Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Found win32k_sys and need to remove threat


  • This topic is locked This topic is locked
19 replies to this topic

#1 MeerMan

MeerMan

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 01 January 2016 - 09:27 PM

I found this file with RogueKiller and the BleepingC site indicates it should be removed. As instructed, here is my appeal for help in removing the file. (There also is a possible Rootkit file halmacpi.dll that appears to be much older so it might not be dangerous. I am attaching the FRST scan files in hopes that someone can get me out of the woods safely. 

 

Thank yo in advance for any support you can offer.

 

Meerman

Attached Files



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:26 PM

Posted 02 January 2016 - 05:04 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

 

 

Ran by DELL (ATTENTION: The user is not administrator)

 

 

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 MeerMan

MeerMan
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 02 January 2016 - 08:27 AM

Thank you!! Jurgen for helping me with this infection. 
 
I have the two logs pasted here as you instructed. Please note that a short time after I posted this topic, my computer started a flood of wifi traffic and I did not see the source of this activity. I shut down and it has not repeated that yet today. 
 
Meerman
 
 
FRST.txt
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-12-2015
Ran by ADMINdell (administrator) on OBG2015 (02-01-2016 08:18:16)
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL & ADMINdell (Available Profiles: DELL & ADMINdell)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATIJJE.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Sysinternals - www.sysinternals.com) C:\Users\DELL\Desktop\security APPS\Tcpview.exe
(Famatech Corp.) C:\Program Files\Advanced IP Scanner\advanced_ip_scanner.exe
(Sysinternals - www.sysinternals.com) C:\Users\DELL\Desktop\security APPS\procexp.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [GIDDesktop] => C:\Program Files\SFT\GuardedID\gidd.exe [297616 2015-06-17] (StrikeForce Technologies Inc.)
HKLM\...\RunOnce: [GuardedID Toolbar] => regsvr32.exe /s /i "C:\Program Files\SFT\GuardedID\GIDTB.dll"
HKU\S-1-5-21-2417215444-1419857924-85494366-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1192592 2015-12-14] (Bitdefender)
HKU\S-1-5-21-2417215444-1419857924-85494366-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIJJE.EXE [249440 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2417215444-1419857924-85494366-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIJJE.EXE [249440 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2417215444-1419857924-85494366-1000\...\MountPoints2: D - D:\autoRcd.exe
HKU\S-1-5-21-2417215444-1419857924-85494366-1003\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1192592 2015-12-14] (Bitdefender)
HKU\S-1-5-21-2417215444-1419857924-85494366-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3B891778-9096-45D6-A4F8-625481B814A4}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{3B891778-9096-45D6-A4F8-625481B814A4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70B05880-235F-4CF6-8832-FCE779DBFEB6}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{70B05880-235F-4CF6-8832-FCE779DBFEB6}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2417215444-1419857924-85494366-1000 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2417215444-1419857924-85494366-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2417215444-1419857924-85494366-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2417215444-1419857924-85494366-1000 -> {D30438F1-9778-4E41-AFDF-326FA4CE2C38} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2417215444-1419857924-85494366-1003 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2417215444-1419857924-85494366-1003 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-14] (Bitdefender)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-29] (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-29] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-14] (Bitdefender)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - PrivacyProtect - {983EB3A5-F9EE-4fe2-B3C3-E64A32F6305D} - C:\Program Files\SFT\GuardedID\gidtb.dll [2015-06-17] (StrikeForce Technologies Inc)
 
