Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast detects URL:mal c:\windows\system32\svchost.exe


  • This topic is locked This topic is locked
42 replies to this topic

#1 pwaara

pwaara

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 29 June 2015 - 04:23 PM

Avast reports detecting URL:Mal in c:\windows\system32\svchost.exe.  I have tried all my usual tactics to remove it, and I cannot get it to stop.  Looking for assistance.  I have attached my farbar output.

Attached Files

  • Attached File  FRST.txt   64.11KB   6 downloads


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:17 AM

Posted 04 July 2015 - 04:25 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/581316 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 pwaara

pwaara
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 06 July 2015 - 07:56 AM

Avast keeps reporting that it found a threat.  For example, URL:Mal in c:\windows\system32\svchost.exe.  I cannot seem to clean it on my own after multiple attempts.  I have attached my FRST and Additions files again.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by pwaara (administrator) on RESPONSEAGILITY on 06-07-2015 08:48:56
Running from e:\Users\pwaara\Desktop
Loaded Profiles: pwaara (Available Profiles: pwaara)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Code 42 Software) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(© 2015 Microsoft Corporation) C:\Users\pwaara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Code 42 Software, Inc.) C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
(Dropbox, Inc.) C:\Users\pwaara\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Synology Inc.) C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Synology Inc.) C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_194.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(FileZilla Project) C:\Program Files\FileZilla FTP Client\filezilla.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [115968 2013-07-23] (Waves Audio Ltd.)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-29] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2014-03-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-02-08] (Intel® Corporation)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1087960 2014-04-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-28] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\Run: [BingSvc] => C:\Users\pwaara\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\Run: [Dropbox Update] => C:\Users\pwaara\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\MountPoints2: D - D:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\MountPoints2: {1ce119df-ffe7-11e4-b303-80000b6778e2} - D:\VZW_Software_upgrade_assistant.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk [2015-03-11]
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
Startup: C:\Users\pwaara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\pwaara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-03-07]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\pwaara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-03-24]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-28] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001 -> {406C7DD0-0E64-472D-9A26-565D5B923B6A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-28] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-16] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-28] (Avast Software s.r.o.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-16] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2099DE08-BE5C-4C3C-8288-B967D57F85C7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{89F1FAB4-FA63-46BC-BA20-F4DFA222EB53}: [DhcpNameServer] 192.168.1.228 192.168.1.232

FireFox:
========
FF ProfilePath: C:\Users\pwaara\AppData\Roaming\Mozilla\Firefox\Profiles\bgcko201.default
FF DefaultSearchEngine: Bing
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-25] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-25] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\pwaara\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-06-16] (Cisco WebEx LLC)
FF Extension: Bing Search Engine - C:\Users\pwaara\AppData\Roaming\Mozilla\Firefox\Profiles\bgcko201.default\Extensions\bingsearch.full@microsoft.com [2015-03-12]
FF Extension: Firebug - C:\Users\pwaara\AppData\Roaming\Mozilla\Firefox\Profiles\bgcko201.default\Extensions\firebug@software.joehewitt.com.xpi [2015-05-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-04-06]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-03-27] (Alps Electric Co., Ltd.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-28] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-28] (Avast Software)
R2 CrashPlanService; C:\Program Files (x86)\CrashPlan\CrashPlanService.exe [156440 2014-11-20] (Code 42 Software)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [92528 2015-05-05] (Dell)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2672328 2014-07-30] (Invincea, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (BayHubTech/O2Micro International)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [173256 2014-07-30] (Invincea, Inc.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-12] (SoftThinks SAS)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-01-06] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\SysWOW64\dllhost.exe /Processid:{71B175AC-C143-485E-B6F6-7554996EB81A}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-28] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-28] ()
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
S3 CXPLRCAP; C:\Windows\System32\drivers\elvidcap.sys [153448 2014-10-31] (Elgato Systems GmbH)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [489752 2014-06-12] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-05-02] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2261464 2013-08-27] (Realtek Semiconductor Corp.)
R3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [50696 2014-07-30] (Invincea, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-29] (Intel Corporation)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2014-05-14] (BayHubTech/O2Micro )
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [183304 2014-07-30] (Invincea, Inc.)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_Accel.sys [75976 2013-08-06] (STMicroelectronics)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-06-28] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [48024 2013-01-28] (Windows ® Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-28] (Avast Software)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [194456 2013-01-28] (Windows ® Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-03 08:44 - 2015-07-03 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-06-29 16:58 - 2015-06-29 17:00 - 00000000 ____D C:\AdwCleaner
2015-06-28 20:31 - 2015-06-28 20:31 - 00000000 ___HD C:\ProgramData\CanonIJScan
2015-06-28 20:31 - 2015-06-28 20:31 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\Canon
2015-06-28 20:30 - 2015-06-28 20:30 - 00000000 _____ C:\Users\pwaara\Sti_Trace.log
2015-06-28 20:21 - 2015-06-28 20:21 - 00000000 ___HD C:\Program Files\CanonBJ
2015-06-28 20:21 - 2015-06-28 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 200
2015-06-28 20:20 - 2015-06-28 20:21 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2015-06-28 20:20 - 2015-06-28 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2015-06-28 20:19 - 2010-12-17 14:47 - 00515584 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll
2015-06-28 20:19 - 2010-12-17 14:47 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809L.dll
2015-06-28 20:19 - 2010-03-19 13:55 - 00393256 _____ C:\Windows\SysWOW64\CNQ4809N.DAT
2015-06-28 20:19 - 2010-03-19 13:55 - 00393256 _____ C:\Windows\system32\CNQ4809N.DAT
2015-06-28 20:19 - 2010-03-18 17:13 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll
2015-06-28 20:19 - 2010-03-18 17:13 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ4809I.dll
2015-06-28 20:19 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809U.dll
2015-06-28 20:19 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-06-28 20:19 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-06-28 19:47 - 2015-06-28 19:52 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-28 19:47 - 2015-06-28 19:47 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-28 19:44 - 2015-07-06 08:48 - 00000000 ____D C:\FRST
2015-06-19 10:41 - 2015-07-06 08:46 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1874861057-4149539643-2466795921-1001UA.job
2015-06-19 10:41 - 2015-07-05 21:57 - 00000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1874861057-4149539643-2466795921-1001Core.job
2015-06-19 10:41 - 2015-06-19 10:41 - 00003894 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1874861057-4149539643-2466795921-1001UA
2015-06-19 10:41 - 2015-06-19 10:41 - 00003498 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1874861057-4149539643-2466795921-1001Core
2015-06-19 10:41 - 2015-06-19 10:41 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-19 10:41 - 2015-06-19 10:41 - 00000000 ____D C:\Users\pwaara\AppData\Local\Dropbox
2015-06-19 10:41 - 2015-06-19 10:41 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-16 14:49 - 2015-06-16 14:50 - 00000000 ____D C:\ProgramData\Oracle
2015-06-16 14:49 - 2015-06-16 14:49 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-16 14:49 - 2015-06-16 14:49 - 00000000 ____D C:\ProgramData\Sun
2015-06-16 14:49 - 2015-06-16 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-16 14:49 - 2015-06-16 14:49 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-16 13:24 - 2015-06-16 13:24 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\webex
2015-06-16 12:57 - 2015-06-16 12:58 - 00000000 ____D C:\ProgramData\WebEx
2015-06-16 12:57 - 2015-06-16 12:57 - 00000000 ____D C:\Users\pwaara\AppData\Local\WebEx
2015-06-12 16:18 - 2015-06-28 19:18 - 00000600 _____ C:\Users\pwaara\AppData\Local\PUTTY.RND
2015-06-10 04:51 - 2015-05-25 14:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 04:51 - 2015-05-25 14:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 04:51 - 2015-05-25 14:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 04:51 - 2015-05-25 14:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 04:51 - 2015-05-25 14:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 04:51 - 2015-05-25 14:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 04:51 - 2015-05-25 14:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 04:51 - 2015-05-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 04:51 - 2015-05-25 14:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 04:51 - 2015-05-25 14:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 04:51 - 2015-05-25 14:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 04:51 - 2015-05-25 14:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 14:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 04:51 - 2015-05-25 14:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 04:51 - 2015-05-25 14:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 04:51 - 2015-05-25 14:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 04:51 - 2015-05-25 14:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 04:51 - 2015-05-25 14:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 04:51 - 2015-05-25 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 04:51 - 2015-05-25 14:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 04:51 - 2015-05-25 14:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 04:51 - 2015-05-25 14:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 04:51 - 2015-05-25 14:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 04:51 - 2015-05-25 13:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 04:51 - 2015-05-25 13:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 04:51 - 2015-05-25 13:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 04:51 - 2015-05-25 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 04:51 - 2015-05-25 13:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 04:51 - 2015-05-25 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 13:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 04:51 - 2015-05-25 13:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 04:51 - 2015-05-25 12:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 04:51 - 2015-05-25 12:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 04:51 - 2015-05-25 12:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 12:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 12:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 04:51 - 2015-05-25 12:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 04:51 - 2015-04-29 14:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 04:51 - 2015-04-29 14:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 04:51 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 04:51 - 2015-04-29 14:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 04:51 - 2015-04-29 14:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 04:51 - 2015-04-29 14:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 04:51 - 2015-04-29 14:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 04:51 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 04:51 - 2015-04-29 14:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 04:51 - 2015-04-29 14:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 04:51 - 2015-04-24 14:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 04:51 - 2015-04-24 13:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 04:51 - 2015-04-10 23:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 04:50 - 2015-06-01 15:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 04:50 - 2015-06-01 14:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 04:50 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 04:50 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 04:50 - 2015-05-22 23:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 04:50 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 04:50 - 2015-05-22 23:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 04:50 - 2015-05-22 23:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 04:50 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 04:50 - 2015-05-22 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 04:50 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 04:50 - 2015-05-22 23:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 04:50 - 2015-05-22 23:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 04:50 - 2015-05-22 23:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 04:50 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 04:50 - 2015-05-22 23:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 04:50 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 04:50 - 2015-05-22 22:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 04:50 - 2015-05-22 22:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 04:50 - 2015-05-22 22:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 04:50 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 04:50 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 04:50 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 04:50 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 04:50 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 04:50 - 2015-05-22 22:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 04:50 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 04:50 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 04:50 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 04:50 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 04:50 - 2015-05-22 15:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 04:50 - 2015-05-22 15:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 04:50 - 2015-05-22 15:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 04:50 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 04:50 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 04:50 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 04:50 - 2015-05-22 15:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 04:50 - 2015-05-22 14:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 04:50 - 2015-05-22 14:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 04:50 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 04:50 - 2015-05-22 14:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 04:50 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 04:50 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 04:50 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 04:50 - 2015-05-22 14:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 04:50 - 2015-05-22 14:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 04:50 - 2015-05-22 14:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 04:50 - 2015-05-22 14:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 04:50 - 2015-05-22 14:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 04:50 - 2015-05-22 14:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 04:50 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 04:50 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 04:50 - 2015-05-22 14:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 04:50 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 04:50 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 04:50 - 2015-05-22 14:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 04:50 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 04:50 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 04:50 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 04:50 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-08 22:20 - 2015-06-08 22:20 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\AMD
2015-06-06 11:08 - 2015-06-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ KillDisk 9.1
2015-06-06 11:08 - 2015-06-06 11:08 - 00000000 ____D C:\Program Files\LSoft Technologies

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 08:49 - 2015-01-06 07:30 - 03467028 _____ C:\Windows\SysWOW64\Gms.log
2015-07-06 08:47 - 2015-03-12 14:25 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\Skype
2015-07-06 08:47 - 2009-07-14 00:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-06 08:47 - 2009-07-14 00:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-06 08:42 - 2015-03-24 03:24 - 00000000 ____D C:\Users\pwaara\AppData\Local\Adobe
2015-07-06 08:42 - 2015-03-11 22:16 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-06 08:42 - 2015-01-06 07:24 - 01903375 _____ C:\Windows\WindowsUpdate.log
2015-07-06 08:42 - 2015-01-06 07:24 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-05 21:48 - 2015-05-19 11:02 - 00000000 ____D C:\Users\pwaara\AppData\Local\CrashDumps
2015-07-04 10:33 - 2015-06-01 11:41 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\FileZilla
2015-07-03 09:56 - 2015-01-06 07:36 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-07-03 08:36 - 2009-07-14 00:51 - 00048733 _____ C:\Windows\setupact.log
2015-07-02 20:51 - 2015-06-02 10:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-29 22:52 - 2009-07-14 01:13 - 00783606 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-29 22:48 - 2015-05-19 13:08 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-29 22:48 - 2015-03-09 23:27 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\Dropbox
2015-06-29 22:46 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-29 17:07 - 2015-03-11 22:15 - 00000000 ____D C:\Users\pwaara\AppData\Local\Google
2015-06-29 17:07 - 2015-03-11 22:15 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-28 20:30 - 2015-03-06 17:33 - 00000000 ____D C:\Users\pwaara
2015-06-28 20:19 - 2009-07-13 23:20 - 00000000 __RSD C:\Windows\Media
2015-06-28 13:05 - 2010-11-20 23:47 - 00205990 _____ C:\Windows\PFRO.log
2015-06-28 13:04 - 2015-05-19 13:08 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-06-28 13:04 - 2015-05-19 13:08 - 00000961 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-06-28 12:58 - 2015-06-01 11:51 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-28 09:39 - 2015-03-11 22:15 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 16:58 - 2015-01-06 07:24 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-25 16:58 - 2015-01-06 07:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-25 16:58 - 2015-01-06 07:24 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-25 10:34 - 2015-03-24 03:49 - 00000000 ____D C:\Users\pwaara\AppData\Local\CloudStation
2015-06-25 10:25 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\Performance
2015-06-16 12:57 - 2015-03-07 16:48 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\Mozilla
2015-06-16 10:17 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-06-15 08:39 - 2015-03-12 14:25 - 00000000 ____D C:\ProgramData\Skype
2015-06-15 08:36 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-13 17:03 - 2015-03-06 17:34 - 00000000 ____D C:\Users\pwaara\AppData\Roaming\Adobe
2015-06-12 19:19 - 2015-01-06 07:27 - 00000000 ____D C:\Program Files\Dell
2015-06-12 09:43 - 2015-05-27 12:31 - 00000000 __SHD C:\Users\pwaara\AppData\Local\EmieBrowserModeList
2015-06-12 09:43 - 2015-03-07 16:46 - 00000000 __SHD C:\Users\pwaara\AppData\Local\EmieUserList
2015-06-12 09:43 - 2015-03-07 16:46 - 00000000 __SHD C:\Users\pwaara\AppData\Local\EmieSiteList
2015-06-11 04:00 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 03:23 - 2009-07-14 00:45 - 05031272 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 03:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 03:06 - 2015-03-06 17:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 03:04 - 2015-03-10 15:03 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 03:01 - 2015-03-10 15:03 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-06-12 16:18 - 2015-06-28 19:18 - 0000600 _____ () C:\Users\pwaara\AppData\Local\PUTTY.RND

