bthserv - ok
23:26:12.0014 0x1a8c  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
23:26:12.0044 0x1a8c  c2cautoupdatesvc - ok
23:26:12.0075 0x1a8c  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
23:26:12.0110 0x1a8c  c2cpnrsvc - ok
23:26:12.0114 0x1a8c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:26:12.0136 0x1a8c  cdfs - ok
23:26:12.0141 0x1a8c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
23:26:12.0150 0x1a8c  cdrom - ok
23:26:12.0154 0x1a8c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:26:12.0175 0x1a8c  CertPropSvc - ok
23:26:12.0178 0x1a8c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:26:12.0187 0x1a8c  circlass - ok
23:26:12.0195 0x1a8c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
23:26:12.0207 0x1a8c  CLFS - ok
23:26:12.0212 0x1a8c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:26:12.0219 0x1a8c  clr_optimization_v2.0.50727_32 - ok
23:26:12.0224 0x1a8c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:26:12.0230 0x1a8c  clr_optimization_v2.0.50727_64 - ok
23:26:12.0239 0x1a8c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:26:12.0248 0x1a8c  clr_optimization_v4.0.30319_32 - ok
23:26:12.0252 0x1a8c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:26:12.0260 0x1a8c  clr_optimization_v4.0.30319_64 - ok
23:26:12.0263 0x1a8c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:26:12.0270 0x1a8c  CmBatt - ok
23:26:12.0273 0x1a8c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:26:12.0278 0x1a8c  cmdide - ok
23:26:12.0288 0x1a8c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
23:26:12.0303 0x1a8c  CNG - ok
23:26:12.0306 0x1a8c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:26:12.0312 0x1a8c  Compbatt - ok
23:26:12.0315 0x1a8c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:26:12.0324 0x1a8c  CompositeBus - ok
23:26:12.0326 0x1a8c  COMSysApp - ok
23:26:12.0351 0x1a8c  [ 1154D3FBD01C35A2F9A2073BCB366452, 02F8CBDD8E2F321711528CFFC46E9F0B60CC779C34164E387E2E53DEB518B674 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
23:26:12.0363 0x1a8c  cphs - ok
23:26:12.0366 0x1a8c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:26:12.0372 0x1a8c  crcdisk - ok
23:26:12.0379 0x1a8c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:26:12.0389 0x1a8c  CryptSvc - ok
23:26:12.0399 0x1a8c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
23:26:12.0412 0x1a8c  CSC - ok
23:26:12.0425 0x1a8c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
23:26:12.0447 0x1a8c  CscService - ok
23:26:12.0458 0x1a8c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:26:12.0487 0x1a8c  DcomLaunch - ok
23:26:12.0494 0x1a8c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:26:12.0519 0x1a8c  defragsvc - ok
23:26:12.0522 0x1a8c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:26:12.0544 0x1a8c  DfsC - ok
23:26:12.0551 0x1a8c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:26:12.0564 0x1a8c  Dhcp - ok
23:26:12.0567 0x1a8c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:26:12.0588 0x1a8c  discache - ok
23:26:12.0591 0x1a8c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:26:12.0598 0x1a8c  Disk - ok
23:26:12.0603 0x1a8c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:26:12.0613 0x1a8c  Dnscache - ok
23:26:12.0618 0x1a8c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:26:12.0642 0x1a8c  dot3svc - ok
23:26:12.0658 0x1a8c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:26:12.0681 0x1a8c  DPS - ok
23:26:12.0684 0x1a8c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:26:12.0691 0x1a8c  drmkaud - ok
23:26:12.0709 0x1a8c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:26:12.0729 0x1a8c  DXGKrnl - ok
23:26:12.0734 0x1a8c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:26:12.0757 0x1a8c  EapHost - ok
23:26:12.0809 0x1a8c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:26:12.0865 0x1a8c  ebdrv - ok
23:26:12.0871 0x1a8c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
23:26:12.0880 0x1a8c  EFS - ok
23:26:12.0893 0x1a8c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:26:12.0911 0x1a8c  ehRecvr - ok
23:26:12.0915 0x1a8c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:26:12.0924 0x1a8c  ehSched - ok
23:26:12.0927 0x1a8c  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
23:26:12.0934 0x1a8c  ElbyCDFL - ok
23:26:12.0937 0x1a8c  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
23:26:12.0944 0x1a8c  ElbyCDIO - ok
23:26:12.0954 0x1a8c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:26:12.0968 0x1a8c  elxstor - ok
23:26:12.0971 0x1a8c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:26:12.0979 0x1a8c  ErrDev - ok
23:26:12.0988 0x1a8c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:26:13.0016 0x1a8c  EventSystem - ok
23:26:13.0021 0x1a8c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:26:13.0044 0x1a8c  exfat - ok
23:26:13.0050 0x1a8c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:26:13.0073 0x1a8c  fastfat - ok
23:26:13.0087 0x1a8c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:26:13.0106 0x1a8c  Fax - ok
23:26:13.0109 0x1a8c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:26:13.0117 0x1a8c  fdc - ok
23:26:13.0120 0x1a8c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:26:13.0142 0x1a8c  fdPHost - ok
23:26:13.0145 0x1a8c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:26:13.0167 0x1a8c  FDResPub - ok
23:26:13.0170 0x1a8c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:26:13.0177 0x1a8c  FileInfo - ok
23:26:13.0179 0x1a8c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:26:13.0200 0x1a8c  Filetrace - ok
23:26:13.0212 0x1a8c  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:26:13.0227 0x1a8c  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
23:26:23.0291 0x1a8c  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:26:28.0224 0x1a8c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:26:28.0250 0x1a8c  flpydisk - ok
23:26:28.0260 0x1a8c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:26:28.0277 0x1a8c  FltMgr - ok
23:26:28.0309 0x1a8c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
23:26:28.0348 0x1a8c  FontCache - ok
23:26:28.0353 0x1a8c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:26:28.0359 0x1a8c  FontCache3.0.0.0 - ok
23:26:28.0362 0x1a8c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:26:28.0369 0x1a8c  FsDepends - ok
23:26:28.0372 0x1a8c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:26:28.0378 0x1a8c  Fs_Rec - ok
23:26:28.0382 0x1a8c  [ 0F210048C6BFBFBC0F50816BCE40B575, 73C015B6EE647A875BD124254542FF8759264D51F331FF95D14675C1599FAD94 ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