FireFox:
========
FF ProfilePath: C:\Users\ADMINdell\AppData\Roaming\Mozilla\Firefox\Profiles\a051cr8e.default
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-24] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2417215444-1419857924-85494366-1000: @freeconferencecall.com/launcher -> C:\Users\DELL\AppData\Local\FCCPlugins\npfcclauncher.dll [2015-09-01] (FreeConferenceCall)
FF Extension: PrivacyProtect Toolbar - C:\Program Files\Mozilla Firefox\extensions\guardedid@sftnj.com [2016-01-01] [not signed]
FF Extension: PrivacyProtect Toolbar - C:\Program Files\Mozilla Firefox\browser\extensions\guardedid@sftnj.com [2016-01-01] [not signed]
FF HKLM\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\sdlwv7j0.default-1442957222745\extensions\arthurj8283@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\\bdwteff [2015-12-15]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-09-17] [not signed]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://news.google.com/
CHR StartupUrls: Default -> "hxxp://news.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google
CHR Profile: C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-19]
CHR Extension: (Google Docs) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-19]
CHR Extension: (Google Drive) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-19]
CHR Extension: (YouTube) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-22]
CHR Extension: (Google Search) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-19]
CHR Extension: (Bitdefender Wallet) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2015-09-27]
CHR Extension: (Google Sheets) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-19]
CHR Extension: (Google Docs Offline) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]
CHR Extension: (Gmail) - C:\Users\ADMINdell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-19]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
S4 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
R2 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-12-24] (Macrovision Europe Ltd.) [File not signed]
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [857288 2015-11-09] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [96136 2015-10-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1328040 2015-12-14] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1254920 2015-11-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261400 2015-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [638976 2015-11-02] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [93648 2012-10-29] (BitDefender LLC)
S4 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [83824 2015-12-14] (BitDefender)
R1 GIDv2; C:\Windows\system32\Drivers\GIDv2.sys [24592 2015-06-17] (StrikeForce Technologies, Inc.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [173832 2015-04-29] (BitDefender LLC)
R0 ignis; C:\Windows\System32\DRIVERS\ignis.sys [219248 2015-11-02] (Bitdefender)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1265216 2011-09-09] (Ralink Technology Corp.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2015-09-25] (The OpenVPN Project)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [422664 2015-06-02] (BitDefender S.R.L.)
S3 VUSB3HUB; system32\DRIVERS\ViaHub3.sys [X]
S3 VUSBSTOR; System32\Drivers\vusbstor.sys [X]
S3 xhcdrv; system32\DRIVERS\xhcdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-02 08:18 - 2016-01-02 08:18 - 00014863 _____ C:\Users\DELL\Desktop\FRST.txt
2016-01-01 21:14 - 2016-01-01 21:14 - 00025087 _____ C:\Users\DELL\Downloads\Addition.txt
2016-01-01 21:13 - 2016-01-02 08:18 - 00000000 ____D C:\FRST
2016-01-01 21:13 - 2016-01-01 21:14 - 00043783 _____ C:\Users\DELL\Downloads\FRST.txt
2016-01-01 21:13 - 2016-01-01 21:13 - 01721856 _____ (Farbar) C:\Users\DELL\Desktop\FRST.exe
2016-01-01 16:34 - 2016-01-01 16:36 - 00197086 _____ C:\TDSSKiller.3.1.0.9_01.01.2016_16.34.16_log.txt
2016-01-01 16:33 - 2016-01-01 16:33 - 00000364 _____ C:\TDSSKiller.3.1.0.7_01.01.2016_16.33.46_log.txt
2016-01-01 09:27 - 2016-01-01 09:46 - 00000000 ____D C:\ProgramData\GID
2016-01-01 09:27 - 2016-01-01 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GuardedID
2016-01-01 09:27 - 2016-01-01 09:27 - 00000000 ____D C:\Program Files\SFT
2016-01-01 09:27 - 2015-06-17 14:11 - 00024592 ____N (StrikeForce Technologies, Inc.) C:\Windows\system32\Drivers\gidv2.sys
2016-01-01 00:21 - 2016-01-01 00:22 - 00000000 ____D C:\Users\DELL\Desktop\Taxes
2015-12-31 14:21 - 2015-12-31 14:28 - 00000000 ____D C:\Users\DELL\Documents\TurboTax
2015-12-31 14:20 - 2015-12-31 14:20 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Intuit