Some files in TEMP:
====================
C:\Users\pwaara\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\pwaara\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\pwaara\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\pwaara\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\pwaara\AppData\Local\Temp\cxtvrate.dll
C:\Users\pwaara\AppData\Local\Temp\dllnt_dump.dll
C:\Users\pwaara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaebx43.dll
C:\Users\pwaara\AppData\Local\Temp\emmon.exe
C:\Users\pwaara\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\pwaara\AppData\Local\Temp\ose00000.exe
C:\Users\pwaara\AppData\Local\Temp\Quarantine.exe
C:\Users\pwaara\AppData\Local\Temp\raptrpatch.exe
C:\Users\pwaara\AppData\Local\Temp\raptr_stub.exe
C:\Users\pwaara\AppData\Local\Temp\SkypeSetup.exe
C:\Users\pwaara\AppData\Local\Temp\sqlite3.dll
C:\Users\pwaara\AppData\Local\Temp\Synology-Cloud-Station-Upgrader.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-25 13:49

==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by pwaara at 2015-07-06 08:49:17
Running from e:\Users\pwaara\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1874861057-4149539643-2466795921-500 - Administrator - Disabled)
Guest (S-1-5-21-1874861057-4149539643-2466795921-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1874861057-4149539643-2466795921-1002 - Limited - Enabled)
pwaara (S-1-5-21-1874861057-4149539643-2466795921-1001 - Administrator - Enabled) => C:\Users\pwaara

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active@ KillDisk 9.1 (HKLM\...\{81B939C1-0219-42B6-A352-D5E43F2BDFAE}_is1) (Version: 9.1 - LSoft Technologies Inc)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe CS6 Design and Web Premium (HKLM-x32\...\{402F6F2E-5683-491C-977D-0CA599A07CAF}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASUS RT-N56U Wireless Router Utilities (HKLM-x32\...\{BB5FCB34-F3DE-4FA1-A92F-F66563D280B0}) (Version: 4.2.4.8 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version: - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809) (Version: - )
Cisco WebEx Meetings (HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
CrashPlan (HKLM-x32\...\{F5DF8435-7822-4D0C-88A9-604EC76D0B06}) (Version: 3.7.0 - Code 42 Software)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.0.0 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.0.0 - Dell Inc.)
Dell Custom Help (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Foundation Services (HKLM\...\{90B2EE35-59D0-4A1F-B125-9F678D46A955}) (Version: 2.1.125.0 - Dell Inc.)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 4.0.18189 - Invincea, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.110 - ALPS ELECTRIC CO., LTD.)
Dropbox (HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Elgato Video Capture (HKLM-x32\...\{E29D0CAD-C1B2-49E5-BAE1-AB75461109A3}) (Version: 1.15.2.119 - Elgato Systems GmbH)
Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.)
FileZilla Client 3.11.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.1 - Tim Kosse)
Freemake Video Converter version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Getting Things Done Outlook Add-In (HKLM-x32\...\{D9ACA6BD-10A3-40C5-AE17-6B6AD4F50FEE}) (Version: 3.3.22 - NetCentrics Corporation)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel® Network Connections 19.2.104.00 (HKLM\...\PROSetDX) (Version: 19.2.104.00 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1212-148929CC1385}) (Version: 2.6.1212.0302 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.5.0.87 - Intel Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
Intel® WiDi (HKLM\...\{62E7C369-64FF-452C-8F46-6BE9B77FF097}) (Version: 4.0.18.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{fae8de85-97ab-4053-a8bb-03bfc86ac533}) (Version: 15.6.1 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5988 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0051 - ST Microelectronics)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Synology Cloud Station (HKLM-x32\...\{DB4EE1F5-EAAC-44AF-A254-119C1866CCC4}) (Version: 3.2.3475 - Synology)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
Video Capture v7.07.0.127 (HKLM-x32\...\Software_Elgato_Video Capture) (Version: 7.07.0.127 - Elgato Systems)
WOL Magic Packet Sender (HKLM-x32\...\{E268ADBD-A002-4684-AEDF-EA0F83F7E00B}) (Version: 1.5.0 - Zwalisoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pwaara\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-06-2015 14:22:36 Installed Evernote v. 5.8.8
04-06-2015 11:21:51 Device Driver Package Install: Synology Universal Serial Bus controllers
05-06-2015 03:00:10 Windows Update
09-06-2015 08:38:24 Windows Update
11-06-2015 03:00:13 Windows Update
16-06-2015 09:45:46 Windows Update
19-06-2015 10:25:04 Windows Update
24-06-2015 14:39:09 Windows Update
30-06-2015 09:51:08 Windows Update
30-06-2015 21:29:08 Installed Evernote v. 5.8.12
03-07-2015 08:44:10 Installed Evernote v. 5.8.13

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-06-28 10:53 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2D001CB5-1683-4F48-AFDA-40236659077F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-10] (Microsoft Corporation)
Task: {31EC0E9E-5C4E-43E4-AE6D-75CC1E20C0C6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {4D5D26AA-1BEE-4E79-99AF-64EBF9C9F5F4} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2012-11-23] (Intel Corporation)
Task: {72368F1D-FB17-482A-B1E0-E28D322D05FB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1874861057-4149539643-2466795921-1001Core => C:\Users\pwaara\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {8A181EE4-FFAD-4BD7-BA81-F8F19AE3AF86} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-25] (Adobe Systems Incorporated)
Task: {B505E0DC-C52F-4E02-9A8A-CA8F12015026} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2012-11-23] (Intel Corporation)
Task: {C5BB9914-0419-45DC-B515-788A5895295A} - System32\Tasks\AdobeAAMUpdater-1.0-responseagility-pwaara => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {E7A1CEA9-A2D9-4CC5-94BF-28536680BB34} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {E83CC242-5E40-4663-8128-B98266865535} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1874861057-4149539643-2466795921-1001UA => C:\Users\pwaara\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1874861057-4149539643-2466795921-1001Core.job => C:\Users\pwaara\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1874861057-4149539643-2466795921-1001UA.job => C:\Users\pwaara\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-11 03:12 - 2015-05-11 03:12 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-05-22 10:44 - 2015-05-22 10:44 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2010-10-20 21:23 - 2010-10-20 21:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 06:17 - 2013-09-05 06:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-05-28 07:20 - 2015-05-28 07:20 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-28 07:20 - 2015-05-28 07:20 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-29 14:58 - 2015-06-29 14:58 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15062901\algo.dll
2015-07-06 08:42 - 2015-07-06 08:42 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070601\algo.dll
2014-11-20 12:12 - 2014-11-20 12:12 - 00013312 _____ () C:\Program Files (x86)\CrashPlan\md5.dll
2015-05-16 01:11 - 2015-05-16 01:11 - 00197120 _____ () C:\Program Files (x86)\CrashPlan\cpnative.dll
2013-09-05 06:14 - 2013-09-05 06:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 21:45 - 2010-10-20 21:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-06-29 22:47 - 2015-06-29 22:47 - 00043008 _____ () c:\users\pwaara\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaebx43.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00750080 _____ () C:\Users\pwaara\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00047616 _____ () C:\Users\pwaara\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00865280 _____ () C:\Users\pwaara\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00200704 _____ () C:\Users\pwaara\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\pwaara\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00726016 _____ () C:\Users\pwaara\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\pwaara\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-03-11 22:15 - 2015-03-11 22:15 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00123918 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00524460 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00115214 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 01026062 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 03095505 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 01798570 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 21565192 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 02874155 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00712704 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00031744 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00046080 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00032768 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00516608 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00243200 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00431616 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2015-06-25 10:33 - 2015-06-25 10:33 - 00115214 _____ () C:\Users\pwaara\AppData\Local\CloudStation\CloudStation.app\bin\ZLIB1.dll
2014-04-29 18:23 - 2014-04-29 18:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-02-26 13:07 - 2015-02-09 12:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2015-01-06 07:36 - 2012-11-26 01:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 13:07 - 2014-02-18 15:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2015-06-25 16:58 - 2015-06-25 16:58 - 17321648 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll
2015-05-22 10:44 - 2015-05-22 10:44 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-07-01 17:35 - 2015-07-01 17:35 - 21121032 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll
2015-07-01 17:36 - 2015-07-01 17:36 - 00212488 _____ () C:\Program Files (x86)\Evernote\Evernote\websockets.dll
2015-07-01 17:35 - 2015-07-01 17:35 - 00439304 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2015-07-01 17:35 - 2015-07-01 17:35 - 00321032 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-07-01 17:35 - 2015-07-01 17:35 - 00988696 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll
2015-07-01 17:35 - 2015-07-01 17:35 - 00138776 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll
2015-07-01 17:35 - 2015-07-01 17:35 - 00195096 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll
2013-09-05 06:14 - 2013-09-05 06:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2011-09-05 13:05 - 2011-09-05 13:05 - 04160416 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-02-14 21:46 - 2013-02-14 21:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-07-01 17:35 - 2015-07-01 17:35 - 00074248 _____ () C:\Program Files (x86)\Evernote\Evernote\Microsoft.DwayneNeed.Win32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3895
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3947
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4045

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pwaara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BA54F209-93CD-4DB8-8AF6-8784A8440F6B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{AA023EAC-431C-4C64-B466-8657A430961D}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{4A63CF5B-BED2-4C31-9E12-E45A3C150AA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3D827A1C-9DC9-443A-A649-93498608267F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16F8EE0C-B449-41C8-8501-F48CB8F768D1}] => (Allow) C:\Users\pwaara\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CC5201D0-1C4D-4E15-B445-B6E32E5063A9}] => (Allow) C:\Users\pwaara\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1CC1DE14-AEB6-486C-8E24-F6ED3D2EC3EE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C8C4AAF4-5B95-43DE-BE4C-C9ADADFEB283}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{9FD29BD6-09D3-4EB0-98C8-530CB014B6AC}C:\users\pwaara\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pwaara\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6ACC067E-C27B-413E-82EF-AD707DC59E41}C:\users\pwaara\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pwaara\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{341DBAC8-0A0A-4EEE-A829-1287AD20765A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F1F9FD26-6950-40E2-9E76-4551A3DB0736}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{416B00DC-7A7E-4504-96D9-B30053AFF61D}] => (Allow) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
FirewallRules: [{6BF25A03-4758-4D4B-A212-C76CD40490C9}] => (Allow) C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
FirewallRules: [{71DB3F1A-2017-4BA4-8AB1-60930D17132C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8F4228F-F237-4BFB-B2AE-9535BBE8A110}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9E8148DF-C625-48F0-A611-20DC0EBF34F9}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E8DF3C77-9765-4ED1-B543-A85409FFB79F}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{CAD574F3-7375-41DE-A9C7-4A03899935C4}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C70E007C-EC5C-46BD-B369-ACEEC0369A2D}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\Discovery.exe
FirewallRules: [{5BE582DC-4AD1-4F7D-B70C-1B395BDAEB7A}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\Discovery.exe
FirewallRules: [{ED054E4F-7FE4-4963-96B1-DD20E627BC68}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\Rescue.exe
FirewallRules: [{12B834E3-2F63-493F-9CDC-112B134201E2}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\Rescue.exe
FirewallRules: [{B944C38D-9BDA-4141-8366-5BBB064D5779}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\Download.exe
FirewallRules: [{6CA098B1-3882-4A90-9593-61976672EF7A}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\Download.exe
FirewallRules: [{69D42A95-A08B-4ACA-9B53-9EB6D94B6E88}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\LiveUpdate.exe
FirewallRules: [{17D9049D-7139-49D2-A6B9-EC01EA3CD656}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\LiveUpdate.exe
FirewallRules: [{9ADABD74-5B4C-49F6-B96A-2113A26325F1}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\QISWizard.exe
FirewallRules: [{17CA3A4A-C78B-42A1-8BB8-F56596A44E74}] => (Allow) C:\Program Files (x86)\ASUS\RT-N56U Wireless Router Utilities\QISWizard.exe
FirewallRules: [TCP Query User{5B526BA9-A5F5-4C80-80F0-4909CE020EA9}C:\users\pwaara\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\pwaara\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{ACB6E8D2-2C06-4240-AE4F-056F4A4098E9}C:\users\pwaara\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\pwaara\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [{BF37936D-756F-45FC-86CD-30F91083B43A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A77D8E63-22CC-4956-8C2B-A9FD7811CF3A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{1AE30A47-1E57-4F2D-ABC8-03CB50B8E138}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{4337BC10-2C36-4A85-B4A3-E98C900AF3F6}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{68191A2C-3442-46AC-A216-A9215F5EF0C6}] => (Allow) C:\Users\pwaara\AppData\Local\Temp\nsgD138.tmp\CnetInstaller-10073508.exe
FirewallRules: [{5A7A068A-293F-4AE6-9C6F-4E21756A1D2E}] => (Allow) C:\Users\pwaara\AppData\Local\Temp\nsgD138.tmp\CnetInstaller-10073508.exe
FirewallRules: [TCP Query User{FD7790A5-23CA-49C6-ADF7-327AFB022ECD}C:\users\pwaara\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\pwaara\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{E175071A-DCD7-42FA-92BE-5455EB4F2DB1}C:\users\pwaara\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\pwaara\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [{3080D7C2-1280-455A-9468-079340681562}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B411D087-6699-4AEA-BDE4-CC63A45A0A8A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4B3FE02A-ECDD-4F0B-AFBD-6906F7623073}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1EAD4111-771E-4CCB-AEF9-1E5D25AFE4DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2015 09:48:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17813, time stamp: 0x554a15f3
Faulting module name: mshtml.dll, version: 11.0.9600.17842, time stamp: 0x5565d4c6
Exception code: 0xc0000005
Fault offset: 0x0000000000009296
Faulting process id: 0x2d08
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3

Error: (07/01/2015 10:01:13 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{004bc444-95a7-11e4-ba10-806e6f6e6963} - 000000000000014C,0x0053c008,000000000011AF90,0,0000000000379FD0,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired.
.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (06/30/2015 09:56:04 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook has detected that you are holding down the CTRL key. Do you want to start Outlook in safe mode?.
Rejected Safe Mode action : Microsoft Outlook.