23:26:28.0388 0x1a8c  FTDIBUS - ok
23:26:28.0391 0x1a8c  [ 814F098B02095814A8BEBBF86D13FC90, 16203CC697F335ED4773AA13A2C340B47847CCBF7CF036E844E6759576BF31CE ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
23:26:28.0397 0x1a8c  FTSER2K - ok
23:26:28.0402 0x1a8c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:26:28.0413 0x1a8c  fvevol - ok
23:26:28.0417 0x1a8c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:26:28.0423 0x1a8c  gagp30kx - ok
23:26:28.0426 0x1a8c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:26:28.0431 0x1a8c  GEARAspiWDM - ok
23:26:28.0445 0x1a8c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:26:28.0478 0x1a8c  gpsvc - ok
23:26:28.0482 0x1a8c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:26:28.0488 0x1a8c  gupdate - ok
23:26:28.0491 0x1a8c  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:26:28.0497 0x1a8c  gupdatem - ok
23:26:28.0500 0x1a8c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:26:28.0507 0x1a8c  hcw85cir - ok
23:26:28.0515 0x1a8c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:26:28.0529 0x1a8c  HdAudAddService - ok
23:26:28.0533 0x1a8c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:26:28.0544 0x1a8c  HDAudBus - ok
23:26:28.0547 0x1a8c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:26:28.0555 0x1a8c  HidBatt - ok
23:26:28.0558 0x1a8c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:26:28.0568 0x1a8c  HidBth - ok
23:26:28.0571 0x1a8c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:26:28.0580 0x1a8c  HidIr - ok
23:26:28.0583 0x1a8c  [ D42E350C3F5B9DDCE7BDDB109B413109, F015CCAB3719B1834DF3EE0265D905675C743F116526A2882B6077E540B8A74F ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
23:26:28.0588 0x1a8c  hidkmdf - ok
23:26:28.0590 0x1a8c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
23:26:28.0612 0x1a8c  hidserv - ok
23:26:28.0615 0x1a8c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:26:28.0622 0x1a8c  HidUsb - ok
23:26:28.0625 0x1a8c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:26:28.0648 0x1a8c  hkmsvc - ok
23:26:28.0653 0x1a8c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:26:28.0664 0x1a8c  HomeGroupListener - ok
23:26:28.0669 0x1a8c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:26:28.0681 0x1a8c  HomeGroupProvider - ok
23:26:28.0684 0x1a8c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:26:28.0691 0x1a8c  HpSAMD - ok
23:26:28.0703 0x1a8c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:26:28.0734 0x1a8c  HTTP - ok
23:26:28.0737 0x1a8c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:26:28.0743 0x1a8c  hwpolicy - ok
23:26:28.0747 0x1a8c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:26:28.0756 0x1a8c  i8042prt - ok
23:26:28.0766 0x1a8c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:26:28.0778 0x1a8c  iaStorV - ok
23:26:28.0794 0x1a8c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:26:28.0812 0x1a8c  idsvc - ok
23:26:28.0827 0x1a8c  IEEtwCollectorService - ok
23:26:28.0900 0x1a8c  [ 09F8023A17EE9EB0897A1B195428192B, 2DF018A24766E32E16F4B4FA9DA3D095BA42702B6869D4D1624A5EBF83805AF2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:26:29.0004 0x1a8c  igfx - ok
23:26:29.0014 0x1a8c  [ F64E1962751A6DAA3FBB6210D6751E22, 972046FB7F0B443F9251F2F5B4AF0F8BAC2046B3EA295428BC888AAA568EC737 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
23:26:29.0026 0x1a8c  igfxCUIService1.0.0.0 - ok
23:26:29.0029 0x1a8c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:26:29.0036 0x1a8c  iirsp - ok
23:26:29.0052 0x1a8c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:26:29.0072 0x1a8c  IKEEXT - ok
23:26:29.0076 0x1a8c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:26:29.0082 0x1a8c  intelide - ok
23:26:29.0085 0x1a8c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:26:29.0092 0x1a8c  intelppm - ok
23:26:29.0096 0x1a8c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:26:29.0119 0x1a8c  IPBusEnum - ok
23:26:29.0122 0x1a8c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:26:29.0142 0x1a8c  IpFilterDriver - ok
23:26:29.0154 0x1a8c  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:26:29.0183 0x1a8c  iphlpsvc - ok
23:26:29.0187 0x1a8c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:26:29.0194 0x1a8c  IPMIDRV - ok
23:26:29.0198 0x1a8c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:26:29.0220 0x1a8c  IPNAT - ok
23:26:29.0232 0x1a8c  [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:26:29.0246 0x1a8c  iPod Service - ok
23:26:29.0250 0x1a8c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:26:29.0259 0x1a8c  IRENUM - ok
23:26:29.0262 0x1a8c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:26:29.0268 0x1a8c  isapnp - ok
23:26:29.0274 0x1a8c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:26:29.0284 0x1a8c  iScsiPrt - ok
23:26:29.0292 0x1a8c  [ C6E8FB7FF41877378CCB30DE6E9941DF, CA808A00C0CC21C1C7BE54F0D1E5D3F24C0032BE821C064E0A63901F20F3C6BC ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
23:26:29.0304 0x1a8c  iusb3hub - ok
23:26:29.0318 0x1a8c  [ 6FBA980433B2B21604CE990FBF542D3F, ACB35A5558DD9EF9A339C9D061207AF5527D3AEFC9AC99AB6CFBA1CE92F8B62D ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
23:26:29.0336 0x1a8c  iusb3xhc - ok
23:26:29.0339 0x1a8c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:26:29.0347 0x1a8c  kbdclass - ok
23:26:29.0350 0x1a8c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:26:29.0357 0x1a8c  kbdhid - ok
23:26:29.0360 0x1a8c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
23:26:29.0368 0x1a8c  KeyIso - ok
23:26:29.0371 0x1a8c  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:26:29.0378 0x1a8c  KSecDD - ok
23:26:29.0383 0x1a8c  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:26:29.0391 0x1a8c  KSecPkg - ok
23:26:29.0393 0x1a8c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:26:29.0413 0x1a8c  ksthunk - ok
23:26:29.0421 0x1a8c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:26:29.0448 0x1a8c  KtmRm - ok
23:26:29.0454 0x1a8c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:26:29.0479 0x1a8c  LanmanServer - ok
23:26:29.0483 0x1a8c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:26:29.0506 0x1a8c  LanmanWorkstation - ok
23:26:29.0510 0x1a8c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:26:29.0531 0x1a8c  lltdio - ok
23:26:29.0538 0x1a8c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:26:29.0565 0x1a8c  lltdsvc - ok
23:26:29.0568 0x1a8c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:26:29.0590 0x1a8c  lmhosts - ok
23:26:29.0595 0x1a8c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:26:29.0603 0x1a8c  LSI_FC - ok