2015-12-31 14:20 - 2015-12-31 14:20 - 00000000 ____D C:\Users\DELL\AppData\Local\IsolatedStorage
2015-12-31 14:19 - 2015-12-31 14:19 - 00000000 ____D C:\Users\ADMINdell\AppData\Roaming\Intuit
2015-12-31 14:18 - 2015-12-31 14:19 - 00000307 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-12-31 14:18 - 2015-12-31 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014
2015-12-31 14:17 - 2015-12-31 14:18 - 00000000 ____D C:\Program Files\Common Files\Intuit
2015-12-31 14:17 - 2015-12-31 14:17 - 00000000 ____D C:\Program Files\TurboTax
2015-12-31 14:16 - 2015-12-31 14:18 - 00000000 ____D C:\ProgramData\Intuit
2015-12-31 06:30 - 2015-12-31 06:30 - 00000000 ____D C:\Users\DELL\AppData\Local\GWX
2015-12-30 21:20 - 2015-12-30 21:20 - 00000000 ____D C:\Users\DELL\Downloads\LicenseRecovery109
2015-12-30 21:16 - 2015-12-30 21:16 - 04604138 _____ C:\Users\DELL\Downloads\LicenseRecovery109.zip
2015-12-30 00:53 - 2015-12-30 00:53 - 40817864 _____ C:\Users\DELL\AppData\Roaming\Thunderbird.zip
2015-12-29 08:49 - 2016-01-01 09:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-29 08:49 - 2015-12-29 08:49 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-29 08:49 - 2015-12-29 08:49 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-29 08:43 - 2015-12-29 08:43 - 00000000 ____D C:\Program Files\Common Files\Java
2015-12-29 08:39 - 2015-12-29 08:39 - 00584288 _____ (Oracle Corporation) C:\Users\DELL\Downloads\jre-8u66-windows-i586-iftw.exe
2015-12-29 08:38 - 2015-12-29 08:38 - 00248624 _____ C:\Users\DELL\Downloads\Firefox Setup Stub 43.0.3.exe
2015-12-28 21:13 - 2015-12-28 21:13 - 00015788 _____ C:\Users\DELL\Desktop\tecTrack.pdf
2015-12-28 11:25 - 2015-12-30 10:38 - 00000000 ____D C:\Users\DELL\.fcc
2015-12-28 11:25 - 2015-12-28 11:25 - 00000958 _____ C:\Users\DELL\Desktop\FCC.lnk
2015-12-28 11:25 - 2015-12-28 11:25 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FCC
2015-12-28 11:25 - 2015-12-28 11:25 - 00000000 ____D C:\Users\DELL\AppData\Local\FCCPlugins
2015-12-28 11:25 - 2015-12-28 11:25 - 00000000 ____D C:\Users\DELL\AppData\Local\FCC
2015-12-27 21:07 - 2009-08-19 23:50 - 00022872 ____R (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2015-12-27 21:05 - 2015-12-28 10:51 - 00000000 ____D C:\_AcroTemp
2015-12-25 07:36 - 2015-12-25 07:36 - 00000000 ____D C:\Users\DELL\Desktop\Old Firefox Data
2015-12-25 07:31 - 2016-01-01 22:50 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-24 08:40 - 2015-12-24 08:40 - 00001230 _____ C:\Users\DELL\Desktop\Opera.lnk
2015-12-24 08:40 - 2015-12-24 08:40 - 00001230 _____ C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-24 08:12 - 2015-12-24 08:12 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2015-12-24 08:11 - 2015-12-27 21:08 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
2015-12-24 08:11 - 2015-12-27 21:07 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
2015-12-24 08:11 - 2015-12-24 08:12 - 00001991 _____ C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
2015-12-24 08:11 - 2015-12-24 08:11 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk
2015-12-24 08:11 - 2009-08-19 23:50 - 00046928 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2015-12-24 07:50 - 2015-12-29 08:40 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-24 07:50 - 2015-12-29 08:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-23 20:43 - 2015-12-25 12:43 - 00000000 ____D C:\Users\DELL\AppData\Local\Amazon Cloud Drive
2015-12-23 20:43 - 2015-12-23 20:43 - 00001167 _____ C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Drive.lnk
2015-12-23 20:43 - 2015-12-23 20:43 - 00001155 _____ C:\Users\DELL\Desktop\Amazon Cloud Drive.lnk
2015-12-23 20:43 - 2015-12-23 20:43 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Amazon Cloud Drive
2015-12-23 20:41 - 2015-12-23 20:42 - 00867648 _____ (Amazon) C:\Users\DELL\Downloads\AmazonCloudDriveSetup.exe
2015-12-23 06:18 - 2015-12-23 06:19 - 00149344 _____ C:\Windows\Minidump\122315-33321-01.dmp
2015-12-23 06:18 - 2015-12-23 06:18 - 289873148 _____ C:\Windows\MEMORY.DMP
2015-12-22 08:52 - 2015-12-22 08:52 - 00363106 _____ C:\Users\DELL\Desktop\MyMedicare.pdf
2015-12-21 21:48 - 2015-12-21 21:54 - 312358086 _____ C:\Users\DELL\Downloads\Country Sub ----- XTube Porn Video - Biversbear[via torchbrowser.com].mp4
2015-12-21 21:46 - 2015-12-21 21:49 - 162015970 _____ C:\Users\DELL\Downloads\TRAINING A WILLING SLAVE - XTube Porn Video - kink1095[via torchbrowser.com].mp4
2015-12-21 21:44 - 2015-12-21 21:54 - 253219216 _____ C:\Users\DELL\Downloads\Boy17- His Biggest Dick Ever - XTube Porn Video - throat-it-boy[via torchbrowser.com] (1).mp4
2015-12-21 21:42 - 2015-12-21 21:46 - 197393064 _____ C:\Users\DELL\Downloads\Andy gets dealt with - XTube Porn Video - daddyspanks[via torchbrowser.com] (1).mp4