Error: (06/25/2015 04:14:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GWXUX.exe, version: 6.3.9600.17813, time stamp: 0x554a15f3
Faulting module name: mshtml.dll, version: 11.0.9600.17842, time stamp: 0x5565d4c6
Exception code: 0xc0000005
Fault offset: 0x0000000000009296
Faulting process id: 0xfac
Faulting application start time: 0xGWXUX.exe0
Faulting application path: GWXUX.exe1
Faulting module path: GWXUX.exe2
Report Id: GWXUX.exe3

Error: (06/22/2015 10:12:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 38.0.5.5623, time stamp: 0x5563c49a
Faulting module name: mozalloc.dll, version: 38.0.5.5623, time stamp: 0x5563b229
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x1ab4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (06/22/2015 09:01:55 AM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook experienced a serious problem with the 'send to bluetooth' add-in. If you have seen this message multiple times, you should disable this add-in and check to see if an update is available. Do you want to disable this add-in?.
Rejected Safe Mode action : Microsoft Outlook.

Error: (06/22/2015 09:01:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OUTLOOK.EXE, version: 14.0.7151.5000, time stamp: 0x555461f5
Faulting module name: OUTLOOK.EXE, version: 14.0.7151.5000, time stamp: 0x555461f5
Exception code: 0xc0000005
Fault offset: 0x0023a6e7
Faulting process id: 0x351c
Faulting application start time: 0xOUTLOOK.EXE0
Faulting application path: OUTLOOK.EXE1
Faulting module path: OUTLOOK.EXE2
Report Id: OUTLOOK.EXE3

Error: (06/22/2015 09:01:38 AM) (Source: Outlook) (EventID: 1000) (User: )
Description: Add-in execution error. Outlook crashed during the 'Deactivate' callback of the 'ExplorerEvents' interface while calling into the 'Send to Bluetooth' add-in.

Error: (06/21/2015 00:34:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: Qt5Core.dll_unloaded, version: 0.0.0.0, time stamp: 0x5295cada
Exception code: 0xc0000005
Fault offset: 0x0000000066ea76da
Faulting process id: 0x4a0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (06/21/2015 11:44:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 38.0.5.5623, time stamp: 0x5563c49a
Faulting module name: mozalloc.dll, version: 38.0.5.5623, time stamp: 0x5563b229
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x32c0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3


System errors:
=============
Error: (07/01/2015 10:01:12 AM) (Source: volsnap) (EventID: 67) (User: )
Description: The shadow copy of volume \\?\Volume{004bc444-95a7-11e4-ba10-806e6f6e6963} being created failed to install.

Error: (06/29/2015 10:47:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (06/29/2015 10:46:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/29/2015 10:45:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (06/29/2015 05:09:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (06/29/2015 05:08:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/29/2015 05:08:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (06/29/2015 05:07:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (06/29/2015 05:06:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (06/29/2015 05:05:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll


Microsoft Office:
=========================
Error: (07/05/2015 09:48:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.17813554a15f3mshtml.dll11.0.9600.178425565d4c6c000000500000000000092962d0801d0b78dcc9ce233C:\Windows\System32\GWX\GWXUX.exeC:\Windows\System32\mshtml.dll0bba0211-2381-11e5-b17f-80000b6778e2

Error: (07/01/2015 10:01:13 AM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{004bc444-95a7-11e4-ba10-806e6f6e6963} - 000000000000014C,0x0053c008,000000000011AF90,0,0000000000379FD0,4096,[0])0x80070079, The semaphore timeout period has expired.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (06/30/2015 09:56:04 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook has detected that you are holding down the CTRL key. Do you want to start Outlook in safe mode?

Error: (06/25/2015 04:14:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.17813554a15f3mshtml.dll11.0.9600.178425565d4c6c00000050000000000009296fac01d0af83957cb653C:\Windows\System32\GWX\GWXUX.exeC:\Windows\System32\mshtml.dlld3d01a9d-1b76-11e5-9229-80000b6778e2

Error: (06/22/2015 10:12:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa11ab401d0ac465c6909faC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll518aa9e6-194d-11e5-83db-80000b6778e2

Error: (06/22/2015 09:01:55 AM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook experienced a serious problem with the 'send to bluetooth' add-in. If you have seen this message multiple times, you should disable this add-in and check to see if an update is available. Do you want to disable this add-in?

Error: (06/22/2015 09:01:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.7151.5000555461f5OUTLOOK.EXE14.0.7151.5000555461f5c00000050023a6e7351c01d0ab55206f3c9dC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEd10873eb-18de-11e5-83db-80000b6778e2

Error: (06/22/2015 09:01:38 AM) (Source: Outlook) (EventID: 1000) (User: )
Description: DeactivateExplorerEventsSend to Bluetooth

Error: (06/21/2015 00:34:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4Qt5Core.dll_unloaded0.0.0.05295cadac00000050000000066ea76da4a001d0a767eab65f8cC:\Windows\Explorer.EXEQt5Core.dll632a2b3f-1833-11e5-83db-80000b6778e2

Error: (06/21/2015 11:44:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa132c001d0aaa9640a5615C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll62de18f6-182c-11e5-83db-80000b6778e2


==================== Memory info ===========================

Processor: Intel® Core™ i7-4610M CPU @ 3.00GHz
Percentage of memory in use: 72%
Total physical RAM: 8097.17 MB
Available physical RAM: 2228.68 MB
Total Pagefile: 16192.55 MB
Available Pagefile: 10019.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:225.14 GB) (Free:104.97 GB) NTFS
Drive e: (CaddyDrive) (Fixed) (Total:931.39 GB) (Free:560.66 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:13.29 GB) (Free:5.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 54ABDC33)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.3 GB) - (Type=27)
Partition 3: (Not Active) - (Size=225.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

Attached Files


Edited by Oh My!, 06 July 2015 - 10:11 PM.
Posted logs


#4 pwaara

pwaara
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 06 July 2015 - 02:15 PM

Just to be clear, I still need help with this issue.  I may have inadvertantly clicked the link above misreading that I should do so if I still need help.



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:17 AM

Posted 06 July 2015 - 10:28 PM

Greetings pwaara and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

When you receive a warning from Avast there should be an option to get more information regarding the action. Click on that and provide the additional information either by typing it in your reply or attaching a screen shot.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\Run: [AdobeBridge] => [X]
Toolbar: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
C:\Users\pwaara\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\pwaara\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\pwaara\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\pwaara\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\pwaara\AppData\Local\Temp\cxtvrate.dll
C:\Users\pwaara\AppData\Local\Temp\dllnt_dump.dll
C:\Users\pwaara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaebx43.dll
C:\Users\pwaara\AppData\Local\Temp\emmon.exe
C:\Users\pwaara\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\pwaara\AppData\Local\Temp\ose00000.exe
C:\Users\pwaara\AppData\Local\Temp\Quarantine.exe
C:\Users\pwaara\AppData\Local\Temp\raptrpatch.exe
C:\Users\pwaara\AppData\Local\Temp\raptr_stub.exe
C:\Users\pwaara\AppData\Local\Temp\SkypeSetup.exe
C:\Users\pwaara\AppData\Local\Temp\sqlite3.dll
C:\Users\pwaara\AppData\Local\Temp\Synology-Cloud-Station-Upgrader.exe
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3895
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3947
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4045
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Additional Avast information
  • Fixlog
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 pwaara

pwaara
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 07 July 2015 - 06:56 AM

Here are the results you asked for, Gary.  (You may call me Pat. :wink: )  Nothing from Avast at the moment.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by pwaara at 2015-07-07 07:50:14 Run:1
Running from e:\Users\pwaara\Desktop
Loaded Profiles: pwaara (Available Profiles: pwaara)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\...\Run: [AdobeBridge] => [X]
Toolbar: HKU\S-1-5-21-1874861057-4149539643-2466795921-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
C:\Users\pwaara\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\pwaara\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\pwaara\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\pwaara\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\pwaara\AppData\Local\Temp\cxtvrate.dll
C:\Users\pwaara\AppData\Local\Temp\dllnt_dump.dll
C:\Users\pwaara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaebx43.dll
C:\Users\pwaara\AppData\Local\Temp\emmon.exe
C:\Users\pwaara\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\pwaara\AppData\Local\Temp\ose00000.exe
C:\Users\pwaara\AppData\Local\Temp\Quarantine.exe
C:\Users\pwaara\AppData\Local\Temp\raptrpatch.exe
C:\Users\pwaara\AppData\Local\Temp\raptr_stub.exe
C:\Users\pwaara\AppData\Local\Temp\SkypeSetup.exe
C:\Users\pwaara\AppData\Local\Temp\sqlite3.dll
C:\Users\pwaara\AppData\Local\Temp\Synology-Cloud-Station-Upgrader.exe
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3895
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3947
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4045
*****************

HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-1874861057-4149539643-2466795921-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found.
C:\Users\pwaara\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\AutoDetectUtilApp.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\BSvcProcessor.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\BSvcUpdater.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\cxtvrate.dll => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\dllnt_dump.dll => moved successfully.
"C:\Users\pwaara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaebx43.dll" => File/Folder not found.
C:\Users\pwaara\AppData\Local\Temp\emmon.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\FreemakeVideoConverterFull.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\ose00000.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\Quarantine.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\raptrpatch.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\raptr_stub.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\SkypeSetup.exe => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\sqlite3.dll => moved successfully.
C:\Users\pwaara\AppData\Local\Temp\Synology-Cloud-Station-Upgrader.exe => moved successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":3895" ADS removed successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":3947" ADS removed successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":4045" ADS removed successfully.

==== End of Fixlog 07:50:17 ====

Attached Files



#7 pwaara

pwaara
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 07 July 2015 - 08:00 AM

Avast is still detecting threats in URL:Mal in c:\windows\system32\svchost.exe



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:17 AM

Posted 07 July 2015 - 10:36 AM

Let's see if we can look a little deeper into the Avast warning.

 

When you receive a warning from Avast there should be an option to get more information regarding the action. Click on that and provide the additional information either by typing it in your reply or attaching a screen shot.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 pwaara

pwaara
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 08 July 2015 - 07:18 AM

Here is a screenshot from the More Information window.

 

 

Attached Files



#10 pwaara

pwaara
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 08 July 2015 - 07:20 AM

The URL referenced changes.  I get the popup whenever I log in and occasionally during the course of the day.



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:17 AM

Posted 08 July 2015 - 08:56 PM

Thanks for the screen shot. Please do these things now.

===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure only the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

RogueKiller by Tigzy

--------------------
  • Download RogueKiller and save it to your desktop
  • Close all running programs
  • For Windows 8/7/Vista users right click on the icon and select Run as Administrator
  • For Windows XP simply double click on the icon
  • The program will conduct a prescan and when finished you wlll see Prescan Finished. Please hit the scan button
  • Click Scan
  • A report should open and a copy of the report will be placed on your desktop. If not, hit the Report button.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won't run, rename it winlogon.exe (or winlogon.com) and try again
  • Copy and paste the contents of the report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Result log
  • RogueKiller log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 pwaara

pwaara
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 09 July 2015 - 07:58 AM

Here are results from farbar toolkit:

 

MiniToolBox by Farbar  Version: 01-07-2015
Ran by pwaara (administrator) on 09-07-2015 at 08:49:23
Running from "e:\Users\pwaara\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: Latitude E6540 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6235 = Wireless Network Connection (Connected)
Intel® Ethernet Connection I217-LM = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : responseagility
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 80-00-0B-67-78-DF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 80-00-0B-67-78-DF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6235
   Physical Address. . . . . . . . . : 80-00-0B-67-78-DE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1521:709c:5dc1:346b%15(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.158(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, July 08, 2015 8:03:05 AM
   Lease Expires . . . . . . . . . . : Friday, July 10, 2015 4:37:08 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 377487371
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-3D-99-FA-34-E6-D7-27-E7-14
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 80-00-0B-67-78-E2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : sjncenter.local
   Description . . . . . . . . . . . : Intel® Ethernet Connection I217-LM
   Physical Address. . . . . . . . . : 34-E6-D7-27-E7-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BC92F41C-B396-49F9-A112-21FA2B5778A9}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8823F9EB-7AAA-437D-B722-FF4DF243F59A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2099DE08-BE5C-4C3C-8288-B967D57F85C7}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A93FD147-A1E0-48E8-B852-24BE6ADAE80D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.sjncenter.local:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  router.asus.com
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:4006:80f::200e
      74.125.226.3
      74.125.226.8
      74.125.226.9
      74.125.226.5
      74.125.226.4
      74.125.226.6
      74.125.226.0
      74.125.226.14
      74.125.226.2
      74.125.226.1
      74.125.226.7


Pinging google.com [74.125.226.7] with 32 bytes of data:
Reply from 74.125.226.7: bytes=32 time=27ms TTL=53
Reply from 74.125.226.7: bytes=32 time=27ms TTL=53

Ping statistics for 74.125.226.7:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 27ms, Average = 27ms
Server:  router.asus.com
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=38ms TTL=48
Reply from 98.139.183.24: bytes=32 time=36ms TTL=48

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 36ms, Maximum = 38ms, Average = 37ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...80 00 0b 67 78 df ......Microsoft Virtual WiFi Miniport Adapter #2
 16...80 00 0b 67 78 df ......Microsoft Virtual WiFi Miniport Adapter
 15...80 00 0b 67 78 de ......Intel® Centrino® Advanced-N 6235
 14...80 00 0b 67 78 e2 ......Bluetooth Device (Personal Area Network)
 11...34 e6 d7 27 e7 14 ......Intel® Ethernet Connection I217-LM
  1...........................Software Loopback Interface 1
 37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.158     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.158    281
    192.168.0.158  255.255.255.255         On-link     192.168.0.158    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.158    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.158    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.158    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 15    281 fe80::/64                On-link
 15    281 fe80::1521:709c:5dc1:346b/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

**** End of log ****
 

Here are the results from RogueKiller:

 

RogueKiller V10.9.1.0 [Jul  9 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : pwaara [Administrator]
Started from : e:\Users\pwaara\Desktop\RogueKiller.exe
Mode : Scan -- Date : 07/09/2015 08:53:32

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG SSD PM851 2.5 7m SCSI Disk Device +++++
--- User ---
[MBR] c16b3227d69c20f84f2ba6f48b19d400
[BSP] 198c0b2e78d82fac03ff55a49387cbe0 : HP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 81920 | Size: 13614 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 27963392 | Size: 230543 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HGST HTS721010A9E6300 SCSI Disk Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 953740 MB
User = LL1 ... OK
User = LL2 ... OK
 

Let me know what you see.



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:17 AM

Posted 09 July 2015 - 11:17 AM

Greetings,

I see we have more work to do. This is next.