23:26:29.0607 0x1a8c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:26:29.0614 0x1a8c  LSI_SAS - ok
23:26:29.0618 0x1a8c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:26:29.0624 0x1a8c  LSI_SAS2 - ok
23:26:29.0628 0x1a8c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:26:29.0635 0x1a8c  LSI_SCSI - ok
23:26:29.0639 0x1a8c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:26:29.0662 0x1a8c  luafv - ok
23:26:29.0665 0x1a8c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:26:29.0675 0x1a8c  Mcx2Svc - ok
23:26:29.0677 0x1a8c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:26:29.0684 0x1a8c  megasas - ok
23:26:29.0690 0x1a8c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:26:29.0700 0x1a8c  MegaSR - ok
23:26:29.0704 0x1a8c  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
23:26:29.0713 0x1a8c  MEIx64 - ok
23:26:29.0717 0x1a8c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:26:29.0739 0x1a8c  MMCSS - ok
23:26:29.0742 0x1a8c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:26:29.0764 0x1a8c  Modem - ok
23:26:29.0767 0x1a8c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:26:29.0776 0x1a8c  monitor - ok
23:26:29.0778 0x1a8c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:26:29.0785 0x1a8c  mouclass - ok
23:26:29.0788 0x1a8c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:26:29.0795 0x1a8c  mouhid - ok
23:26:29.0799 0x1a8c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:26:29.0806 0x1a8c  mountmgr - ok
23:26:29.0811 0x1a8c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:26:29.0819 0x1a8c  mpio - ok
23:26:29.0822 0x1a8c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:26:29.0845 0x1a8c  mpsdrv - ok
23:26:29.0860 0x1a8c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:26:29.0895 0x1a8c  MpsSvc - ok
23:26:29.0900 0x1a8c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:26:29.0910 0x1a8c  MRxDAV - ok
23:26:29.0915 0x1a8c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:26:29.0924 0x1a8c  mrxsmb - ok
23:26:29.0931 0x1a8c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:26:29.0942 0x1a8c  mrxsmb10 - ok
23:26:29.0950 0x1a8c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:26:29.0958 0x1a8c  mrxsmb20 - ok
23:26:29.0961 0x1a8c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:26:29.0968 0x1a8c  msahci - ok
23:26:29.0972 0x1a8c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:26:29.0980 0x1a8c  msdsm - ok
23:26:29.0984 0x1a8c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:26:29.0995 0x1a8c  MSDTC - ok
23:26:30.0006 0x1a8c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:26:30.0028 0x1a8c  Msfs - ok
23:26:30.0030 0x1a8c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:26:30.0051 0x1a8c  mshidkmdf - ok
23:26:30.0053 0x1a8c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:26:30.0059 0x1a8c  msisadrv - ok
23:26:30.0064 0x1a8c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:26:30.0088 0x1a8c  MSiSCSI - ok
23:26:30.0090 0x1a8c  msiserver - ok
23:26:30.0092 0x1a8c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:26:30.0113 0x1a8c  MSKSSRV - ok
23:26:30.0123 0x1a8c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:26:30.0143 0x1a8c  MSPCLOCK - ok
23:26:30.0146 0x1a8c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:26:30.0166 0x1a8c  MSPQM - ok
23:26:30.0176 0x1a8c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:26:30.0188 0x1a8c  MsRPC - ok
23:26:30.0192 0x1a8c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:26:30.0198 0x1a8c  mssmbios - ok
23:26:30.0201 0x1a8c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:26:30.0221 0x1a8c  MSTEE - ok
23:26:30.0223 0x1a8c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:26:30.0231 0x1a8c  MTConfig - ok
23:26:30.0234 0x1a8c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:26:30.0240 0x1a8c  Mup - ok
23:26:30.0250 0x1a8c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:26:30.0278 0x1a8c  napagent - ok
23:26:30.0285 0x1a8c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:26:30.0300 0x1a8c  NativeWifiP - ok
23:26:30.0317 0x1a8c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:26:30.0336 0x1a8c  NDIS - ok
23:26:30.0340 0x1a8c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:26:30.0362 0x1a8c  NdisCap - ok
23:26:30.0365 0x1a8c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:26:30.0385 0x1a8c  NdisTapi - ok
23:26:30.0388 0x1a8c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:26:30.0408 0x1a8c  Ndisuio - ok
23:26:30.0413 0x1a8c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:26:30.0435 0x1a8c  NdisWan - ok
23:26:30.0438 0x1a8c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:26:30.0459 0x1a8c  NDProxy - ok
23:26:30.0462 0x1a8c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:26:30.0483 0x1a8c  NetBIOS - ok
23:26:30.0489 0x1a8c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:26:30.0512 0x1a8c  NetBT - ok
23:26:30.0515 0x1a8c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
23:26:30.0523 0x1a8c  Netlogon - ok
23:26:30.0530 0x1a8c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:26:30.0559 0x1a8c  Netman - ok
23:26:30.0568 0x1a8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:26:30.0577 0x1a8c  NetMsmqActivator - ok
23:26:30.0581 0x1a8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:26:30.0590 0x1a8c  NetPipeActivator - ok
23:26:30.0600 0x1a8c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:26:30.0628 0x1a8c  netprofm - ok
23:26:30.0667 0x1a8c  [ 8CE69B2C4934A1C0321F4C8E9C6C4A41, 880A57194D52E4C90BCFAF149C74E3119B5FA5A91C6A3F50A1BBB3C8C35C6921 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
23:26:30.0709 0x1a8c  netr28x - ok
23:26:30.0714 0x1a8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:26:30.0723 0x1a8c  NetTcpActivator - ok
23:26:30.0727 0x1a8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:26:30.0736 0x1a8c  NetTcpPortSharing - ok
23:26:30.0739 0x1a8c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:26:30.0746 0x1a8c  nfrd960 - ok
23:26:30.0753 0x1a8c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:26:30.0766 0x1a8c  NlaSvc - ok
23:26:30.0769 0x1a8c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:26:30.0790 0x1a8c  Npfs - ok
23:26:30.0793 0x1a8c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:26:30.0815 0x1a8c  nsi - ok
23:26:30.0817 0x1a8c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:26:30.0838 0x1a8c  nsiproxy - ok
23:26:30.0865 0x1a8c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:26:30.0899 0x1a8c  Ntfs - ok
23:26:30.0903 0x1a8c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:26:30.0924 0x1a8c  Null - ok
23:26:30.0929 0x1a8c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:26:30.0937 0x1a8c  nvraid - ok