2015-12-21 21:38 - 2015-12-21 21:43 - 256522551 _____ C:\Users\DELL\Downloads\My boy and me - XTube Porn Video - Cuteboygdl21[via torchbrowser.com].mp4
2015-12-21 21:36 - 2015-12-21 21:37 - 168076876 _____ C:\Users\DELL\Downloads\me and chinese boy - XTube Porn Video - fands75012[via torchbrowser.com].mp4
2015-12-21 21:35 - 2015-12-21 21:41 - 275732821 _____ C:\Users\DELL\Downloads\a funny day - XTube Porn Video - Bursche1[via torchbrowser.com].mp4
2015-12-21 21:34 - 2015-12-21 21:36 - 133461597 _____ C:\Users\DELL\Downloads\Youngin 19yr - XTube Porn Video - BBC45[via torchbrowser.com].mp4
2015-12-21 21:32 - 2015-12-21 21:33 - 298701469 _____ C:\Users\DELL\Downloads\Destroying Fusknecht's Ass - XTube Porn Video - 2keumsExhib[via torchbrowser.com].mp4
2015-12-21 21:26 - 2015-12-21 21:29 - 143820894 _____ C:\Users\DELL\Downloads\23yr&25yr Pantyboys - XTube Porn Video - BBC45[via torchbrowser.com].mp4
2015-12-21 21:26 - 2015-12-21 21:28 - 154552301 _____ C:\Users\DELL\Downloads\for my boy - XTube Porn Video - miguelpasive[via torchbrowser.com].mp4
2015-12-21 21:24 - 2015-12-21 21:28 - 148717332 _____ C:\Users\DELL\Downloads\22yr Sub - XTube Porn Video - BBC45[via torchbrowser.com] (2).mp4
2015-12-21 21:23 - 2015-12-21 21:23 - 00868680 _____ C:\Users\DELL\Downloads\22yr Sub - XTube Porn Video - BBC45[via torchbrowser.com] (1).mp4
2015-12-21 21:20 - 2015-12-21 21:21 - 19785413 _____ C:\Users\DELL\Downloads\Twink Timmy fingers and self-sucks in sis's bed - XTube Porn Video - timmy-bi-18[via torchbrowser.com].mp4
2015-12-21 21:20 - 2015-12-21 21:21 - 140094616 _____ C:\Users\DELL\Downloads\2 Gorgeous Gay Boys With Hot Asses Have Fun On Cam - XTube Porn Video - finntom[via torchbrowser.com] (1).mp4
2015-12-21 21:20 - 2015-12-21 21:20 - 00868680 _____ C:\Users\DELL\Downloads\22yr Sub - XTube Porn Video - BBC45[via torchbrowser.com].mp4
2015-12-21 21:17 - 2015-12-21 21:19 - 140094616 _____ C:\Users\DELL\Downloads\2 Gorgeous Gay Boys With Hot Asses Have Fun On Cam - XTube Porn Video - finntom[via torchbrowser.com].mp4
2015-12-21 21:12 - 2015-12-21 21:22 - 199175613 _____ C:\Users\DELL\Downloads\my slave well used - XTube Porn Video - sirjune[via torchbrowser.com].mp4
2015-12-21 21:10 - 2015-12-21 21:14 - 190202579 _____ C:\Users\DELL\Downloads\latin bare session - XTube Porn Video - skin_38[via torchbrowser.com].mp4
2015-12-21 21:08 - 2015-12-21 21:20 - 534033588 _____ C:\Users\DELL\Downloads\german hustler - XTube Porn Video - skin_38[via torchbrowser.com].mp4
2015-12-21 21:06 - 2015-12-21 21:10 - 240427497 _____ C:\Users\DELL\Downloads\My favourite colombian soccer players_2 - XTube Porn Video - skin_38[via torchbrowser.com].mp4
2015-12-21 21:04 - 2015-12-21 21:09 - 261888496 _____ C:\Users\DELL\Downloads\My favourite colombian soccer players_1 - XTube Porn Video - skin_38[via torchbrowser.com].mp4
2015-12-21 21:04 - 2015-12-21 21:07 - 155883561 _____ C:\Users\DELL\Downloads\2 Sexiest Athletic Str8 Boys Go Gay,Hot Asses,Cumshots - XTube Porn Video - finntom[via torchbrowser.com].mp4
2015-12-21 21:02 - 2015-12-21 21:14 - 50820138 _____ C:\Users\DELL\Downloads\CBT Rubber Slave Cam Session - XTube Porn Video - rubbercam[via torchbrowser.com] (2).mp4
2015-12-21 21:02 - 2015-12-21 21:08 - 272434324 _____ C:\Users\DELL\Downloads\Slave Cam Session - XTube Porn Video - rubbercam[via torchbrowser.com].mp4
2015-12-21 21:00 - 2015-12-21 21:03 - 164793392 _____ C:\Users\DELL\Downloads\I Bottom - XTube Porn Video - BBC45[via torchbrowser.com].mp4
2015-12-21 21:00 - 2015-12-21 21:02 - 50820138 _____ C:\Users\DELL\Downloads\CBT Rubber Slave Cam Session - XTube Porn Video - rubbercam[via torchbrowser.com] (1).mp4
2015-12-21 20:59 - 2015-12-21 21:00 - 50820138 _____ C:\Users\DELL\Downloads\CBT Rubber Slave Cam Session - XTube Porn Video - rubbercam[via torchbrowser.com].mp4
2015-12-21 20:57 - 2015-12-21 21:22 - 607158695 _____ C:\Users\DELL\Downloads\sissy slave bondage and anal compilation - XTube Porn Video - analslave[via torchbrowser.com] (1).mp4
2015-12-21 20:55 - 2015-12-21 20:55 - 00969600 _____ C:\Users\DELL\Downloads\sissy slave bondage and anal compilation - XTube Porn Video - analslave[via torchbrowser.com].mp4
2015-12-21 20:53 - 2015-12-21 20:55 - 69782294 _____ C:\Users\DELL\Downloads\Barebacked - XTube Porn Video - geowhiz6[via torchbrowser.com].mp4
2015-12-21 20:48 - 2015-12-21 20:48 - 01666712 _____ (Torch Media, Inc) C:\Users\DELL\Downloads\TorchSetup-r20-n-bc.exe
2015-12-21 20:24 - 2015-12-21 20:24 - 00720280 _____ (Opera Software) C:\Users\DELL\Downloads\Opera_NI_stable(2).exe
2015-12-18 13:40 - 2015-12-18 13:40 - 00024454 _____ C:\ProgramData\1450464038.bdinstall.bin