===================================================

Run TDSSKiller by Kaspersky

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply even if no threats are found.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.

aswMBR1.png

  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.

aswMBR2.png

  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • TDSSKiller log
  • aswMBR log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 pwaara

pwaara
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 10 July 2015 - 06:42 AM

TDSSKiller Report:

 

07:05:54.0805 0x2990  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
07:06:32.0216 0x2990  ============================================================
07:06:32.0216 0x2990  Current date / time: 2015/07/10 07:06:32.0216
07:06:32.0216 0x2990  SystemInfo:
07:06:32.0216 0x2990  
07:06:32.0216 0x2990  OS Version: 6.1.7601 ServicePack: 1.0
07:06:32.0216 0x2990  Product type: Workstation
07:06:32.0217 0x2990  ComputerName: RESPONSEAGILITY
07:06:32.0217 0x2990  UserName: pwaara
07:06:32.0217 0x2990  Windows directory: C:\Windows
07:06:32.0217 0x2990  System windows directory: C:\Windows
07:06:32.0217 0x2990  Running under WOW64
07:06:32.0217 0x2990  Processor architecture: Intel x64
07:06:32.0217 0x2990  Number of processors: 4
07:06:32.0217 0x2990  Page size: 0x1000
07:06:32.0217 0x2990  Boot type: Normal boot
07:06:32.0217 0x2990  ============================================================
07:06:32.0468 0x2990  KLMD registered as C:\Windows\system32\drivers\41495839.sys
07:06:32.0564 0x2990  System UUID: {BFD1AD58-ED9A-BEBC-4CCE-B58627EFB7B5}
07:06:32.0861 0x2990  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:06:33.0138 0x2990  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:06:33.0157 0x2990  ============================================================
07:06:33.0157 0x2990  \Device\Harddisk0\DR0:
07:06:33.0160 0x2990  MBR partitions:
07:06:33.0160 0x2990  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1AAB000, BlocksNum 0x1C247800
07:06:33.0160 0x2990  \Device\Harddisk1\DR1:
07:06:33.0160 0x2990  GPT partitions:
07:06:33.0161 0x2990  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9D43FE35-B337-468F-AF3A-00F813E68391}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
07:06:33.0162 0x2990  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B07CA820-F935-42EB-B390-1475BB202C85}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
07:06:33.0162 0x2990  MBR partitions:
07:06:33.0162 0x2990  ============================================================
07:06:33.0163 0x2990  C: <-> \Device\Harddisk0\DR0\Partition1
07:06:33.0184 0x2990  E: <-> \Device\Harddisk1\DR1\Partition2
07:06:33.0184 0x2990  ============================================================
07:06:33.0184 0x2990  Initialize success
07:06:33.0184 0x2990  ============================================================
07:06:45.0772 0x2918  ============================================================
07:06:45.0772 0x2918  Scan started
07:06:45.0772 0x2918  Mode: Manual;
07:06:45.0772 0x2918  ============================================================
07:06:45.0772 0x2918  KSN ping started
07:06:46.0076 0x2918  KSN ping finished: true
07:06:48.0246 0x2918  ================ Scan system memory ========================
07:06:48.0246 0x2918  System memory - ok
07:06:48.0246 0x2918  ================ Scan services =============================
07:06:48.0296 0x2918  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
07:06:48.0312 0x2918  1394ohci - ok
07:06:48.0334 0x2918  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
07:06:48.0342 0x2918  ACPI - ok
07:06:48.0344 0x2918  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
07:06:48.0345 0x2918  AcpiPmi - ok
07:06:48.0351 0x2918  [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:06:48.0353 0x2918  AdobeARMservice - ok
07:06:48.0375 0x2918  [ B8F7DF2DD3AA8A5AA865162F011636AD, 733AC203ABEEC3295E2CB5FC623260406EA1CF8A4DD317C637F014C9D6612DEB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:06:48.0378 0x2918  AdobeFlashPlayerUpdateSvc - ok
07:06:48.0390 0x2918  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:06:48.0401 0x2918  adp94xx - ok
07:06:48.0411 0x2918  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:06:48.0420 0x2918  adpahci - ok
07:06:48.0426 0x2918  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:06:48.0430 0x2918  adpu320 - ok
07:06:48.0434 0x2918  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:06:48.0436 0x2918  AeLookupSvc - ok
07:06:48.0449 0x2918  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
07:06:48.0458 0x2918  AFD - ok
07:06:48.0462 0x2918  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
07:06:48.0464 0x2918  agp440 - ok
07:06:48.0468 0x2918  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
07:06:48.0471 0x2918  ALG - ok
07:06:48.0473 0x2918  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:06:48.0474 0x2918  aliide - ok
07:06:48.0484 0x2918  [ 4412366B45CE4265F48CBAFAF27B88FA, C78126EB55A24B83E19FB659884BB8244AF69654BB6A07FC740F46ECF6634D76 ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
07:06:48.0492 0x2918  Amazon Download Agent - ok
07:06:48.0501 0x2918  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
07:06:48.0509 0x2918  AMD External Events Utility - ok
07:06:48.0512 0x2918  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
07:06:48.0513 0x2918  amdide - ok
07:06:48.0519 0x2918  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:06:48.0523 0x2918  AmdK8 - ok
07:06:48.0898 0x2918  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
07:06:49.0242 0x2918  amdkmdag - ok
07:06:49.0279 0x2918  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
07:06:49.0290 0x2918  amdkmdap - ok
07:06:49.0295 0x2918  [ 3F11DB5FF2B4E52CA4B5979A37B97A6F, 59350E37AB2FE8D7290B0B9A4C84ADBC69A4EBCEA5AD208E2E5D047C8EE5B65A ] amdkmpfd        C:\Windows\system32\DRIVERS\amdkmpfd.sys
07:06:49.0297 0x2918  amdkmpfd - ok
07:06:49.0300 0x2918  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
07:06:49.0302 0x2918  AmdPPM - ok
07:06:49.0306 0x2918  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
07:06:49.0309 0x2918  amdsata - ok
07:06:49.0314 0x2918  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
07:06:49.0318 0x2918  amdsbs - ok
07:06:49.0320 0x2918  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
07:06:49.0321 0x2918  amdxata - ok
07:06:49.0336 0x2918  [ 02C7FFB7791AC5B0A2A5EBA5E01F18CA, FE07FC0417F7BC7A5F36A14FC717C17EA12236C400D51A0B3165CF604AEFFFBF ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
07:06:49.0346 0x2918  ApfiltrService - ok
07:06:49.0353 0x2918  [ 39E327BC1E1FB314E1C3960B68A25DF5, 1C508FB786C7CC16A8C90312EC184A137D3C54B1E9AD3D8D072E40D2AFCF1C24 ] ApHidMonitorService C:\Program Files\DellTPad\HidMonitorSvc.exe
07:06:49.0355 0x2918  ApHidMonitorService - ok
07:06:49.0359 0x2918  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
07:06:49.0361 0x2918  AppID - ok
07:06:49.0364 0x2918  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
07:06:49.0365 0x2918  AppIDSvc - ok
07:06:49.0369 0x2918  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
07:06:49.0371 0x2918  Appinfo - ok
07:06:49.0378 0x2918  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
07:06:49.0382 0x2918  AppMgmt - ok
07:06:49.0387 0x2918  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
07:06:49.0390 0x2918  arc - ok
07:06:49.0395 0x2918  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:06:49.0397 0x2918  arcsas - ok
07:06:49.0410 0x2918  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:06:49.0413 0x2918  aspnet_state - ok
07:06:49.0416 0x2918  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
07:06:49.0417 0x2918  aswHwid - ok
07:06:49.0421 0x2918  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
07:06:49.0423 0x2918  aswMonFlt - ok
07:06:49.0426 0x2918  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
07:06:49.0429 0x2918  aswRdr - ok
07:06:49.0432 0x2918  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
07:06:49.0433 0x2918  aswRvrt - ok
07:06:49.0451 0x2918  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
07:06:49.0466 0x2918  aswSnx - ok
07:06:49.0475 0x2918  [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
07:06:49.0482 0x2918  aswSP - ok
07:06:49.0487 0x2918  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\Windows\system32\drivers\aswStm.sys
07:06:49.0490 0x2918  aswStm - ok
07:06:49.0497 0x2918  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
07:06:49.0501 0x2918  aswVmm - ok
07:06:49.0504 0x2918  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:06:49.0505 0x2918  AsyncMac - ok
07:06:49.0508 0x2918  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
07:06:49.0509 0x2918  atapi - ok
07:06:49.0524 0x2918  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:06:49.0535 0x2918  AudioEndpointBuilder - ok
07:06:49.0549 0x2918  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
07:06:49.0557 0x2918  AudioSrv - ok
07:06:49.0567 0x2918  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:06:49.0572 0x2918  avast! Antivirus - ok
07:06:49.0634 0x2918  [ 46C430FE178028F7AD151B62EBA3EEC5, C883B7A974A629549470B28532640C1FD2166CC4F95C69E4C4A1596AF5A5A331 ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
07:06:49.0689 0x2918  AvastVBoxSvc - ok
07:06:49.0699 0x2918  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
07:06:49.0702 0x2918  AxInstSV - ok
07:06:49.0715 0x2918  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
07:06:49.0726 0x2918  b06bdrv - ok
07:06:49.0737 0x2918  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
07:06:49.0744 0x2918  b57nd60a - ok
07:06:49.0750 0x2918  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
07:06:49.0753 0x2918  BDESVC - ok
07:06:49.0755 0x2918  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:06:49.0756 0x2918  Beep - ok
07:06:49.0776 0x2918  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
07:06:49.0811 0x2918  BFE - ok
07:06:49.0836 0x2918  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
07:06:49.0858 0x2918  BITS - ok
07:06:49.0862 0x2918  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
07:06:49.0864 0x2918  blbdrive - ok
07:06:49.0889 0x2918  [ 5062D6889EFA23AC95B0D57E1F86B44B, 796E0D13C56F521F54BAF34CE3BF40BE19EC3575F586EC1D64704EE4D594A2EA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
07:06:49.0909 0x2918  Bluetooth Device Monitor - ok
07:06:49.0938 0x2918  [ F4A77AEE1EE6D1C11DBCC1E989D5F21C, 6982B93336E6012112E2D427344784023109A9BD42BE659569BCC522ED8421E5 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
07:06:49.0964 0x2918  Bluetooth Media Service - ok
07:06:49.0989 0x2918  [ 4067CC51F03D27E4C0D5F121D242372C, CAFD179371B16E2C89392E1C8A183EACC822833C19A20C629C83B1BF0B99286A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
07:06:50.0009 0x2918  Bluetooth OBEX Service - ok
07:06:50.0015 0x2918  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:06:50.0017 0x2918  bowser - ok
07:06:50.0020 0x2918  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
07:06:50.0022 0x2918  BrFiltLo - ok
07:06:50.0025 0x2918  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
07:06:50.0025 0x2918  BrFiltUp - ok
07:06:50.0031 0x2918  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
07:06:50.0035 0x2918  Browser - ok
07:06:50.0043 0x2918  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
07:06:50.0048 0x2918  Brserid - ok
07:06:50.0052 0x2918  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
07:06:50.0054 0x2918  BrSerWdm - ok
07:06:50.0056 0x2918  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
07:06:50.0057 0x2918  BrUsbMdm - ok
07:06:50.0060 0x2918  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
07:06:50.0061 0x2918  BrUsbSer - ok
07:06:50.0064 0x2918  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
07:06:50.0066 0x2918  BthEnum - ok
07:06:50.0069 0x2918  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:06:50.0071 0x2918  BTHMODEM - ok
07:06:50.0075 0x2918  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
07:06:50.0079 0x2918  BthPan - ok
07:06:50.0092 0x2918  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
07:06:50.0105 0x2918  BTHPORT - ok
07:06:50.0109 0x2918  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
07:06:50.0111 0x2918  bthserv - ok
07:06:50.0115 0x2918  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
07:06:50.0119 0x2918  BTHUSB - ok
07:06:50.0124 0x2918  [ 49E91B6E57D0BD0CC590471C276757BC, B4CAEFAD684BABC269C7AE93FCD0CC3B837747FDC9C987A051DF64ACCADA2DB3 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
07:06:50.0127 0x2918  btmaux - ok
07:06:50.0153 0x2918  [ 4737C8492F4F14D6F109DD231D566536, EB313933A58E6BE04F847D11F7457F82CC0A0FB4EF17F16AE5A19B9014D33A25 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
07:06:50.0175 0x2918  btmhsf - ok
07:06:50.0180 0x2918  [ 32B94975BF6F101C27C43E90FF8ABBEB, B5475D9A705894CBFA583D6E9DAF969527A75800E98D0288182BAB2F10136642 ] busenum         C:\Windows\system32\DRIVERS\busenum.sys
07:06:50.0182 0x2918  busenum - ok
07:06:50.0186 0x2918  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:06:50.0190 0x2918  cdfs - ok
07:06:50.0195 0x2918  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:06:50.0199 0x2918  cdrom - ok
07:06:50.0203 0x2918  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
07:06:50.0206 0x2918  CertPropSvc - ok
07:06:50.0209 0x2918  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
07:06:50.0210 0x2918  circlass - ok
07:06:50.0218 0x2918  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
07:06:50.0224 0x2918  CLFS - ok
07:06:50.0229 0x2918  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:06:50.0231 0x2918  clr_optimization_v2.0.50727_32 - ok
07:06:50.0237 0x2918  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:06:50.0241 0x2918  clr_optimization_v2.0.50727_64 - ok
07:06:50.0252 0x2918  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:06:50.0263 0x2918  clr_optimization_v4.0.30319_32 - ok
07:06:50.0271 0x2918  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:06:50.0282 0x2918  clr_optimization_v4.0.30319_64 - ok
07:06:50.0293 0x2918  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
07:06:50.0296 0x2918  CmBatt - ok
07:06:50.0300 0x2918  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:06:50.0301 0x2918  cmdide - ok
07:06:50.0312 0x2918  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
07:06:50.0321 0x2918  CNG - ok
07:06:50.0324 0x2918  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
07:06:50.0326 0x2918  Compbatt - ok
07:06:50.0329 0x2918  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
07:06:50.0330 0x2918  CompositeBus - ok
07:06:50.0332 0x2918  COMSysApp - ok
07:06:50.0354 0x2918  [ 1744B49845C6F9BA10C4E24F7AA4C7D7, 61E781501EAB7E5671A699397D5DC95A579C10642CB17D4A57AD4B96ADE1A89B ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
07:06:50.0372 0x2918  cphs - ok
07:06:50.0388 0x2918  [ 664922DE3B0A1344D083943AF6AA4CC2, 38F22DFC8107716D6940E3FFB8C349BFB277925F4EC2F61703C6144DE0BD1452 ] CrashPlanService C:\Program Files (x86)\CrashPlan\CrashPlanService.exe
07:06:50.0391 0x2918  CrashPlanService - ok
07:06:50.0395 0x2918  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:06:50.0396 0x2918  crcdisk - ok
07:06:50.0404 0x2918  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:06:50.0408 0x2918  CryptSvc - ok
07:06:50.0423 0x2918  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
07:06:50.0444 0x2918  CSC - ok
07:06:50.0479 0x2918  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
07:06:50.0532 0x2918  CscService - ok
07:06:50.0559 0x2918  [ 277FD8CF488624C1D7A12FDBDAD57974, 494FDA99006AE479AA662B31F1EDA1418B7187E03254DA8C06EC462C653E9956 ] CXPLRCAP        C:\Windows\system32\drivers\elvidcap.sys
07:06:50.0565 0x2918  CXPLRCAP - ok
07:06:50.0598 0x2918  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:06:50.0610 0x2918  DcomLaunch - ok
07:06:50.0619 0x2918  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
07:06:50.0626 0x2918  defragsvc - ok
07:06:50.0630 0x2918  [ D75CDC5F38AAFBD2287814214F822879, 44E4D56C37613C94251F73781D97BA005D8639E90883E68C372C0DEAB281FDDC ] Dell Foundation Services C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
07:06:50.0632 0x2918  Dell Foundation Services - ok
07:06:50.0635 0x2918  Dell.CommandPowerManager.Service - ok
07:06:50.0642 0x2918  [ EA26A4A4EFF6F5677C8745D274E23913, 32B9CB58B34E23126E18CFB5AA75AEC2EF1D5A8A7ACBCBEF4B3ACCB20FD1B8C4 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
07:06:50.0647 0x2918  DellDigitalDelivery - ok
07:06:50.0652 0x2918  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:06:50.0655 0x2918  DfsC - ok
07:06:50.0665 0x2918  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
07:06:50.0672 0x2918  Dhcp - ok
07:06:50.0693 0x2918  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
07:06:50.0711 0x2918  DiagTrack - ok
07:06:50.0715 0x2918  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