23:26:30.0942 0x1a8c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:26:30.0951 0x1a8c  nvstor - ok
23:26:30.0955 0x1a8c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:26:30.0962 0x1a8c  nv_agp - ok
23:26:30.0966 0x1a8c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:26:30.0974 0x1a8c  ohci1394 - ok
23:26:30.0980 0x1a8c  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:26:30.0988 0x1a8c  ose64 - ok
23:26:31.0066 0x1a8c  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:26:31.0150 0x1a8c  osppsvc - ok
23:26:31.0163 0x1a8c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:26:31.0176 0x1a8c  p2pimsvc - ok
23:26:31.0185 0x1a8c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:26:31.0201 0x1a8c  p2psvc - ok
23:26:31.0204 0x1a8c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:26:31.0214 0x1a8c  Parport - ok
23:26:31.0217 0x1a8c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:26:31.0224 0x1a8c  partmgr - ok
23:26:31.0229 0x1a8c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:26:31.0241 0x1a8c  PcaSvc - ok
23:26:31.0247 0x1a8c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:26:31.0256 0x1a8c  pci - ok
23:26:31.0258 0x1a8c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:26:31.0264 0x1a8c  pciide - ok
23:26:31.0269 0x1a8c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:26:31.0278 0x1a8c  pcmcia - ok
23:26:31.0281 0x1a8c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:26:31.0288 0x1a8c  pcw - ok
23:26:31.0308 0x1a8c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:26:31.0324 0x1a8c  PEAUTH - ok
23:26:31.0353 0x1a8c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:26:31.0382 0x1a8c  PeerDistSvc - ok
23:26:31.0405 0x1a8c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:26:31.0413 0x1a8c  PerfHost - ok
23:26:31.0420 0x1a8c  [ FE8AF03EFEC0387FBBFCFD32E328DB9A, A156258212B53070C7ABE1E187AF338D43EA5F5DEBBF82EDBED4408FF9D01605 ] phaudlwr        C:\Windows\system32\DRIVERS\phaudlwr.sys
23:26:31.0429 0x1a8c  phaudlwr - ok
23:26:31.0453 0x1a8c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:26:31.0495 0x1a8c  pla - ok
23:26:31.0505 0x1a8c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:26:31.0519 0x1a8c  PlugPlay - ok
23:26:31.0522 0x1a8c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:26:31.0530 0x1a8c  PNRPAutoReg - ok
23:26:31.0537 0x1a8c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:26:31.0551 0x1a8c  PNRPsvc - ok
23:26:31.0561 0x1a8c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:26:31.0590 0x1a8c  PolicyAgent - ok
23:26:31.0596 0x1a8c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:26:31.0620 0x1a8c  Power - ok
23:26:31.0624 0x1a8c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:26:31.0646 0x1a8c  PptpMiniport - ok
23:26:31.0649 0x1a8c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:26:31.0657 0x1a8c  Processor - ok
23:26:31.0662 0x1a8c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:26:31.0674 0x1a8c  ProfSvc - ok
23:26:31.0676 0x1a8c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:26:31.0684 0x1a8c  ProtectedStorage - ok
23:26:31.0689 0x1a8c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:26:31.0710 0x1a8c  Psched - ok
23:26:31.0744 0x1a8c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:26:31.0774 0x1a8c  ql2300 - ok
23:26:31.0782 0x1a8c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:26:31.0789 0x1a8c  ql40xx - ok
23:26:31.0799 0x1a8c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:26:31.0815 0x1a8c  QWAVE - ok
23:26:31.0818 0x1a8c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:26:31.0830 0x1a8c  QWAVEdrv - ok
23:26:31.0832 0x1a8c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:26:31.0855 0x1a8c  RasAcd - ok
23:26:31.0863 0x1a8c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:26:31.0885 0x1a8c  RasAgileVpn - ok
23:26:31.0892 0x1a8c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:26:31.0916 0x1a8c  RasAuto - ok
23:26:31.0926 0x1a8c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:26:31.0947 0x1a8c  Rasl2tp - ok
23:26:31.0955 0x1a8c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:26:31.0982 0x1a8c  RasMan - ok
23:26:31.0986 0x1a8c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:26:32.0007 0x1a8c  RasPppoe - ok
23:26:32.0011 0x1a8c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:26:32.0032 0x1a8c  RasSstp - ok
23:26:32.0039 0x1a8c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:26:32.0064 0x1a8c  rdbss - ok
23:26:32.0067 0x1a8c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:26:32.0077 0x1a8c  rdpbus - ok
23:26:32.0080 0x1a8c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:26:32.0101 0x1a8c  RDPCDD - ok
23:26:32.0107 0x1a8c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:26:32.0116 0x1a8c  RDPDR - ok
23:26:32.0119 0x1a8c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:26:32.0140 0x1a8c  RDPENCDD - ok
23:26:32.0143 0x1a8c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:26:32.0165 0x1a8c  RDPREFMP - ok
23:26:32.0168 0x1a8c  [ 76D8CC526512ECAE2AEF63B1A6D018A1, 7281AFEBA5455BB879D4BA2DBADDCF6DAC87C1040605907CC907142609985B17 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:26:32.0175 0x1a8c  RdpVideoMiniport - ok
23:26:32.0181 0x1a8c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:26:32.0191 0x1a8c  RDPWD - ok
23:26:32.0197 0x1a8c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:26:32.0206 0x1a8c  rdyboost - ok
23:26:32.0258 0x1a8c  [ F51E6123B1897B3F1641259F5E354887, AE0E4E04C64E3FA063D311EFF1476D844ACEF0A41CF70BA33C16F1E61EE00402 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
23:26:32.0313 0x1a8c  ReflectService.exe - ok
23:26:32.0319 0x1a8c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:26:32.0343 0x1a8c  RemoteAccess - ok
23:26:32.0348 0x1a8c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:26:32.0372 0x1a8c  RemoteRegistry - ok
23:26:32.0381 0x1a8c  [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
23:26:32.0391 0x1a8c  RichVideo64 - ok
23:26:32.0394 0x1a8c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:26:32.0417 0x1a8c  RpcEptMapper - ok
23:26:32.0420 0x1a8c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:26:32.0428 0x1a8c  RpcLocator - ok
23:26:32.0437 0x1a8c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:26:32.0467 0x1a8c  RpcSs - ok
23:26:32.0472 0x1a8c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:26:32.0494 0x1a8c  rspndr - ok
23:26:32.0496 0x1a8c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:26:32.0503 0x1a8c  s3cap - ok
23:26:32.0505 0x1a8c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