2015-12-18 10:31 - 2015-12-18 10:33 - 00065200 _____ C:\Windows\ntbtlog.txt
2015-12-17 21:42 - 2015-12-17 21:42 - 00000000 ____D C:\ProgramData\bdch
2015-12-17 21:29 - 2015-12-17 21:29 - 00000346 _____ C:\Windows\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864.job
2015-12-17 08:23 - 2015-12-17 08:23 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-12-17 08:17 - 2015-12-17 08:17 - 00280128 _____ (www.BitComet.com) C:\Users\DELL\Downloads\FlvPlayer_1.4.exe
2015-12-17 08:15 - 2015-12-17 08:14 - 09036703 _____ (Sakysoft s.r.l. uninominale ) C:\Users\ADMINdell\Downloads\FLVPlayer4Free
2015-12-17 07:33 - 2015-12-17 07:33 - 00002540 _____ C:\Users\ADMINdell\Downloads\STIN_W649001-det.mcs
2015-12-17 07:33 - 2015-12-17 07:33 - 00002540 _____ C:\Users\ADMINdell\Downloads\STIN_W649001-det (1).mcs
2015-12-17 07:31 - 2015-12-17 07:31 - 00720352 _____ (Opera Software) C:\Users\ADMINdell\Downloads\Opera_NI_stable.exe
2015-12-15 15:34 - 2015-12-15 15:34 - 00120786 _____ C:\Users\DELL\Desktop\sf5510english.pdf
2015-12-15 14:04 - 2015-12-15 14:04 - 00719819 _____ C:\Users\DELL\Desktop\Gmail - [DA 15 December 2015] December 2015 Night Sky Calendar (second half).pdf
2015-12-11 16:45 - 2015-11-24 18:43 - 01599336 _____ (Malwarebytes) C:\Users\ADMINdell\Desktop\JRT.exe
2015-12-11 16:37 - 2015-12-11 16:37 - 01738240 _____ C:\Users\ADMINdell\Downloads\adwcleaner_5.024.exe
2015-12-11 14:28 - 2015-12-11 14:28 - 00937827 _____ C:\Users\DELL\Downloads\davenport rollover 2 signed SM.PDF
2015-12-09 17:59 - 2015-12-09 18:10 - 00000000 ____D C:\Users\DELL\Desktop\TIAACRF rollover Dec2015
2015-12-09 17:53 - 2015-11-11 15:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 17:53 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 17:53 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 17:53 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 17:53 - 2015-11-11 10:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 17:53 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 17:53 - 2015-11-11 09:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 17:53 - 2015-11-10 13:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 17:53 - 2015-11-10 13:39 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 17:53 - 2015-11-10 13:39 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 17:53 - 2015-11-10 12:40 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 17:53 - 2015-11-09 19:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 17:53 - 2015-11-09 19:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 17:53 - 2015-11-09 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 17:53 - 2015-11-09 19:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 17:53 - 2015-11-09 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 17:53 - 2015-11-09 19:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 17:53 - 2015-11-09 19:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 17:53 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 17:53 - 2015-11-09 19:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 17:53 - 2015-11-09 19:03 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 17:53 - 2015-11-09 19:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 17:53 - 2015-11-09 18:57 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 17:53 - 2015-11-09 18:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 17:53 - 2015-11-09 18:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 17:53 - 2015-11-09 18:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 17:53 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 17:53 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 17:53 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 17:53 - 2015-11-09 18:36 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 17:53 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 17:53 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 17:53 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 17:52 - 2015-11-20 13:34 - 02956800 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 17:52 - 2015-11-20 13:34 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 17:52 - 2015-11-20 13:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 17:52 - 2015-11-20 13:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 17:52 - 2015-11-20 13:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 17:52 - 2015-11-20 13:34 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 17:52 - 2015-11-20 13:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 17:52 - 2015-11-20 13:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 17:52 - 2015-11-20 13:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 