07:06:50.0716 0x2918  discache - ok
07:06:50.0720 0x2918  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
07:06:50.0723 0x2918  Disk - ok
07:06:50.0727 0x2918  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
07:06:50.0730 0x2918  dmvsc - ok
07:06:50.0735 0x2918  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:06:50.0739 0x2918  Dnscache - ok
07:06:50.0748 0x2918  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
07:06:50.0755 0x2918  dot3svc - ok
07:06:50.0762 0x2918  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
07:06:50.0767 0x2918  DPS - ok
07:06:50.0769 0x2918  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:06:50.0770 0x2918  drmkaud - ok
07:06:50.0793 0x2918  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:06:50.0812 0x2918  DXGKrnl - ok
07:06:50.0828 0x2918  [ C47C212490AE1C2AB4A34A40C39485B4, 1B739D8F5BA344F14C78B547ABE281EEE13916D976A7E97B39A9E779D198B9E3 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
07:06:50.0842 0x2918  e1dexpress - ok
07:06:50.0847 0x2918  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
07:06:50.0851 0x2918  EapHost - ok
07:06:50.0915 0x2918  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
07:06:50.0975 0x2918  ebdrv - ok
07:06:50.0981 0x2918  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
07:06:50.0983 0x2918  EFS - ok
07:06:51.0000 0x2918  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:06:51.0014 0x2918  ehRecvr - ok
07:06:51.0019 0x2918  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
07:06:51.0023 0x2918  ehSched - ok
07:06:51.0039 0x2918  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:06:51.0051 0x2918  elxstor - ok
07:06:51.0054 0x2918  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
07:06:51.0055 0x2918  ErrDev - ok
07:06:51.0085 0x2918  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
07:06:51.0102 0x2918  EventSystem - ok
07:06:51.0147 0x2918  [ 00B132F23AA25DEF2060D490B0AB70EF, AAE3BA09C2201EA27D3DB761B3D3E8A3EE80A14B451B743F4DF1281D87166857 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
07:06:51.0172 0x2918  EvtEng - ok
07:06:51.0190 0x2918  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
07:06:51.0196 0x2918  exfat - ok
07:06:51.0204 0x2918  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:06:51.0213 0x2918  fastfat - ok
07:06:51.0278 0x2918  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
07:06:51.0295 0x2918  Fax - ok
07:06:51.0300 0x2918  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
07:06:51.0302 0x2918  fdc - ok
07:06:51.0304 0x2918  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
07:06:51.0306 0x2918  fdPHost - ok
07:06:51.0308 0x2918  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:06:51.0310 0x2918  FDResPub - ok
07:06:51.0313 0x2918  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:06:51.0314 0x2918  FileInfo - ok
07:06:51.0317 0x2918  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:06:51.0319 0x2918  Filetrace - ok
07:06:51.0321 0x2918  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
07:06:51.0322 0x2918  flpydisk - ok
07:06:51.0330 0x2918  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:06:51.0336 0x2918  FltMgr - ok
07:06:51.0355 0x2918  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
07:06:51.0372 0x2918  FontCache - ok
07:06:51.0376 0x2918  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:06:51.0378 0x2918  FontCache3.0.0.0 - ok
07:06:51.0382 0x2918  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
07:06:51.0384 0x2918  FsDepends - ok
07:06:51.0386 0x2918  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:06:51.0387 0x2918  Fs_Rec - ok
07:06:51.0394 0x2918  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
07:06:51.0398 0x2918  fvevol - ok
07:06:51.0402 0x2918  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:06:51.0405 0x2918  gagp30kx - ok
07:06:51.0423 0x2918  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
07:06:51.0437 0x2918  gpsvc - ok
07:06:51.0441 0x2918  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
07:06:51.0443 0x2918  hcw85cir - ok
07:06:51.0453 0x2918  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:06:51.0461 0x2918  HdAudAddService - ok
07:06:51.0466 0x2918  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:06:51.0470 0x2918  HDAudBus - ok
07:06:51.0473 0x2918  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
07:06:51.0475 0x2918  HidBatt - ok
07:06:51.0478 0x2918  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:06:51.0481 0x2918  HidBth - ok
07:06:51.0484 0x2918  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
07:06:51.0486 0x2918  HidIr - ok
07:06:51.0489 0x2918  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
07:06:51.0492 0x2918  hidserv - ok
07:06:51.0495 0x2918  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:06:51.0496 0x2918  HidUsb - ok
07:06:51.0500 0x2918  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:06:51.0503 0x2918  hkmsvc - ok
07:06:51.0510 0x2918  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:06:51.0517 0x2918  HomeGroupListener - ok
07:06:51.0523 0x2918  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:06:51.0528 0x2918  HomeGroupProvider - ok
07:06:51.0531 0x2918  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
07:06:51.0533 0x2918  HpSAMD - ok
07:06:51.0546 0x2918  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:06:51.0557 0x2918  HTTP - ok
07:06:51.0560 0x2918  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
07:06:51.0561 0x2918  hwpolicy - ok
07:06:51.0565 0x2918  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
07:06:51.0568 0x2918  i8042prt - ok
07:06:51.0584 0x2918  [ 9EBE1AE8B3DA91D06BE1971EB37F7DA0, 55B0E66139C966AF0D4955B44363123198C559968C864DA85F6610CF1C844E8D ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
07:06:51.0592 0x2918  iaStorA - ok
07:06:51.0595 0x2918  [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:06:51.0596 0x2918  IAStorDataMgrSvc - ok
07:06:51.0599 0x2918  [ C018747131B4E90E9267BA5B31EB43A7, 0FA045B63500D6AA98CADD72BA8052BD2631387FD1270A9FD5A77EB7A7A14536 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
07:06:51.0600 0x2918  iaStorF - ok
07:06:51.0610 0x2918  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
07:06:51.0617 0x2918  iaStorV - ok
07:06:51.0621 0x2918  [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
07:06:51.0624 0x2918  ibtfltcoex - ok
07:06:51.0642 0x2918  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:06:51.0659 0x2918  idsvc - ok
07:06:51.0662 0x2918  IEEtwCollectorService - ok
07:06:51.0740 0x2918  [ 0AECABC08F9AB4E504935B7662123B6E, 79D1C801A8FB0920469D6088158C518481485A065E8AF2E580FE4FCC1DE8F39B ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
07:06:51.0837 0x2918  igfx - ok
07:06:51.0844 0x2918  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:06:51.0846 0x2918  iirsp - ok
07:06:51.0865 0x2918  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
07:06:51.0881 0x2918  IKEEXT - ok
07:06:51.0885 0x2918  [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
07:06:51.0887 0x2918  intaud_WaveExtensible - ok
07:06:51.0932 0x2918  [ CCB47A176CC6D8B6A092695A0D929A95, F32BF742F9B385EE3175EEEAD057FFC49A41E9D994BB9EED192C36511D52F36D ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
07:06:51.0974 0x2918  IntcAzAudAddService - ok
07:06:51.0986 0x2918  [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
07:06:51.0997 0x2918  IntcDAud - ok
07:06:52.0017 0x2918  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
07:06:52.0033 0x2918  Intel® Capability Licensing Service TCP IP Interface - ok
07:06:52.0040 0x2918  [ 98D8094CC724D751E8EC3B2B3446FAA3, DC88496C0D92B4BCCD71467DE3C5D346DF9B5A27BAE703FF53168A284D2F64A5 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
07:06:52.0046 0x2918  Intel® PROSet Monitoring Service - ok
07:06:52.0048 0x2918  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
07:06:52.0049 0x2918  intelide - ok
07:06:52.0052 0x2918  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:06:52.0054 0x2918  intelppm - ok
07:06:52.0058 0x2918  [ 5110BDC376983C85C36E1FAB868BD9B9, 97884A8493BBC35CA8BD8ED4A08E8191D6144E12F95B4B2707161CBD61F97C45 ] InvProtectDrv   C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys
07:06:52.0060 0x2918  InvProtectDrv - ok
07:06:52.0114 0x2918  [ 7E0635798816219A3B93F6D60EAC1803, 38FA226A88A199D650FA27325E32AC95AC91C9ACEF152C23F41E2FF39BF83837 ] InvProtectSvc   C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
07:06:52.0163 0x2918  InvProtectSvc - ok
07:06:52.0170 0x2918  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:06:52.0173 0x2918  IPBusEnum - ok
07:06:52.0177 0x2918  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:06:52.0180 0x2918  IpFilterDriver - ok
07:06:52.0195 0x2918  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:06:52.0207 0x2918  iphlpsvc - ok
07:06:52.0212 0x2918  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
07:06:52.0215 0x2918  IPMIDRV - ok
07:06:52.0221 0x2918  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
07:06:52.0225 0x2918  IPNAT - ok
07:06:52.0227 0x2918  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:06:52.0228 0x2918  IRENUM - ok
07:06:52.0231 0x2918  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:06:52.0232 0x2918  isapnp - ok
07:06:52.0240 0x2918  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
07:06:52.0247 0x2918  iScsiPrt - ok
07:06:52.0250 0x2918  [ 83E5C169258459BC8D069C08106E6779, 1D5441EA2779CFC5A93A1372A7C34CD968A75D58A71107858468A1640721F47E ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
07:06:52.0251 0x2918  iusb3hcs - ok
07:06:52.0262 0x2918  [ A858FEA618433EA053858F4C63A411EA, A194E8C07332847ABC09CC55ABB3D4AA9FEC29F053A3025FCAC7841AFE5F21F2 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
07:06:52.0269 0x2918  iusb3hub - ok
07:06:52.0286 0x2918  [ C77F6D488C5F4A7AB4357895BD6EC1FF, EED9B5A71E2C58E15482F36218815E9D9C091F9CEC43D1FD9E90BCAD6A8DB216 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
07:06:52.0300 0x2918  iusb3xhc - ok
07:06:52.0304 0x2918  [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
07:06:52.0305 0x2918  iwdbus - ok
07:06:52.0312 0x2918  [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
07:06:52.0315 0x2918  jhi_service - ok
07:06:52.0318 0x2918  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:06:52.0319 0x2918  kbdclass - ok
07:06:52.0322 0x2918  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:06:52.0324 0x2918  kbdhid - ok
07:06:52.0326 0x2918  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
07:06:52.0328 0x2918  KeyIso - ok
07:06:52.0331 0x2918  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:06:52.0334 0x2918  KSecDD - ok
07:06:52.0338 0x2918  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
07:06:52.0341 0x2918  KSecPkg - ok
07:06:52.0344 0x2918  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
07:06:52.0345 0x2918  ksthunk - ok
07:06:52.0357 0x2918  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:06:52.0366 0x2918  KtmRm - ok
07:06:52.0374 0x2918  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
07:06:52.0380 0x2918  LanmanServer - ok
07:06:52.0384 0x2918  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:06:52.0389 0x2918  LanmanWorkstation - ok
07:06:52.0395 0x2918  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:06:52.0397 0x2918  lltdio - ok
07:06:52.0405 0x2918  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:06:52.0412 0x2918  lltdsvc - ok
07:06:52.0414 0x2918  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:06:52.0416 0x2918  lmhosts - ok
07:06:52.0426 0x2918  [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:06:52.0434 0x2918  LMS - ok
07:06:52.0439 0x2918  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:06:52.0442 0x2918  LSI_FC - ok
07:06:52.0448 0x2918  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:06:52.0453 0x2918  LSI_SAS - ok
07:06:52.0456 0x2918  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
07:06:52.0457 0x2918  LSI_SAS2 - ok
07:06:52.0462 0x2918  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:06:52.0464 0x2918  LSI_SCSI - ok
07:06:52.0468 0x2918  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
07:06:52.0471 0x2918  luafv - ok
07:06:52.0474 0x2918  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
07:06:52.0475 0x2918  MBAMProtector - ok
07:06:52.0493 0x2918  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
07:06:52.0508 0x2918  MBAMService - ok
07:06:52.0512 0x2918  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
07:06:52.0514 0x2918  MBAMWebAccessControl - ok
07:06:52.0517 0x2918  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:06:52.0520 0x2918  Mcx2Svc - ok
07:06:52.0523 0x2918  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:06:52.0526 0x2918  megasas - ok
07:06:52.0535 0x2918  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
07:06:52.0542 0x2918  MegaSR - ok
07:06:52.0546 0x2918  [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
07:06:52.0549 0x2918  MEIx64 - ok
07:06:52.0555 0x2918  Microsoft SharePoint Workspace Audit Service - ok
07:06:52.0558 0x2918  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
07:06:52.0561 0x2918  MMCSS - ok
07:06:52.0564 0x2918  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
07:06:52.0565 0x2918  Modem - ok
07:06:52.0567 0x2918  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:06:52.0568 0x2918  monitor - ok
07:06:52.0571 0x2918  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:06:52.0573 0x2918  mouclass - ok
07:06:52.0577 0x2918  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
07:06:52.0578 0x2918  mouhid - ok
07:06:52.0582 0x2918  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
07:06:52.0585 0x2918  mountmgr - ok
07:06:52.0589 0x2918  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:06:52.0592 0x2918  MozillaMaintenance - ok
07:06:52.0598 0x2918  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:06:52.0602 0x2918  mpio - ok
07:06:52.0606 0x2918  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:06:52.0608 0x2918  mpsdrv - ok
07:06:52.0629 0x2918  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:06:52.0650 0x2918  MpsSvc - ok
07:06:52.0655 0x2918  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:06:52.0658 0x2918  MRxDAV - ok
07:06:52.0664 0x2918  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:06:52.0668 0x2918  mrxsmb - ok
07:06:52.0676 0x2918  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:06:52.0681 0x2918  mrxsmb10 - ok
07:06:52.0684 0x2918  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:06:52.0688 0x2918  mrxsmb20 - ok
07:06:52.0691 0x2918  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
07:06:52.0693 0x2918  msahci - ok
07:06:52.0697 0x2918  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:06:52.0700 0x2918  msdsm - ok
07:06:52.0705 0x2918  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
07:06:52.0710 0x2918  MSDTC - ok
07:06:52.0714 0x2918  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:06:52.0715 0x2918  Msfs - ok
07:06:52.0717 0x2918  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
07:06:52.0718 0x2918  mshidkmdf - ok
07:06:52.0721 0x2918  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:06:52.0722 0x2918  msisadrv - ok
07:06:52.0728 0x2918  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:06:52.0733 0x2918  MSiSCSI - ok
07:06:52.0735 0x2918  msiserver - ok
07:06:52.0738 0x2918  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:06:52.0740 0x2918  MSKSSRV - ok
07:06:52.0742 0x2918  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:06:52.0743 0x2918  MSPCLOCK - ok
07:06:52.0746 0x2918  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:06:52.0746 0x2918  MSPQM - ok
07:06:52.0758 0x2918  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:06:52.0766 0x2918  MsRPC - ok
07:06:52.0769 0x2918  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:06:52.0771 0x2918  mssmbios - ok
07:06:52.0774 0x2918  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:06:52.0775 0x2918  MSTEE - ok
07:06:52.0777 0x2918  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
07:06:52.0778 0x2918  MTConfig - ok
07:06:52.0782 0x2918  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
07:06:52.0784 0x2918  Mup - ok
07:06:52.0793 0x2918  [ 74E1E62819D33F176821ADC9AFF8A3E7, 99E5C85E8A49ECBBBB5D9ABCA43BC7C756126F29A3B73E74D61F9644EF19FC8B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
07:06:52.0799 0x2918  MyWiFiDHCPDNS - ok
07:06:52.0812 0x2918  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
07:06:52.0823 0x2918  napagent - ok
07:06:52.0834 0x2918  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:06:52.0841 0x2918  NativeWifiP - ok
07:06:52.0863 0x2918  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:06:52.0881 0x2918  NDIS - ok
07:06:52.0885 0x2918  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
07:06:52.0886 0x2918  NdisCap - ok
07:06:52.0889 0x2918  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:06:52.0891 0x2918  NdisTapi - ok