23:26:32.0514 0x1a8c  SamSs - ok
23:26:32.0518 0x1a8c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:26:32.0525 0x1a8c  sbp2port - ok
23:26:32.0530 0x1a8c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:26:32.0556 0x1a8c  SCardSvr - ok
23:26:32.0558 0x1a8c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:26:32.0579 0x1a8c  scfilter - ok
23:26:32.0598 0x1a8c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
23:26:32.0637 0x1a8c  Schedule - ok
23:26:32.0641 0x1a8c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:26:32.0663 0x1a8c  SCPolicySvc - ok
23:26:32.0677 0x1a8c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:26:32.0688 0x1a8c  SDRSVC - ok
23:26:32.0694 0x1a8c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:26:32.0721 0x1a8c  secdrv - ok
23:26:32.0724 0x1a8c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:26:32.0747 0x1a8c  seclogon - ok
23:26:32.0750 0x1a8c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
23:26:32.0773 0x1a8c  SENS - ok
23:26:32.0776 0x1a8c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:26:32.0784 0x1a8c  SensrSvc - ok
23:26:32.0787 0x1a8c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:26:32.0794 0x1a8c  Serenum - ok
23:26:32.0798 0x1a8c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:26:32.0807 0x1a8c  Serial - ok
23:26:32.0810 0x1a8c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:26:32.0817 0x1a8c  sermouse - ok
23:26:32.0823 0x1a8c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:26:32.0847 0x1a8c  SessionEnv - ok
23:26:32.0849 0x1a8c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:26:32.0858 0x1a8c  sffdisk - ok
23:26:32.0861 0x1a8c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:26:32.0870 0x1a8c  sffp_mmc - ok
23:26:32.0872 0x1a8c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:26:32.0881 0x1a8c  sffp_sd - ok
23:26:32.0884 0x1a8c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:26:32.0891 0x1a8c  sfloppy - ok
23:26:32.0899 0x1a8c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:26:32.0924 0x1a8c  SharedAccess - ok
23:26:32.0932 0x1a8c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:26:32.0960 0x1a8c  ShellHWDetection - ok
23:26:32.0963 0x1a8c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:26:32.0970 0x1a8c  SiSRaid2 - ok
23:26:32.0973 0x1a8c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:26:32.0981 0x1a8c  SiSRaid4 - ok
23:26:32.0988 0x1a8c  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:26:32.0999 0x1a8c  SkypeUpdate - ok
23:26:33.0003 0x1a8c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:26:33.0025 0x1a8c  Smb - ok
23:26:33.0036 0x1a8c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:26:33.0046 0x1a8c  SNMPTRAP - ok
23:26:33.0063 0x1a8c  [ 848FEAF8559FC5EE60BB35BEB28C18AA, FB3E261FA48BE7E6F2C6F1D936A16D50D26C8D29F3D324BC8889801252755D0A ] SPC530          C:\Windows\system32\drivers\SPC530.sys
23:26:33.0079 0x1a8c  SPC530 - ok
23:26:33.0082 0x1a8c  [ 3C74A30152E288CC9E871B59430D02DE, DBC192197A3364AEE25FC4AE920806844FCFCAF4CB91E3A32242731ECDDCEC34 ] SPC530m         C:\Windows\system32\drivers\SPC530m.sys
23:26:33.0088 0x1a8c  SPC530m - ok
23:26:33.0090 0x1a8c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:26:33.0096 0x1a8c  spldr - ok
23:26:33.0106 0x1a8c  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
23:26:33.0136 0x1a8c  Spooler - ok
23:26:33.0191 0x1a8c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:26:33.0264 0x1a8c  sppsvc - ok
23:26:33.0271 0x1a8c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:26:33.0294 0x1a8c  sppuinotify - ok
23:26:33.0303 0x1a8c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:26:33.0316 0x1a8c  srv - ok
23:26:33.0324 0x1a8c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:26:33.0337 0x1a8c  srv2 - ok
23:26:33.0342 0x1a8c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:26:33.0352 0x1a8c  srvnet - ok
23:26:33.0357 0x1a8c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:26:33.0384 0x1a8c  SSDPSRV - ok
23:26:33.0387 0x1a8c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:26:33.0411 0x1a8c  SstpSvc - ok
23:26:33.0426 0x1a8c  [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:26:33.0443 0x1a8c  Steam Client Service - ok
23:26:33.0447 0x1a8c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:26:33.0453 0x1a8c  stexstor - ok
23:26:33.0464 0x1a8c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:26:33.0485 0x1a8c  stisvc - ok
23:26:33.0488 0x1a8c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:26:33.0495 0x1a8c  storflt - ok
23:26:33.0498 0x1a8c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:26:33.0504 0x1a8c  storvsc - ok
23:26:33.0506 0x1a8c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:26:33.0512 0x1a8c  swenum - ok
23:26:33.0523 0x1a8c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:26:33.0537 0x1a8c  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
23:26:36.0615 0x1a8c  Detect skipped due to KSN trusted
23:26:36.0615 0x1a8c  SwitchBoard - ok
23:26:36.0626 0x1a8c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:26:36.0657 0x1a8c  swprv - ok
23:26:36.0660 0x1a8c  Synth3dVsc - ok
23:26:36.0688 0x1a8c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
23:26:36.0727 0x1a8c  SysMain - ok
23:26:36.0732 0x1a8c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:26:36.0745 0x1a8c  TabletInputService - ok
23:26:36.0748 0x1a8c  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
23:26:36.0754 0x1a8c  tap0901 - ok
23:26:36.0761 0x1a8c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:26:36.0787 0x1a8c  TapiSrv - ok
23:26:36.0790 0x1a8c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:26:36.0813 0x1a8c  TBS - ok
23:26:36.0843 0x1a8c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:26:36.0877 0x1a8c  Tcpip - ok
23:26:36.0910 0x1a8c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:26:36.0945 0x1a8c  TCPIP6 - ok
23:26:36.0950 0x1a8c  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:26:36.0971 0x1a8c  tcpipreg - ok
23:26:36.0974 0x1a8c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:26:36.0982 0x1a8c  TDPIPE - ok
23:26:36.0984 0x1a8c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:26:36.0991 0x1a8c  TDTCP - ok
23:26:36.0999 0x1a8c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:26:37.0008 0x1a8c  tdx - ok
23:26:37.0011 0x1a8c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:26:37.0018 0x1a8c  TermDD - ok
23:26:37.0030 0x1a8c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:26:37.0050 0x1a8c  TermService - ok
23:26:37.0059 0x1a8c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:26:37.0071 0x1a8c  Themes - ok