17:52 - 2015-11-20 13:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 17:52 - 2015-11-20 13:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 17:52 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 17:52 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 17:52 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 17:52 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 17:52 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 17:52 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 17:52 - 2015-11-09 18:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 17:49 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 17:48 - 2015-11-03 13:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 17:47 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 17:47 - 2015-11-05 04:48 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 14:51 - 2015-12-09 14:51 - 00265268 _____ C:\Users\DELL\Downloads\idcard-1878963780.pdf
2015-12-07 07:35 - 2015-12-07 07:35 - 11083591 _____ C:\Users\DELL\Desktop\glpa-news-wi15.pdf
2015-12-05 14:02 - 2015-12-09 00:19 - 00000476 _____ C:\Users\DELL\Desktop\xmas list.txt
2015-12-03 08:39 - 2015-12-03 10:24 - 00306896 _____ C:\Windows\system32\Drivers\fwndislwf32.sys
2015-12-03 08:30 - 2015-03-24 00:17 - 00111368 _____ (Emsisoft GmbH) C:\Windows\system32\Drivers\epp32.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-02 08:18 - 2009-07-13 21:37 - 00000000 ____D C:\Windows
2016-01-02 08:13 - 2015-09-17 07:58 - 00000000 ____D C:\Users\DELL\Desktop\Security setups
2016-01-02 08:13 - 2015-09-17 07:57 - 00000000 ____D C:\Users\DELL\Desktop\security APPS
2016-01-02 08:10 - 2009-07-13 23:34 - 00026640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-02 08:10 - 2009-07-13 23:34 - 00026640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-02 08:09 - 2010-11-20 16:01 - 00781610 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-02 08:09 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\inf
2016-01-02 08:05 - 2009-07-13 23:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-02 08:04 - 2009-07-13 23:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-02 08:02 - 2015-09-22 07:19 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-01-01 23:11 - 2015-09-22 08:24 - 00190435 _____ C:\bdlog.txt
2016-01-01 23:05 - 2015-09-14 22:32 - 00000000 ____D C:\Users\DELL\AppData\Local\Newsbin
2016-01-01 20:29 - 2015-09-19 12:50 - 00000000 ____D C:\Program Files\RogueKiller
2016-01-01 19:44 - 2015-09-19 12:50 - 00030848 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-01-01 19:44 - 2015-09-19 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-01-01 19:29 - 2015-09-25 20:22 - 00000000 ____D C:\Users\DELL\AppData\Roaming\vlc
2016-01-01 16:53 - 2015-09-21 15:20 - 00000538 _____ C:\Users\DELL\advanced_ip_scanner_MAC.bin
2016-01-01 16:35 - 2015-09-19 14:48 - 00000000 ____D C:\Users\ADMINdell\Desktop\security APPS
2016-01-01 09:27 - 2015-10-04 09:48 - 00000119 _____ C:\Users\DELL\Desktop\privacy key.txt
2016-01-01 09:25 - 2015-09-25 13:10 - 00000000 ____D C:\Users\DELL\Downloads\Bitdefender Safepay
2016-01-01 08:49 - 2009-07-13 23:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-01-01 08:46 - 2009-07-13 23:33 - 00302040 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-31 14:20 - 2014-11-10 10:18 - 00069824 _____ C:\Users\DELL\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-31 14:16 - 2015-09-19 14:43 - 00067280 _____ C:\Users\ADMINdell\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-29 13:54 - 2015-09-14 14:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-29 08:45 - 2015-10-20 13:35 - 00000000 ____D C:\Users\DELL\.oracle_jre_usage
2015-12-29 08:45 - 2014-11-10 09:52 - 00000000 ____D C:\ProgramData\Oracle
2015-12-29 08:44 - 2014-11-10 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-29 08:44 - 2014-11-10 09:51 - 00000000 ____D C:\Program Files\Java
2015-12-29 08:42 - 2015-10-19 16:59 - 00000000 ____D C:\Users\ADMINdell\.oracle_jre_usage
2015-12-29 08:42 - 2014-11-10 09:52 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-12-29 08:40 - 2014-11-10 09:47 - 00000000 ____D C:\Users\DELL\AppData\Local\Adobe
2015-12-29 08:39 - 2015-10-02 15:21 - 00000000 ____D C:\Users\ADMINdell\AppData\Local\Adobe
2015-12-28 20:43 - 2015-09-21 16:49 - 00000000 ____D C:\Program Files\pia_manager
2015-12-28 11:25 - 2014-11-07 11:32 - 00000000 ____D C:\Users\DELL
2015-12-27 10:26 - 2015-09-22 09:27 - 00000664 _____ C:\Users\ADMINdell\advanced_ip_scanner_MAC.bin
2015-12-25 12:43 - 2015-11-25 11:50 - 00000000 ____D C:\Windows\Minidump
2015-12-25 12:43 - 2015-10-22 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2015-12-25 12:43 - 2015-10-13 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-25 12:43 - 2015-10-13 12:33 - 00000000 ____D C:\ProgramData\FLEXnet