07:06:52.0894 0x2918  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:06:52.0896 0x2918  Ndisuio - ok
07:06:52.0902 0x2918  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:06:52.0905 0x2918  NdisWan - ok
07:06:52.0909 0x2918  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:06:52.0911 0x2918  NDProxy - ok
07:06:52.0914 0x2918  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:06:52.0915 0x2918  NetBIOS - ok
07:06:52.0922 0x2918  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
07:06:52.0928 0x2918  NetBT - ok
07:06:52.0930 0x2918  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
07:06:52.0932 0x2918  Netlogon - ok
07:06:52.0945 0x2918  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
07:06:52.0953 0x2918  Netman - ok
07:06:52.0967 0x2918  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:06:52.0971 0x2918  NetMsmqActivator - ok
07:06:52.0976 0x2918  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:06:52.0978 0x2918  NetPipeActivator - ok
07:06:52.0989 0x2918  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
07:06:53.0000 0x2918  netprofm - ok
07:06:53.0006 0x2918  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:06:53.0008 0x2918  NetTcpActivator - ok
07:06:53.0013 0x2918  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:06:53.0015 0x2918  NetTcpPortSharing - ok
07:06:53.0020 0x2918  [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
07:06:53.0023 0x2918  netvsc - ok
07:06:53.0259 0x2918  [ D39BFDCB570E9019831901AB1B8B4443, 6A8E3761F211AE3C36F8BFE8247AE068B039B2CF5AE36607E6629873B0E4FFE3 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
07:06:53.0474 0x2918  NETwNs64 - ok
07:06:53.0491 0x2918  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:06:53.0493 0x2918  nfrd960 - ok
07:06:53.0501 0x2918  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:06:53.0509 0x2918  NlaSvc - ok
07:06:53.0512 0x2918  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:06:53.0514 0x2918  Npfs - ok
07:06:53.0517 0x2918  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
07:06:53.0519 0x2918  nsi - ok
07:06:53.0522 0x2918  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:06:53.0523 0x2918  nsiproxy - ok
07:06:53.0573 0x2918  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:06:53.0640 0x2918  Ntfs - ok
07:06:53.0643 0x2918  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
07:06:53.0644 0x2918  Null - ok
07:06:53.0656 0x2918  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:06:53.0661 0x2918  nvraid - ok
07:06:53.0674 0x2918  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:06:53.0681 0x2918  nvstor - ok
07:06:53.0686 0x2918  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:06:53.0694 0x2918  nv_agp - ok
07:06:53.0713 0x2918  [ 59E028ED21D8C9F26DC9A5A110A90A9B, 8C2E825C372E962564A15922C259B9B83F3D3D720AD7489A2B0DEFF577AF3C2E ] O2FJ2RDR        C:\Windows\system32\DRIVERS\O2FJ2w7x64.sys
07:06:53.0720 0x2918  O2FJ2RDR - ok
07:06:53.0723 0x2918  [ BBD0246FB5DCFF52C0AACC27212DDC55, AE148A89F1EF88735635C395BB8FCDEF1E3F4039F4C4CEFB8ED6AC056EB06C8B ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
07:06:53.0725 0x2918  O2FLASH - ok
07:06:53.0728 0x2918  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
07:06:53.0730 0x2918  ohci1394 - ok
07:06:53.0735 0x2918  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:06:53.0739 0x2918  ose - ok
07:06:53.0880 0x2918  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:06:54.0002 0x2918  osppsvc - ok
07:06:54.0018 0x2918  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
07:06:54.0025 0x2918  p2pimsvc - ok
07:06:54.0038 0x2918  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
07:06:54.0049 0x2918  p2psvc - ok
07:06:54.0054 0x2918  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
07:06:54.0057 0x2918  Parport - ok
07:06:54.0060 0x2918  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:06:54.0062 0x2918  partmgr - ok
07:06:54.0065 0x2918  [ 5EACB8A19CAD7057806FBBF9550165E1, 63B9AE044F9205E395B9573BE32EC8A9695A16E4DF1BF3E7F7F5FFD336A7029E ] PcaSp60         C:\Windows\system32\DRIVERS\PcaSp60.sys
07:06:54.0067 0x2918  PcaSp60 - ok
07:06:54.0073 0x2918  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:06:54.0078 0x2918  PcaSvc - ok
07:06:54.0084 0x2918  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
07:06:54.0088 0x2918  pci - ok
07:06:54.0091 0x2918  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
07:06:54.0092 0x2918  pciide - ok
07:06:54.0098 0x2918  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
07:06:54.0103 0x2918  pcmcia - ok
07:06:54.0107 0x2918  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
07:06:54.0109 0x2918  pcw - ok
07:06:54.0125 0x2918  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:06:54.0139 0x2918  PEAUTH - ok
07:06:54.0167 0x2918  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
07:06:54.0204 0x2918  PeerDistSvc - ok
07:06:54.0265 0x2918  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
07:06:54.0272 0x2918  PerfHost - ok
07:06:54.0316 0x2918  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
07:06:54.0345 0x2918  pla - ok
07:06:54.0356 0x2918  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:06:54.0366 0x2918  PlugPlay - ok
07:06:54.0368 0x2918  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
07:06:54.0371 0x2918  PNRPAutoReg - ok
07:06:54.0379 0x2918  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
07:06:54.0384 0x2918  PNRPsvc - ok
07:06:54.0395 0x2918  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:06:54.0403 0x2918  PolicyAgent - ok
07:06:54.0411 0x2918  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
07:06:54.0416 0x2918  Power - ok
07:06:54.0421 0x2918  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:06:54.0424 0x2918  PptpMiniport - ok
07:06:54.0428 0x2918  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
07:06:54.0429 0x2918  Processor - ok
07:06:54.0436 0x2918  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
07:06:54.0442 0x2918  ProfSvc - ok
07:06:54.0445 0x2918  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
07:06:54.0446 0x2918  ProtectedStorage - ok
07:06:54.0451 0x2918  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
07:06:54.0454 0x2918  Psched - ok
07:06:54.0481 0x2918  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:06:54.0507 0x2918  ql2300 - ok
07:06:54.0512 0x2918  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:06:54.0515 0x2918  ql40xx - ok
07:06:54.0522 0x2918  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
07:06:54.0527 0x2918  QWAVE - ok
07:06:54.0530 0x2918  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:06:54.0531 0x2918  QWAVEdrv - ok
07:06:54.0535 0x2918  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:06:54.0537 0x2918  RasAcd - ok
07:06:54.0540 0x2918  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
07:06:54.0542 0x2918  RasAgileVpn - ok
07:06:54.0546 0x2918  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
07:06:54.0550 0x2918  RasAuto - ok
07:06:54.0554 0x2918  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:06:54.0557 0x2918  Rasl2tp - ok
07:06:54.0567 0x2918  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
07:06:54.0576 0x2918  RasMan - ok
07:06:54.0579 0x2918  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:06:54.0581 0x2918  RasPppoe - ok
07:06:54.0585 0x2918  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:06:54.0588 0x2918  RasSstp - ok
07:06:54.0596 0x2918  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:06:54.0603 0x2918  rdbss - ok
07:06:54.0606 0x2918  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
07:06:54.0607 0x2918  rdpbus - ok
07:06:54.0609 0x2918  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:06:54.0610 0x2918  RDPCDD - ok
07:06:54.0617 0x2918  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
07:06:54.0620 0x2918  RDPDR - ok
07:06:54.0623 0x2918  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:06:54.0624 0x2918  RDPENCDD - ok
07:06:54.0627 0x2918  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
07:06:54.0628 0x2918  RDPREFMP - ok
07:06:54.0635 0x2918  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:06:54.0640 0x2918  RDPWD - ok
07:06:54.0647 0x2918  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
07:06:54.0652 0x2918  rdyboost - ok
07:06:54.0658 0x2918  [ 5A118234A2251D6CFB8A11DFE7AC4B4A, C79AEAA4D35C10F3C0F5F75E525FE8FB839F43C5EA0D83AE2D5FAB8FEB8F6ECF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
07:06:54.0662 0x2918  RegSrvc - ok
07:06:54.0666 0x2918  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:06:54.0670 0x2918  RemoteAccess - ok
07:06:54.0675 0x2918  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:06:54.0681 0x2918  RemoteRegistry - ok
07:06:54.0686 0x2918  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
07:06:54.0690 0x2918  RFCOMM - ok
07:06:54.0694 0x2918  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
07:06:54.0698 0x2918  RpcEptMapper - ok
07:06:54.0700 0x2918  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
07:06:54.0702 0x2918  RpcLocator - ok
07:06:54.0716 0x2918  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
07:06:54.0723 0x2918  RpcSs - ok
07:06:54.0727 0x2918  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:06:54.0730 0x2918  rspndr - ok
07:06:54.0737 0x2918  [ DDF3EFB4AD226C61D0ADA6E779E3D968, 5B14B35321F10D974B9F47D60C9DAA527A2C907029C242A6F4214E6012A046DA ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
07:06:54.0742 0x2918  RtkAudioService - ok
07:06:54.0745 0x2918  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
07:06:54.0747 0x2918  s3cap - ok
07:06:54.0749 0x2918  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
07:06:54.0751 0x2918  SamSs - ok
07:06:54.0758 0x2918  [ 0629F45DA94F25F60714B230A88DF12B, C7D36F5EC4D5B65FA9E25235CD1CCAFA9305450F40A065675415A91B69FD5033 ] SboxDrv         C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys
07:06:54.0762 0x2918  SboxDrv - ok
07:06:54.0768 0x2918  [ FAEA5793F326F93F970D21DD41543C0C, 6C4E5D09FDA0CE6AFEFD268D2F22F4B801A10EF46942EA7EF4AA30AD56B9DDF8 ] SboxSvc         C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
07:06:54.0773 0x2918  SboxSvc - ok
07:06:54.0777 0x2918  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:06:54.0780 0x2918  sbp2port - ok
07:06:54.0786 0x2918  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:06:54.0792 0x2918  SCardSvr - ok
07:06:54.0794 0x2918  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
07:06:54.0796 0x2918  scfilter - ok
07:06:54.0817 0x2918  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
07:06:54.0838 0x2918  Schedule - ok
07:06:54.0842 0x2918  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:06:54.0843 0x2918  SCPolicySvc - ok
07:06:54.0849 0x2918  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
07:06:54.0854 0x2918  sdbus - ok
07:06:54.0860 0x2918  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:06:54.0867 0x2918  SDRSVC - ok
07:06:54.0870 0x2918  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:06:54.0871 0x2918  secdrv - ok
07:06:54.0875 0x2918  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
07:06:54.0878 0x2918  seclogon - ok
07:06:54.0882 0x2918  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
07:06:54.0885 0x2918  SENS - ok
07:06:54.0890 0x2918  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
07:06:54.0893 0x2918  SensrSvc - ok
07:06:54.0896 0x2918  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
07:06:54.0897 0x2918  Serenum - ok
07:06:54.0901 0x2918  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
07:06:54.0904 0x2918  Serial - ok
07:06:54.0906 0x2918  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:06:54.0908 0x2918  sermouse - ok
07:06:54.0914 0x2918  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
07:06:54.0919 0x2918  SessionEnv - ok
07:06:54.0921 0x2918  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
07:06:54.0922 0x2918  sffdisk - ok
07:06:54.0925 0x2918  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:06:54.0926 0x2918  sffp_mmc - ok
07:06:54.0928 0x2918  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
07:06:54.0931 0x2918  sffp_sd - ok
07:06:54.0934 0x2918  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:06:54.0936 0x2918  sfloppy - ok
07:06:54.0968 0x2918  [ 07A09E5F9683AD05F887CB82B86F1195, F9AAE77A6C2D4ED5EA34CFDAA3F4599CCD87F37E81BD9C9CA0736B0E8F8D66AB ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
07:06:54.0996 0x2918  SftService - ok
07:06:55.0008 0x2918  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:06:55.0016 0x2918  SharedAccess - ok
07:06:55.0026 0x2918  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:06:55.0034 0x2918  ShellHWDetection - ok
07:06:55.0037 0x2918  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
07:06:55.0039 0x2918  SiSRaid2 - ok
07:06:55.0046 0x2918  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:06:55.0048 0x2918  SiSRaid4 - ok
07:06:55.0057 0x2918  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
07:06:55.0062 0x2918  SkypeUpdate - ok
07:06:55.0067 0x2918  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:06:55.0070 0x2918  Smb - ok
07:06:55.0075 0x2918  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:06:55.0077 0x2918  SNMPTRAP - ok
07:06:55.0080 0x2918  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:06:55.0081 0x2918  spldr - ok
07:06:55.0094 0x2918  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
07:06:55.0109 0x2918  Spooler - ok
07:06:55.0179 0x2918  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
07:06:55.0242 0x2918  sppsvc - ok
07:06:55.0248 0x2918  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
07:06:55.0251 0x2918  sppuinotify - ok
07:06:55.0262 0x2918  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:06:55.0271 0x2918  srv - ok
07:06:55.0280 0x2918  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:06:55.0288 0x2918  srv2 - ok
07:06:55.0293 0x2918  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:06:55.0297 0x2918  srvnet - ok
07:06:55.0304 0x2918  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:06:55.0311 0x2918  SSDPSRV - ok
07:06:55.0316 0x2918  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:06:55.0320 0x2918  SstpSvc - ok
07:06:55.0324 0x2918  [ E4EA2412FB1B8AEE33667A9CC6D456A4, E553D07BBD98CB026033D7D10D859795682D1BFCB9D33D494177B2E747EA5064 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
07:06:55.0326 0x2918  stdcfltn - ok
07:06:55.0329 0x2918  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
07:06:55.0330 0x2918  stexstor - ok
07:06:55.0344 0x2918  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
07:06:55.0358 0x2918  stisvc - ok
07:06:55.0361 0x2918  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
07:06:55.0364 0x2918  StorSvc - ok
07:06:55.0368 0x2918  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
07:06:55.0370 0x2918  storvsc - ok
07:06:55.0375 0x2918  [ AB1C3402A04C4594D9A778574E87C4B2, 46D20F5432B9A8ED5FAEDC75838AD86548585C1BA86E160AB9C5F893FB11815C ] ST_ACCEL        C:\Windows\system32\DRIVERS\ST_Accel.sys
07:06:55.0378 0x2918  ST_ACCEL - ok
07:06:55.0381 0x2918  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:06:55.0382 0x2918  swenum - ok
07:06:55.0399 0x2918  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
07:06:55.0410 0x2918  SwitchBoard - ok
07:06:55.0422 0x2918  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
07:06:55.0433 0x2918  swprv - ok
07:06:55.0436 0x2918  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
07:06:55.0437 0x2918  SynthVid - ok
07:06:55.0472 0x2918  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
07:06:55.0506 0x2918  SysMain - ok
07:06:55.0510 0x2918  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:06:55.0514 0x2918  TabletInputService - ok
07:06:55.0523 0x2918  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:06:55.0531 0x2918  TapiSrv - ok
07:06:55.0534 0x2918  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
07:06:55.0537 0x2918  TBS - ok
07:06:55.0578 0x2918  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:06:55.0614 0x2918  Tcpip - ok
07:06:55.0651 0x2918  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
07:06:55.0673 0x2918  TCPIP6 - ok
07:06:55.0678 0x2918  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:06:55.0680 0x2918  tcpipreg - ok
07:06:55.0683 0x2918  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:06:55.0685 0x2918  TDPIPE - ok
07:06:55.0688 0x2918  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:06:55.0689 0x2918  TDTCP - ok
07:06:55.0693 0x2918  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:06:55.0696 0x2918  tdx - ok
07:06:55.0777 0x2918  [ A903E5C565A2677F3960E4AAB7B42280, 6D819D4F464005FBAECAAB719EB2D6539E8A48851C09A1AA8E9D48CDFDA9FEE1 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
07:06:55.0848 0x2918  TeamViewer - ok
07:06:55.0858 0x2918  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:06:55.0860 0x2918  TermDD - ok
07:06:55.0874 0x2918  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