23:26:37.0074 0x1a8c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:26:37.0097 0x1a8c  THREADORDER - ok
23:26:37.0101 0x1a8c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:26:37.0124 0x1a8c  TrkWks - ok
23:26:37.0129 0x1a8c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:26:37.0152 0x1a8c  TrustedInstaller - ok
23:26:37.0156 0x1a8c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:26:37.0163 0x1a8c  tssecsrv - ok
23:26:37.0167 0x1a8c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:26:37.0175 0x1a8c  TsUsbFlt - ok
23:26:37.0177 0x1a8c  tsusbhub - ok
23:26:37.0181 0x1a8c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:26:37.0203 0x1a8c  tunnel - ok
23:26:37.0206 0x1a8c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:26:37.0214 0x1a8c  uagp35 - ok
23:26:37.0221 0x1a8c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:26:37.0247 0x1a8c  udfs - ok
23:26:37.0251 0x1a8c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:26:37.0261 0x1a8c  UI0Detect - ok
23:26:37.0264 0x1a8c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:26:37.0271 0x1a8c  uliagpkx - ok
23:26:37.0274 0x1a8c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
23:26:37.0282 0x1a8c  umbus - ok
23:26:37.0284 0x1a8c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:26:37.0292 0x1a8c  UmPass - ok
23:26:37.0297 0x1a8c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:26:37.0309 0x1a8c  UmRdpService - ok
23:26:37.0316 0x1a8c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:26:37.0344 0x1a8c  upnphost - ok
23:26:37.0347 0x1a8c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:26:37.0355 0x1a8c  USBAAPL64 - ok
23:26:37.0358 0x1a8c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:26:37.0367 0x1a8c  usbaudio - ok
23:26:37.0371 0x1a8c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:26:37.0379 0x1a8c  usbccgp - ok
23:26:37.0383 0x1a8c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:26:37.0391 0x1a8c  usbcir - ok
23:26:37.0394 0x1a8c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:26:37.0401 0x1a8c  usbehci - ok
23:26:37.0409 0x1a8c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:26:37.0421 0x1a8c  usbhub - ok
23:26:37.0423 0x1a8c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:26:37.0431 0x1a8c  usbohci - ok
23:26:37.0433 0x1a8c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:26:37.0442 0x1a8c  usbprint - ok
23:26:37.0447 0x1a8c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
23:26:37.0455 0x1a8c  USBSTOR - ok
23:26:37.0458 0x1a8c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:26:37.0465 0x1a8c  usbuhci - ok
23:26:37.0470 0x1a8c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:26:37.0480 0x1a8c  usbvideo - ok
23:26:37.0482 0x1a8c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:26:37.0505 0x1a8c  UxSms - ok
23:26:37.0507 0x1a8c  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
23:26:37.0516 0x1a8c  VaultSvc - ok
23:26:37.0525 0x1a8c  [ CD74DB141650A8E131F30250381E5A77, C3F6CC4FA70D73A0453126AD6FB1A8A285A6B66EC2C661D9B4F798F8D9CB3976 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
23:26:37.0535 0x1a8c  VBoxAswDrv - ok
23:26:37.0538 0x1a8c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:26:37.0545 0x1a8c  vdrvroot - ok
23:26:37.0555 0x1a8c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:26:37.0585 0x1a8c  vds - ok
23:26:37.0588 0x1a8c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:26:37.0597 0x1a8c  vga - ok
23:26:37.0600 0x1a8c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:26:37.0621 0x1a8c  VgaSave - ok
23:26:37.0623 0x1a8c  VGPU - ok
23:26:37.0628 0x1a8c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:26:37.0637 0x1a8c  vhdmp - ok
23:26:37.0640 0x1a8c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:26:37.0647 0x1a8c  viaide - ok
23:26:37.0652 0x1a8c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:26:37.0661 0x1a8c  vmbus - ok
23:26:37.0663 0x1a8c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:26:37.0671 0x1a8c  VMBusHID - ok
23:26:37.0674 0x1a8c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:26:37.0681 0x1a8c  volmgr - ok
23:26:37.0689 0x1a8c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:26:37.0700 0x1a8c  volmgrx - ok
23:26:37.0707 0x1a8c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:26:37.0730 0x1a8c  volsnap - ok
23:26:37.0735 0x1a8c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:26:37.0743 0x1a8c  vsmraid - ok
23:26:37.0770 0x1a8c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:26:37.0817 0x1a8c  VSS - ok
23:26:37.0820 0x1a8c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:26:37.0830 0x1a8c  vwifibus - ok
23:26:37.0833 0x1a8c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:26:37.0844 0x1a8c  vwififlt - ok
23:26:37.0853 0x1a8c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:26:37.0881 0x1a8c  W32Time - ok
23:26:37.0886 0x1a8c  [ A212A4F5D2BB731F9CC6E2C546A0B464, 32828D9A153519D3521F89419DCE91ABB25AD0601A525ED8947C1FA2434DF608 ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
23:26:37.0892 0x1a8c  WacHidRouter - ok
23:26:37.0894 0x1a8c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:26:37.0902 0x1a8c  WacomPen - ok
23:26:37.0904 0x1a8c  [ E722E0C28881186D1B7E09A66C4D4DA5, 8BAF9D96706EE4251F20E850ECDF4201ADB04C9A8E31FD5C669F75E2299A0414 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
23:26:37.0909 0x1a8c  wacomrouterfilter - ok
23:26:37.0913 0x1a8c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:26:37.0934 0x1a8c  WANARP - ok
23:26:37.0937 0x1a8c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:26:37.0959 0x1a8c  Wanarpv6 - ok
23:26:37.0981 0x1a8c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:26:38.0006 0x1a8c  WatAdminSvc - ok
23:26:38.0032 0x1a8c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:26:38.0064 0x1a8c  wbengine - ok
23:26:38.0070 0x1a8c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:26:38.0085 0x1a8c  WbioSrvc - ok
23:26:38.0093 0x1a8c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:26:38.0110 0x1a8c  wcncsvc - ok
23:26:38.0113 0x1a8c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:26:38.0122 0x1a8c  WcsPlugInService - ok
23:26:38.0124 0x1a8c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:26:38.0130 0x1a8c  Wd - ok
23:26:38.0145 0x1a8c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:26:38.0164 0x1a8c  Wdf01000 - ok
23:26:38.0169 0x1a8c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:26:38.0178 0x1a8c  WdiServiceHost - ok
23:26:38.0181 0x1a8c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:26:38.0191 0x1a8c  WdiSystemHost - ok
23:26:38.0206 0x1a8c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