2015-12-25 12:43 - 2015-09-30 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2015-12-25 12:43 - 2015-09-22 12:47 - 00000000 ____D C:\ProgramData\HitmanPro
2015-12-25 12:43 - 2015-09-22 12:47 - 00000000 ____D C:\Program Files\HitmanPro
2015-12-25 12:43 - 2015-09-21 20:58 - 00000000 ____D C:\Users\ADMINdell\Documents\Cclnr RegBUPS
2015-12-25 12:43 - 2015-09-21 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-12-25 12:43 - 2015-09-21 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-25 12:43 - 2015-09-21 16:49 - 00000000 ____D C:\Users\ADMINdell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2015-12-25 12:43 - 2015-09-21 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2015-12-25 12:43 - 2015-09-19 14:42 - 00000000 ____D C:\Users\ADMINdell
2015-12-25 12:43 - 2015-09-19 12:50 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-25 12:43 - 2015-09-16 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-12-25 12:43 - 2015-09-16 13:21 - 00000000 ____D C:\Program Files\Common Files\EPSON
2015-12-25 12:43 - 2015-09-15 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PageBreeze
2015-12-25 12:43 - 2015-09-14 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-12-25 12:43 - 2015-09-14 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
2015-12-25 12:43 - 2015-09-14 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-25 12:43 - 2015-07-01 12:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-25 12:43 - 2014-11-10 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-25 12:43 - 2014-11-10 10:00 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-12-25 12:43 - 2014-11-10 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-25 12:43 - 2014-11-10 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2015-12-25 12:43 - 2014-11-10 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-12-25 12:43 - 2014-11-10 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-25 12:43 - 2014-11-10 09:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-25 12:43 - 2014-11-10 09:47 - 00000000 ____D C:\Windows\system32\Macromed
2015-12-25 12:43 - 2014-11-07 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE
2015-12-25 12:43 - 2009-07-13 23:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-25 12:43 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\rescache
2015-12-25 12:43 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\registration
2015-12-24 08:40 - 2015-09-29 08:58 - 00000000 ____D C:\Users\DELL\AppData\Roaming\Opera Software
2015-12-24 08:40 - 2015-09-29 08:58 - 00000000 ____D C:\Users\DELL\AppData\Local\Opera Software
2015-12-24 08:07 - 2015-07-01 10:03 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-24 08:05 - 2014-11-10 09:51 - 00000000 ____D C:\ProgramData\Adobe
2015-12-24 08:01 - 2015-09-19 14:27 - 00000000 ____D C:\Users\DELL\Desktop\Greens
2015-12-22 13:44 - 2015-09-26 18:28 - 00000000 ____D C:\Users\ADMINdell\AppData\Local\CrashDumps
2015-12-21 20:23 - 2015-11-11 13:07 - 00000000 ____D C:\Program Files\Opera
2015-12-21 20:23 - 2015-10-20 08:57 - 00000000 ____D C:\Users\ADMINdell\AppData\Roaming\Opera Software
2015-12-21 20:23 - 2015-10-20 08:57 - 00000000 ____D C:\Users\ADMINdell\AppData\Local\Opera Software
2015-12-21 20:20 - 2015-09-22 11:46 - 00000000 ____D C:\Users\DELL\AppData\Local\CrashDumps
2015-12-21 20:20 - 2015-09-14 21:58 - 00000000 ____D C:\Users\DELL\AppData\Roaming\MPC-HC
2015-12-17 21:52 - 2015-09-21 20:26 - 00000000 ____D C:\Program Files\CCleaner
2015-12-17 21:10 - 2015-09-21 20:07 - 00000000 ____D C:\AdwCleaner
2015-12-16 11:11 - 2015-09-16 13:21 - 00000000 ____D C:\ProgramData\EPSON
2015-12-14 21:24 - 2015-09-22 07:42 - 00083824 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-12-13 20:10 - 2015-09-17 07:56 - 00000000 ____D C:\Users\DELL\Desktop\Phoenix Security
2015-12-11 22:25 - 2015-10-01 10:30 - 00000000 ____D C:\Users\DELL\Desktop\XFER
2015-12-11 16:51 - 2015-09-26 21:03 - 00001544 _____ C:\Users\ADMINdell\Desktop\JRT.txt
2015-12-09 22:27 - 2014-11-07 12:35 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 22:23 - 2014-11-07 12:35 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 17:13 - 2015-09-21 21:02 - 00007604 _____ C:\Users\ADMINdell\AppData\Local\Resmon.ResmonCfg
2015-12-08 09:47 - 2015-10-13 07:08 - 00000000 ____D C:\Users\DELL\Desktop\MAPS
2015-12-08 06:46 - 2015-10-17 22:00 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2015-12-05 07:27 - 2015-11-06 15:10 - 00061006 _____ C:\Users\ADMINdell\Desktop\Show-Hidden.txt
2015-12-03 08:55 - 2015-10-17 22:40 - 00000000 ____D C:\ProgramData\Emsisoft
 