07:06:55.0887 0x2918  TermService - ok
07:06:55.0891 0x2918  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
07:06:55.0893 0x2918  Themes - ok
07:06:55.0897 0x2918  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
07:06:55.0899 0x2918  THREADORDER - ok
07:06:55.0905 0x2918  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
07:06:55.0910 0x2918  TrkWks - ok
07:06:55.0914 0x2918  [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
07:06:55.0916 0x2918  TrueSight - ok
07:06:55.0923 0x2918  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:06:55.0927 0x2918  TrustedInstaller - ok
07:06:55.0931 0x2918  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:06:55.0933 0x2918  tssecsrv - ok
07:06:55.0938 0x2918  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
07:06:55.0940 0x2918  TsUsbFlt - ok
07:06:55.0944 0x2918  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
07:06:55.0945 0x2918  TsUsbGD - ok
07:06:55.0950 0x2918  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:06:55.0953 0x2918  tunnel - ok
07:06:55.0956 0x2918  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:06:55.0958 0x2918  uagp35 - ok
07:06:55.0967 0x2918  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:06:55.0975 0x2918  udfs - ok
07:06:55.0980 0x2918  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:06:55.0983 0x2918  UI0Detect - ok
07:06:55.0987 0x2918  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:06:55.0988 0x2918  uliagpkx - ok
07:06:55.0992 0x2918  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:06:55.0994 0x2918  umbus - ok
07:06:55.0997 0x2918  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
07:06:55.0998 0x2918  UmPass - ok
07:06:56.0007 0x2918  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
07:06:56.0014 0x2918  UmRdpService - ok
07:06:56.0025 0x2918  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
07:06:56.0034 0x2918  upnphost - ok
07:06:56.0037 0x2918  [ C5C45CE1C5B3CC9D5A9826F76709D7A4, 60DD04D7898E4D3AF1565C56664952FF2AE1799AAA3991D9544DB4AFD9F2D506 ] usb3Hub         C:\Windows\system32\DRIVERS\usb3Hub.sys
07:06:56.0039 0x2918  usb3Hub - ok
07:06:56.0046 0x2918  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
07:06:56.0048 0x2918  usbaudio - ok
07:06:56.0051 0x2918  [ 724DABDE1A9C48C6E5FE0F9F7E583940, 6B5FB81D0D6096CB827AC32DD5EE7C92F1E2EEFD54EC9E047EC6AF50610B4885 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:06:56.0054 0x2918  usbccgp - ok
07:06:56.0058 0x2918  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:06:56.0061 0x2918  usbcir - ok
07:06:56.0068 0x2918  [ 635686E528F2C9CB916EC1BB04EE6AD1, 080A0F209773232860F510F17005EF92650BA831F69BB0006AEF11A2BB0A4906 ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
07:06:56.0072 0x2918  UsbClientService - ok
07:06:56.0076 0x2918  [ CA11C28D69925E356CC27749CC41C3E1, E0AEB9EA23E7EFB982C1548508583B16A89A5568750EA23A313C8AC40CCB84C5 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
07:06:56.0078 0x2918  usbehci - ok
07:06:56.0088 0x2918  [ 8FA7BAF75209D59E7302BCF0308C52A7, 00F5F7442BBD25E7455ECDE5AE5D40C60E878BAF53A7D535DB59EE2C3F027245 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:06:56.0096 0x2918  usbhub - ok
07:06:56.0099 0x2918  [ BB33E6D8006EDD67CAB91E9417417710, 16CC4A00FB1793C7B723F6A99A39725C87A71C2958CFA0916A55BB084973C96F ] usbohci         C:\Windows\system32\drivers\usbohci.sys
07:06:56.0101 0x2918  usbohci - ok
07:06:56.0105 0x2918  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
07:06:56.0107 0x2918  usbprint - ok
07:06:56.0110 0x2918  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
07:06:56.0111 0x2918  usbscan - ok
07:06:56.0115 0x2918  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:06:56.0117 0x2918  USBSTOR - ok
07:06:56.0120 0x2918  [ 8565793CAF1EF768DB669BE0C3C71EDF, 8FD8904C5C0F2BFC66A17EE51E2E50C4BB11B77A18F51F4893D079B2F37F6B21 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
07:06:56.0121 0x2918  usbuhci - ok
07:06:56.0127 0x2918  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
07:06:56.0131 0x2918  usbvideo - ok
07:06:56.0134 0x2918  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
07:06:56.0136 0x2918  UxSms - ok
07:06:56.0139 0x2918  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
07:06:56.0141 0x2918  VaultSvc - ok
07:06:56.0151 0x2918  [ EB2461E88E1E9F2243FAA3F167BFB94E, 1A7E51BC964CC42A2839FE6DB20A7E2E695E827B62851B0B25CCDB091A144D24 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
07:06:56.0156 0x2918  VBoxAswDrv - ok
07:06:56.0159 0x2918  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
07:06:56.0160 0x2918  vdrvroot - ok
07:06:56.0174 0x2918  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
07:06:56.0186 0x2918  vds - ok
07:06:56.0191 0x2918  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:06:56.0192 0x2918  vga - ok
07:06:56.0195 0x2918  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:06:56.0197 0x2918  VgaSave - ok
07:06:56.0203 0x2918  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
07:06:56.0208 0x2918  vhdmp - ok
07:06:56.0210 0x2918  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:06:56.0211 0x2918  viaide - ok
07:06:56.0214 0x2918  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
07:06:56.0216 0x2918  VMBusHID - ok
07:06:56.0219 0x2918  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:06:56.0221 0x2918  volmgr - ok
07:06:56.0231 0x2918  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:06:56.0240 0x2918  volmgrx - ok
07:06:56.0248 0x2918  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:06:56.0253 0x2918  volsnap - ok
07:06:56.0259 0x2918  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:06:56.0262 0x2918  vsmraid - ok
07:06:56.0295 0x2918  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
07:06:56.0326 0x2918  VSS - ok
07:06:56.0330 0x2918  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
07:06:56.0332 0x2918  vwifibus - ok
07:06:56.0336 0x2918  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
07:06:56.0339 0x2918  vwififlt - ok
07:06:56.0342 0x2918  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
07:06:56.0343 0x2918  vwifimp - ok
07:06:56.0354 0x2918  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
07:06:56.0363 0x2918  W32Time - ok
07:06:56.0367 0x2918  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:06:56.0369 0x2918  WacomPen - ok
07:06:56.0373 0x2918  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
07:06:56.0376 0x2918  WANARP - ok
07:06:56.0379 0x2918  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:06:56.0380 0x2918  Wanarpv6 - ok
07:06:56.0405 0x2918  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
07:06:56.0428 0x2918  WatAdminSvc - ok
07:06:56.0459 0x2918  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
07:06:56.0486 0x2918  wbengine - ok
07:06:56.0493 0x2918  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
07:06:56.0499 0x2918  WbioSrvc - ok
07:06:56.0512 0x2918  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:06:56.0532 0x2918  wcncsvc - ok
07:06:56.0541 0x2918  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:06:56.0547 0x2918  WcsPlugInService - ok
07:06:56.0554 0x2918  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
07:06:56.0559 0x2918  Wd - ok
07:06:56.0563 0x2918  [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
07:06:56.0569 0x2918  WDC_SAM - ok
07:06:56.0598 0x2918  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:06:56.0619 0x2918  Wdf01000 - ok
07:06:56.0640 0x2918  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:06:56.0644 0x2918  WdiServiceHost - ok
07:06:56.0648 0x2918  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:06:56.0651 0x2918  WdiSystemHost - ok
07:06:56.0660 0x2918  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
07:06:56.0668 0x2918  WebClient - ok
07:06:56.0674 0x2918  [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:06:56.0680 0x2918  Wecsvc - ok
07:06:56.0684 0x2918  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:06:56.0687 0x2918  wercplsupport - ok
07:06:56.0692 0x2918  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
07:06:56.0696 0x2918  WerSvc - ok
07:06:56.0699 0x2918  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
07:06:56.0700 0x2918  WfpLwf - ok
07:06:56.0703 0x2918  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
07:06:56.0704 0x2918  WIMMount - ok
07:06:56.0706 0x2918  WinDefend - ok
07:06:56.0710 0x2918  WinHttpAutoProxySvc - ok
07:06:56.0721 0x2918  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:06:56.0726 0x2918  Winmgmt - ok
07:06:56.0792 0x2918  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
07:06:56.0832 0x2918  WinRM - ok
07:06:56.0840 0x2918  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
07:06:56.0842 0x2918  WinUsb - ok
07:06:56.0862 0x2918  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:06:56.0880 0x2918  Wlansvc - ok
07:06:56.0883 0x2918  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
07:06:56.0884 0x2918  WmiAcpi - ok
07:06:56.0892 0x2918  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:06:56.0898 0x2918  wmiApSrv - ok
07:06:56.0900 0x2918  WMPNetworkSvc - ok
07:06:56.0903 0x2918  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:06:56.0905 0x2918  WPCSvc - ok
07:06:56.0910 0x2918  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:06:56.0915 0x2918  WPDBusEnum - ok
07:06:56.0920 0x2918  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:06:56.0921 0x2918  ws2ifsl - ok
07:06:56.0927 0x2918  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
07:06:56.0931 0x2918  wscsvc - ok
07:06:56.0934 0x2918  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
07:06:56.0935 0x2918  WSDPrintDevice - ok
07:06:56.0938 0x2918  WSearch - ok
07:06:56.0977 0x2918  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
07:06:57.0012 0x2918  wuauserv - ok
07:06:57.0017 0x2918  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
07:06:57.0019 0x2918  WudfPf - ok
07:06:57.0026 0x2918  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:06:57.0032 0x2918  WUDFRd - ok
07:06:57.0037 0x2918  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:06:57.0042 0x2918  wudfsvc - ok
07:06:57.0050 0x2918  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
07:06:57.0058 0x2918  WwanSvc - ok
07:06:57.0065 0x2918  [ 93BFBB02C88EF306C8FB82213E07B845, F9E91A80B11997188446A83E6A1A66A503D3B58D8808AB7E869EE1550F1EA44F ] XHCIPort        C:\Windows\system32\DRIVERS\XHCIPort.sys
07:06:57.0070 0x2918  XHCIPort - ok
07:06:57.0162 0x2918  [ A923222A8437E6C419AFC1A3BE32FF47, ED1132AE3548AC54D838F93B36A591F3EDB34A980409ED220077871DA5630E9A ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
07:06:57.0224 0x2918  ZeroConfigService - ok
07:06:57.0232 0x2918  ================ Scan global ===============================
07:06:57.0236 0x2918  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
07:06:57.0242 0x2918  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
07:06:57.0252 0x2918  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
07:06:57.0258 0x2918  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
07:06:57.0266 0x2918  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
07:06:57.0273 0x2918  [ Global ] - ok
07:06:57.0273 0x2918  ================ Scan MBR ==================================
07:06:57.0274 0x2918  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
07:06:57.0328 0x2918  \Device\Harddisk0\DR0 - ok
07:06:57.0606 0x2918  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
07:06:57.0617 0x2918  \Device\Harddisk1\DR1 - ok
07:06:57.0618 0x2918  ================ Scan VBR ==================================
07:06:57.0625 0x2918  [ 94FB6F65A33636E612340F9E5865322A ] \Device\Harddisk0\DR0\Partition1
07:06:57.0627 0x2918  \Device\Harddisk0\DR0\Partition1 - ok
07:06:57.0632 0x2918  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
07:06:57.0633 0x2918  \Device\Harddisk1\DR1\Partition1 - ok
07:06:57.0640 0x2918  [ 8EC9CD553DD4F57F06F07270F805AFA9 ] \Device\Harddisk1\DR1\Partition2
07:06:57.0687 0x2918  \Device\Harddisk1\DR1\Partition2 - ok
07:06:57.0689 0x2918  ================ Scan generic autorun ======================
07:06:57.0864 0x2918  [ 5BAD798CBAB39F3A56A9CD495320F67E, 668FB3F30DD99CBF9EBDDF4C079636DFD2C7693B3506AC8A6DD1B3CA4B5BAF11 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
07:06:58.0008 0x2918  RtHDVCpl - ok
07:06:58.0075 0x2918  [ C9C552CE10985B889DC476F6C015F85D, 901A7BFC84A7C42DF0B9CBFB49F39A95DDC62BAC9E08777DA53AB2B1550AAA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
07:06:58.0106 0x2918  RtHDVBg - ok
07:06:58.0111 0x2918  [ D55A44CB33482D604858F84EBD96027B, C57AA93B3F0D8767FBAC9A032758C8064739F6399B81F3559A7BC145DB2E0C14 ] C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
07:06:58.0113 0x2918  WavesSvc - ok
07:06:58.0140 0x2918  [ C9C552CE10985B889DC476F6C015F85D, 901A7BFC84A7C42DF0B9CBFB49F39A95DDC62BAC9E08777DA53AB2B1550AAA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
07:06:58.0155 0x2918  RtHDVBg_PushButton - ok
07:06:58.0174 0x2918  [ FAF64638A42A32B449E7EB474064731A, 40462B51B3CAE21E5650525F90BAB5FCB6C1B44EA4C2DBB8AA0991A0F2EE7837 ] C:\Program Files\DellTPad\Apoint.exe
07:06:58.0186 0x2918  Apoint - ok
07:06:58.0190 0x2918  [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
07:06:58.0191 0x2918  IAStorIcon - ok
07:06:58.0202 0x2918  [ FEAD27FF63A67513FF3780CED52166EA, 00256F92A107B7F7C391C518E0E2704A4250E41B3C3424C1DC4D36E3E98ECC11 ] C:\Windows\system32\igfxtray.exe
07:06:58.0211 0x2918  IgfxTray - ok
07:06:58.0226 0x2918  [ 5D3F714A254E7A7AF2A96DB739A0A430, 277A93E97771B6D091F3B3AD6D384E97A1BD0E31AC2A51A1BB2CD0C8C087B343 ] C:\Windows\system32\hkcmd.exe
07:06:58.0243 0x2918  HotKeysCmds - ok
07:06:58.0283 0x2918  [ 1AA3227DC32145F6D468B6177C6CA2DA, 67DD3AF86942C8ACE0383DE6CCC279743C02E38740E6A6F65224C37899A0874C ] C:\Windows\system32\igfxpers.exe
07:06:58.0340 0x2918  Persistence - ok
07:06:58.0468 0x2918  [ BD00A2831FC33B7EFFEDEA078CD0E5D3, EF7D80F61AEFFEFA1DB3B3C839D33D9D3672F0AC86B8E244AD3450AB452DA386 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
07:06:58.0611 0x2918  IntelPROSet - ok
07:06:58.0625 0x2918  [ 4420BBAC770EB87AB74E4B9146E18924, 6DB78DB9FD72F1E8C7651D2B3FF090CB4A8C90BA0D11F69D533960CE67170CFC ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
07:06:58.0631 0x2918  BLEServicesCtrl - ok
07:06:58.0632 0x2918  BTMTrayAgent - ok
07:06:58.0643 0x2918  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
07:06:58.0650 0x2918  AdobeAAMUpdater-1.0 - ok
07:06:58.0656 0x2918  [ 1A9CBFCE469C8CA77B70DB366056AAD9, BEA0919B7C934523CAFB5DB8B242872EAFBACA667517783472B8CCF0E7928DF2 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
07:06:58.0660 0x2918  IMSS - ok
07:06:58.0668 0x2918  [ 5956CEBC6E2DF8BB255DE08901533985, 3F9362485F64FC50429297CA339ED5964FF0889B855307E2A944A08818434CE3 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
07:06:58.0674 0x2918  USB3MON - ok
07:06:58.0695 0x2918  [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:06:58.0712 0x2918  Adobe ARM - ok
07:06:58.0721 0x2918  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
07:06:58.0723 0x2918  BCSSync - ok
07:06:58.0747 0x2918  [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
07:06:58.0760 0x2918  StartCCC - ok
07:06:58.0838 0x2918  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
07:06:58.0909 0x2918  AvastUI.exe - ok
07:06:58.0931 0x2918  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
07:06:58.0936 0x2918  SwitchBoard - ok
07:06:58.0959 0x2918  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
07:06:59.0059 0x2918  AdobeCS6ServiceManager - ok
07:06:59.0154 0x2918  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
07:06:59.0241 0x2918  Sidebar - ok
07:06:59.0250 0x2918  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
07:06:59.0268 0x2918  mctadmin - ok
07:06:59.0364 0x2918  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
07:06:59.0377 0x2918  Sidebar - ok
07:06:59.0382 0x2918  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
07:06:59.0384 0x2918  mctadmin - ok
07:06:59.0385 0x2918  Skype - ok
07:06:59.0391 0x2918  [ 77C01F1850E55373280A1B865D824F58, EE1535A11A49BF578FC4D00096508FFD0C4E20EC164B3ABB92ED6E2800F831C8 ] C:\Users\pwaara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
07:06:59.0393 0x2918  BingSvc - ok
07:06:59.0396 0x2918  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\pwaara\AppData\Local\Dropbox\Update\DropboxUpdate.exe
07:06:59.0398 0x2918  Dropbox Update - ok
07:06:59.0399 0x2918  Waiting for KSN requests completion. In queue: 162
07:07:00.0437 0x2918  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
07:07:00.0450 0x2918  Win FW state via NFP2: enabled
07:07:00.0695 0x2918  ============================================================
07:07:00.0695 0x2918  Scan finished
07:07:00.0695 0x2918  ============================================================
07:07:00.0709 0x2168  Detected object count: 0
07:07:00.0709 0x2168  Actual detected object count: 0