23:26:38.0219 0x1a8c  WebClient - ok
23:26:38.0225 0x1a8c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:26:38.0252 0x1a8c  Wecsvc - ok
23:26:38.0261 0x1a8c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:26:38.0285 0x1a8c  wercplsupport - ok
23:26:38.0288 0x1a8c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:26:38.0311 0x1a8c  WerSvc - ok
23:26:38.0313 0x1a8c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:26:38.0334 0x1a8c  WfpLwf - ok
23:26:38.0337 0x1a8c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:26:38.0343 0x1a8c  WIMMount - ok
23:26:38.0345 0x1a8c  WinDefend - ok
23:26:38.0349 0x1a8c  WinHttpAutoProxySvc - ok
23:26:38.0357 0x1a8c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:26:38.0382 0x1a8c  Winmgmt - ok
23:26:38.0438 0x1a8c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
23:26:38.0479 0x1a8c  WinRM - ok
23:26:38.0486 0x1a8c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
23:26:38.0495 0x1a8c  WinUSB - ok
23:26:38.0510 0x1a8c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:26:38.0535 0x1a8c  Wlansvc - ok
23:26:38.0539 0x1a8c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:26:38.0547 0x1a8c  WmiAcpi - ok
23:26:38.0553 0x1a8c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:26:38.0563 0x1a8c  wmiApSrv - ok
23:26:38.0566 0x1a8c  WMPNetworkSvc - ok
23:26:38.0569 0x1a8c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:26:38.0578 0x1a8c  WPCSvc - ok
23:26:38.0582 0x1a8c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:26:38.0593 0x1a8c  WPDBusEnum - ok
23:26:38.0596 0x1a8c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:26:38.0701 0x1a8c  ws2ifsl - ok
23:26:38.0713 0x1a8c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
23:26:38.0751 0x1a8c  wscsvc - ok
23:26:38.0753 0x1a8c  WSearch - ok
23:26:38.0770 0x1a8c  [ 539D52A1CB4CC3BFB9B6CAD7883B8ECA, 3CAC8F755F85F06C6FFA8C5328943DC55F410EAAA64F0E4241C3E7F60A48D4A9 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
23:26:38.0786 0x1a8c  WTabletServiceCon - ok
23:26:38.0826 0x1a8c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:26:38.0873 0x1a8c  wuauserv - ok
23:26:38.0878 0x1a8c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:26:38.0886 0x1a8c  WudfPf - ok
23:26:38.0892 0x1a8c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:26:38.0901 0x1a8c  WUDFRd - ok
23:26:38.0905 0x1a8c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:26:38.0915 0x1a8c  wudfsvc - ok
23:26:38.0921 0x1a8c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:26:38.0933 0x1a8c  WwanSvc - ok
23:26:38.0937 0x1a8c  ================ Scan global ===============================
23:26:38.0939 0x1a8c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:26:38.0946 0x1a8c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:26:38.0956 0x1a8c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:26:38.0963 0x1a8c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:26:38.0972 0x1a8c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
23:26:38.0978 0x1a8c  [ Global ] - ok
23:26:38.0978 0x1a8c  ================ Scan MBR ==================================
23:26:38.0989 0x1a8c  [ 467AF24549A15774C15EB4AEB96BD0A1 ] \Device\Harddisk2\DR2
23:26:39.0066 0x1a8c  \Device\Harddisk2\DR2 - ok
23:26:39.0071 0x1a8c  [ 467AF24549A15774C15EB4AEB96BD0A1 ] \Device\Harddisk0\DR0
23:26:39.0157 0x1a8c  \Device\Harddisk0\DR0 - ok
23:26:39.0176 0x1a8c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:26:39.0267 0x1a8c  \Device\Harddisk1\DR1 - ok
23:26:39.0268 0x1a8c  ================ Scan VBR ==================================
23:26:39.0272 0x1a8c  [ 9ECF6645D65537927FC91DE69A5D2009 ] \Device\Harddisk2\DR2\Partition1
23:26:39.0325 0x1a8c  \Device\Harddisk2\DR2\Partition1 - ok
23:26:39.0332 0x1a8c  [ E3443DE398530494BB4B1421B1B78655 ] \Device\Harddisk0\DR0\Partition1
23:26:39.0334 0x1a8c  \Device\Harddisk0\DR0\Partition1 - ok
23:26:39.0339 0x1a8c  [ BE7508B4E0198F9A7A636EA4A892B026 ] \Device\Harddisk0\DR0\Partition2
23:26:39.0342 0x1a8c  \Device\Harddisk0\DR0\Partition2 - ok
23:26:39.0347 0x1a8c  [ B774767E719F3CCBF5F62A7981126036 ] \Device\Harddisk1\DR1\Partition1
23:26:39.0396 0x1a8c  \Device\Harddisk1\DR1\Partition1 - ok
23:26:39.0396 0x1a8c  ================ Scan generic autorun ======================
23:26:39.0407 0x1a8c  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
23:26:39.0424 0x1a8c  AdobeAAMUpdater-1.0 - ok
23:26:39.0430 0x1a8c  [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
23:26:39.0439 0x1a8c  iTunesHelper - ok
23:26:39.0521 0x1a8c  [ 938FA6F63B210FB8EF5A7B2FC1229431, 545DDA9C32DF14B50688F8192A345FE66D2DB3F8763ECBF85B38AC829E49E1D9 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:26:39.0622 0x1a8c  AvastUI.exe - ok
23:26:39.0630 0x1a8c  [ AEB3E8A6308604C3490A36D06D6685DC, CAFAE7697261CDA6934E324FC45D893BB452F23A1196FECC6930B72FFA8A2738 ] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
23:26:39.0636 0x1a8c  Adobe Acrobat Speed Launcher - ok
23:26:39.0756 0x1a8c  [ 845799C9874B68BEAE3B64059653C7E3, 2E0B9DD46569A6449989E2D7C60B88B46352A178019B4BD840C166674E798CFD ] C:\Program Files\CCleaner\CCleaner64.exe
23:26:39.0883 0x1a8c  CCleaner Monitoring - ok
23:26:39.0888 0x1a8c  Waiting for KSN requests completion. In queue: 98
23:26:40.0888 0x1a8c  Waiting for KSN requests completion. In queue: 98
23:26:41.0888 0x1a8c  Waiting for KSN requests completion. In queue: 98
23:26:42.0888 0x1a8c  Waiting for KSN requests completion. In queue: 98
23:26:43.0888 0x1a8c  Waiting for KSN requests completion. In queue: 98
23:26:44.0888 0x1a8c  Waiting for KSN requests completion. In queue: 98
23:26:45.0219 0x17ac  Object required for P2P: [ 938FA6F63B210FB8EF5A7B2FC1229431 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:26:45.0888 0x1a8c  Waiting for KSN requests completion. In queue: 3
23:26:46.0888 0x1a8c  Waiting for KSN requests completion. In queue: 3
23:26:47.0888 0x1a8c  Waiting for KSN requests completion. In queue: 3
23:26:48.0384 0x17ac  Object send P2P result: true
23:26:48.0918 0x1a8c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2214.845 ), 0x41000 ( enabled : updated )
23:26:48.0925 0x1a8c  Win FW state via NFP2: enabled
23:26:51.0843 0x1a8c  ============================================================
23:26:51.0843 0x1a8c  Scan finished
23:26:51.0843 0x1a8c  ============================================================
23:26:51.0860 0x13b8  Detected object count: 1
23:26:51.0860 0x13b8  Actual detected object count: 1
23:29:32.0160 0x13b8  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:29:32.0160 0x13b8  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:06 PM