 

aswMBR Log:

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-07-10 07:10:36
-----------------------------
07:10:36.573    OS Version: Windows x64 6.1.7601 Service Pack 1
07:10:36.574    Number of processors: 4 586 0x3C03
07:10:36.574    ComputerName: RESPONSEAGILITY  UserName: pwaara
07:10:36.785    Initialize success
07:10:36.795    VM: initialized successfully
07:10:36.797    VM: Intel CPU supported virtualized
07:10:41.691    VM: disk I/O iaStorA.sys
07:10:44.558    AVAST engine defs: 15071000
07:11:07.677    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000067
07:11:07.683    Disk 0 Vendor: SAMSUNG_ EXT0 Size: 244198MB BusType: 8
07:11:07.691    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000068
07:11:07.697    Disk 1 Vendor: HGST JB0O Size: 953869MB BusType: 8
07:11:07.709    Disk 0 MBR read successfully
07:11:07.711    Disk 0 MBR scan
07:11:07.713    Disk 0 Windows VISTA default MBR code
07:11:07.716    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63
07:11:07.718    Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS        13614 MB offset 81920
07:11:07.721    Disk 0 Boot: NTFS     code=1
07:11:07.725    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       230543 MB offset 27963392
07:11:07.736    Disk 0 scanning C:\Windows\system32\drivers
07:11:10.373    Service scanning
07:11:17.325    Modules scanning
07:11:17.340    Disk 0 trace - called modules:
07:11:17.357    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
07:11:17.360    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800736c060]
07:11:17.363    3 CLASSPNP.SYS[fffff880015b043f] -> nt!IofCallDriver -> [0xfffffa8007209cb0]
07:11:17.368    5 stdcfltn.sys[fffff880019bcd12] -> nt!IofCallDriver -> [0xfffffa8007208c50]
07:11:17.371    7 iaStorF.sys[fffff880019dff84] -> nt!IofCallDriver -> \Device\00000067[0xfffffa80071f28b0]
07:11:17.589    AVAST engine scan C:\Windows
07:11:18.408    AVAST engine scan C:\Windows\system32
07:12:29.166    AVAST engine scan C:\Windows\system32\drivers
07:12:32.368    AVAST engine scan C:\Users\pwaara
07:14:22.535    Disk 0 statistics 4229153/0/0 @ 21.29 MB/s
07:14:22.555    Scan stopped
07:14:29.542    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000067
07:14:29.556    Disk 0 Vendor: SAMSUNG_ EXT0 Size: 244198MB BusType: 8
07:14:29.568    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000068
07:14:29.571    Disk 1 Vendor: HGST JB0O Size: 953869MB BusType: 8
07:14:29.823    Disk 0 MBR read successfully
07:14:29.826    Disk 0 MBR scan
07:14:29.829    Disk 0 Windows VISTA default MBR code
07:14:29.852    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63
07:14:29.870    Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS        13614 MB offset 81920
07:14:29.887    Disk 0 Boot: NTFS     code=1
07:14:29.905    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       230543 MB offset 27963392
07:14:30.048    Disk 0 scanning C:\Windows\system32\drivers
07:14:41.980    Service scanning
07:14:49.191    Modules scanning
07:14:49.214    Disk 0 trace - called modules:
07:14:49.225    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
07:14:49.228    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800736c060]
07:14:49.232    3 CLASSPNP.SYS[fffff880015b043f] -> nt!IofCallDriver -> [0xfffffa8007209cb0]
07:14:49.234    5 stdcfltn.sys[fffff880019bcd12] -> nt!IofCallDriver -> [0xfffffa8007208c50]
07:14:49.237    7 iaStorF.sys[fffff880019dff84] -> nt!IofCallDriver -> \Device\00000067[0xfffffa80071f28b0]
07:14:49.770    AVAST engine scan C:\Windows
07:15:10.593    AVAST engine scan C:\Windows\system32
07:16:07.112    AVAST engine scan C:\Windows\system32\drivers
07:16:10.390    AVAST engine scan C:\Users\pwaara
07:18:44.485    Disk 0 MBR has been saved successfully to "e:\Users\pwaara\Desktop\MBR.dat"
07:18:44.501    The log file has been saved successfully to "e:\Users\pwaara\Desktop\aswMBR.txt"


aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-07-10 07:23:55
-----------------------------
07:23:55.723    OS Version: Windows x64 6.1.7601 Service Pack 1
07:23:55.723    Number of processors: 4 586 0x3C03
07:23:55.723    ComputerName: RESPONSEAGILITY  UserName: pwaara
07:23:56.441    Initialize success
07:23:56.441    VM: initialized successfully
07:23:56.456    VM: Intel CPU supported virtualized
07:23:57.628    VM: disk I/O iaStorA.sys
07:24:01.200    AVAST engine defs: 15071000
07:24:04.664    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000067
07:24:04.664    Disk 0 Vendor: SAMSUNG_ EXT0 Size: 244198MB BusType: 8
07:24:04.679    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000068
07:24:04.679    Disk 1 Vendor: HGST JB0O Size: 953869MB BusType: 8
07:24:04.695    Disk 0 MBR read successfully
07:24:04.695    Disk 0 MBR scan
07:24:04.695    Disk 0 Windows VISTA default MBR code
07:24:04.695    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63
07:24:04.710    Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS        13614 MB offset 81920
07:24:04.710    Disk 0 Boot: NTFS     code=1
07:24:04.710    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       230543 MB offset 27963392
07:24:04.726    Disk 0 scanning C:\Windows\system32\drivers
07:24:25.240    Service scanning
07:24:32.166    Modules scanning
07:24:32.166    Disk 0 trace - called modules:
07:24:32.198    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
07:24:32.198    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800736c060]
07:24:32.213    3 CLASSPNP.SYS[fffff880015b043f] -> nt!IofCallDriver -> [0xfffffa8007209cb0]
07:24:32.213    5 stdcfltn.sys[fffff880019bcd12] -> nt!IofCallDriver -> [0xfffffa8007208c50]
07:24:32.213    7 iaStorF.sys[fffff880019dff84] -> nt!IofCallDriver -> \Device\00000067[0xfffffa80071f28b0]
07:24:32.837    AVAST engine scan C:\Windows
07:24:40.060    AVAST engine scan C:\Windows\system32
07:25:33.053    AVAST engine scan C:\Windows\system32\drivers
07:25:36.610    AVAST engine scan C:\Users\pwaara
07:40:21.480    AVAST engine scan C:\ProgramData
07:41:06.720    Disk 0 statistics 5573025/0/0 @ 3.08 MB/s
07:41:06.720    Scan finished successfully
07:41:26.469    Disk 0 MBR has been saved successfully to "e:\Users\pwaara\Desktop\MBR.dat"
07:41:26.469    The log file has been saved successfully to "e:\Users\pwaara\Desktop\aswMBR.txt"



 



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:17 AM

Posted 10 July 2015 - 08:44 AM

Thank you for the information. Which browser(s) is that happening with?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users