Posted 20 March 2015 - 07:14 AM

Hi,
is there any avast log (with more details) that you can post here?


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 sendmebeer

sendmebeer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 20 March 2015 - 01:09 PM

Hi Jurgen

How do I go find logs from Avast?

Apologies for my lack of knowledge.

Regards

B



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:06 PM

Posted 20 March 2015 - 06:00 PM

Hi,
please disconnect
Drive g: (UNTITLED) (Removable) (Total:1.91 GB) (Free:1.04 GB) FAT32
from your computer.
 
Then run a boot-timescan with following parameters:

avast1.PNG
avast2.PNG

If you want to see the log, open Scan tab and choose Scan for viruses. Then click Scan history in the bottom right of the window.
If malware was detected during the boot-time-scan you will find a log that has red "virus found" written in Result column, click it once and then click the Detailed report button.

Please post screenshots of it.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 sendmebeer

sendmebeer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 21 March 2015 - 05:18 AM

Here are the screenshots from the scan as requested.

 

 

Attached Files



#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:06 PM

Posted 21 March 2015 - 05:26 AM

What happens when you select the automatic fix option?
Is the "threat" next scan still present?
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 sendmebeer

sendmebeer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 21 March 2015 - 07:12 AM

Avast is unable to remove the problem.

When I run the automatic fix option, I am asked to reboot. Avast then tries to delete the problem however i end up with a 0XC0000002 dlete not implemented error.



#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:06 PM

Posted 21 March 2015 - 07:31 AM

Step 1

emsimbrmaster.PNGemsilogo.png
Please download MBR Master. (Link) (Make sure to save it on your Desktop).
  • Open the MBR Master file that you saved on your desktop (the default file name is mbrmastr).
  • Click on the Backup MBR button in the lower-right corner.
  • Save the backup of your MBR on your desktop (you can name it "checkthis").
  • Close the program. A log will be saved also on your desktop.
  • Please right-click on the MBR backup that you saved on your desktop, go to "Sent to", and select Compressed (zipped) folder in order to zip the file so that it can be attached to a reply.
  • Please attach both the log and the zipped MBR backup to your next reply.

Edited by deeprybka, 21 March 2015 - 07:33 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 sendmebeer

sendmebeer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 21 March 2015 - 07:59 AM

Please find mbrm logs

Attached Files


Edited by deeprybka, 21 March 2015 - 08:04 AM.
Removed MBR dump


#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:06 PM

Posted 21 March 2015 - 08:09 AM

Thank you!

I will post further instructions as soon as I am back on my computer.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 sendmebeer

sendmebeer
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 PM

Posted 21 March 2015 - 01:29 PM

No problem, I await your next instructions.

Thank you for taking this on, I can see you are also busy helping others.

I really appreciate the help.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users