==================== Files in the root of some directories =======
 
2015-09-21 21:02 - 2015-12-08 17:13 - 0007604 _____ () C:\Users\ADMINdell\AppData\Local\Resmon.ResmonCfg
2015-12-18 13:40 - 2015-12-18 13:40 - 0024454 _____ () C:\ProgramData\1450464038.bdinstall.bin
2015-12-31 14:18 - 2015-12-31 14:19 - 0000307 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Some files in TEMP:
====================
C:\Users\ADMINdell\AppData\Local\Temp\dllnt_dump.dll
C:\Users\ADMINdell\AppData\Local\Temp\sqlite3.dll
C:\Users\ADMINdell\AppData\Local\Temp\{49E47387-C881-4476-9F79-CFE99FE4A3FE}.exe
C:\Users\DELL\AppData\Local\Temp\CloudDriveInstaller.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-30 12:33
 
==================== End of FRST.txt ============================
 
 
Addition.txt log:
 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-12-2015
Ran by ADMINdell (2016-01-02 08:18:50)
Running from C:\Users\DELL\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2014-11-07 16:32:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
ADMINdell (S-1-5-21-2417215444-1419857924-85494366-1003 - Administrator - Enabled) => C:\Users\ADMINdell
Administrator (S-1-5-21-2417215444-1419857924-85494366-500 - Administrator - Disabled)
DELL (S-1-5-21-2417215444-1419857924-85494366-1000 - Limited - Enabled) => C:\Users\DELL
Guest (S-1-5-21-2417215444-1419857924-85494366-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2417215444-1419857924-85494366-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
Amazon Cloud Drive (HKU\S-1-5-21-2417215444-1419857924-85494366-1000\...\Amazon Cloud Drive) (Version: 3.1.2.21 - Amazon.com, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.18.1035 - Bitdefender)
Bitdefender Internet Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.18.1037 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Combined Community Codec Pack 2014-07-13 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Core FTP LE (HKLM\...\CoreFTP) (Version:  - )
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
FCC (HKU\S-1-5-21-2417215444-1419857924-85494366-1000\...\FCC) (Version: 2.4.7796.1001 - FreeConferenceCall LLC)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
GrampsAIO32 (HKU\S-1-5-21-2417215444-1419857924-85494366-1000\...\GrampsAIO32 4.1.3) (Version: 4.1.3 - The GRAMPS project)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
K-Lite Codec Pack 11.4.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 43.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.3 (x86 en-US)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.3 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 en-US) (HKLM\...\Mozilla Thunderbird 38.2.0 (x86 en-US)) (Version: 38.2.0 - Mozilla)
Newsbin Pro (HKLM\...\Newsbin6) (Version: 6.60 - DJI Interprises, LLC)
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 34.0.2036.42 (HKU\S-1-5-21-2417215444-1419857924-85494366-1000\...\Opera 34.0.2036.42) (Version: 34.0.2036.42 - Opera Software)
PageBreeze Free HTML Editor (HKLM\...\PageBreeze Free HTML Editor) (Version:  - )
PrivacyProtect (HKLM\...\{DF742041-2541-4DD1-93AE-48A8941830AB}) (Version: 3.00.1087 - StrikeForce Technologies, Inc)
Private Internet Access Support Files (HKLM\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.14.0 - Ralink)
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.5491 - Analog Devices)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TurboTax 2014 (HKLM\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
VirusTotal Uploader 2.2 (HKLM\...\VTUploader) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {5EA5C2EB-1B63-41EF-9256-F1EE309BBB49} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {811B9920-06B7-4D7E-BAAE-8F4204E47820} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {B3576F33-AC3B-4505-8A4B-82BB5CB3FB5A} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2015-11-09] (Bitdefender)
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {E034071C-6A2C-41B2-AA66-0607B267B67F} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-12-28] ()
Task: {E4C5E678-55DD-45A7-9D9F-92CF59ED106A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\Windows\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864.job => C:\Program Files\Bitdefender Agent\WatchDog.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-22 19:29 - 2013-09-03 13:29 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2015-12-03 20:28 - 2015-12-03 20:28 - 00749144 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01142_002\ashttpbr.mdl
2015-12-03 20:28 - 2015-12-03 20:28 - 00635880 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01142_002\ashttpdsp.mdl
2015-12-03 20:28 - 2015-12-03 20:28 - 02300336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01142_002\ashttpph.mdl
2015-12-03 20:28 - 2015-12-03 20:28 - 01199272 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01142_002\ashttprbl.mdl
2015-03-20 16:37 - 2015-03-20 16:37 - 00282184 _____ () C:\Program Files\Advanced IP Scanner\pcre.dll
2015-03-20 16:37 - 2015-03-20 16:37 - 00868936 _____ () C:\Program Files\Advanced IP Scanner\platforms\qwindows.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\ADMINdell\Downloads\adwcleaner_5.024.exe:BDU
AlternateDataStreams: C:\Users\ADMINdell\Downloads\jxpiinstall(1).exe:BDU
AlternateDataStreams: C:\Users\ADMINdell\Downloads\jxpiinstall.exe:BDU
AlternateDataStreams: C:\Users\ADMINdell\Downloads\Opera_NI_stable.exe:BDU
AlternateDataStreams: C:\Users\ADMINdell\Downloads\rootkitremover.exe:BDU
AlternateDataStreams: C:\Users\ADMINdell\Downloads\setup(2).exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\adwcleaner_5.018.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\autoruns.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\bitdefender_isecurity (1).exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\ccsetup510.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\EmsisoftEmergencyKit.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\FlvPlayer_1.4.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\GrampsAIO-4.1.3-1_win32_py27.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\HitmanPro.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\installer_win.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\mbar-1.09.3.1001.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\mfx.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\Opera_NI_stable(1).exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\Opera_NI_stable.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\rkill.com:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\setup.exe:BDU
AlternateDataStreams: C:\Users\DELL\Downloads\TorchSetup-r20-n-bf.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10616606.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15237512.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27719801.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\31825922.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\33660189.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38378126.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\39109420.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\39433743.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\63012618.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70201593.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87857851.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\97270688.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10616606.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15237512.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27719801.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\31825922.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\33660189.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38378126.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\39109420.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\39433743.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\63012618.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\70201593.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87857851.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\97270688.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:04 - 2016-01-02 07:58 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2417215444-1419857924-85494366-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2417215444-1419857924-85494366-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\ADMINdell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: atchksrv => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: atchk => "C:\Program Files\Intel\AMT\atchk.exe"
MSCONFIG\startupreg: Bdagent => "C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe"
MSCONFIG\startupreg: Bitdefender Wallet Agent => "C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes Anti-Malware (cleanup) => "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files\Analog Devices\Core\smax4pnp.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7B804271-0628-45FB-BED6-0FE89B8BA7DD}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9F769B78-DC59-4449-B4A8-84047E166222}] => (Allow) C:\Program Files\Newsbin\newsbinpro.exe
FirewallRules: [{A68F0B49-56C1-46C7-9B43-B2193642142B}] => (Allow) C:\Program Files\Newsbin\newsbinpro.exe
FirewallRules: [{46FE7C30-2C1E-4A03-A984-14DCB5EAF4C2}] => (Allow) C:\Program Files\Newsbin\newsbinpro.exe
FirewallRules: [{4ACA2A23-973A-4F8C-A560-24FCD6F902F3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D16AD77A-CEBF-40C0-8857-02BA5CF16521}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6F30A935-13C8-4508-8294-3F028088DDCB}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{34BD401D-5EBD-4AB0-89E9-87159BEE12A2}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{5CF9D42E-B858-48FB-AC69-2FD86F153083}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{AAC299E2-58EF-49C1-A369-1E99919C52ED}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{E830D289-B381-42E1-8228-A57CDDE9B247}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{EAFA52D7-5E3B-4020-B739-D23FED02CE5C}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
 
==================== Restore Points =========================
 
24-12-2015 07:43:05 Removed Adobe Acrobat 9 Pro - English, Français, Deutsch.
24-12-2015 08:01:51 Installed Adobe Acrobat 9 Pro - English, Français, Deutsch.
25-12-2015 12:35:27 Restore Operation
29-12-2015 08:43:45 Removed Java 8 Update 60
31-12-2015 14:17:32 Installed TurboTax 2014 wrapper
01-01-2016 09:26:46 Installed PrivacyProtect.
 
==================== Faulty Device Manager Devices =============
 
Name: Intel® 82566DM-2 Gigabit Network Connection
Description: Intel® 82566DM-2 Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1express
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/02/2016 07:59:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/02/2016 07:59:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/01/2016 06:43:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/01/2016 06:43:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/01/2016 12:20:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/01/2016 12:20:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/31/2015 01:13:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/31/2015 01:13:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (12/30/2015 03:12:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (12/30/2015 10:42:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (01/02/2016 08:06:11 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: 
%%1056
 
Error: (01/02/2016 08:06:11 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: 
%%1056
 
Error: (01/02/2016 08:04:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (01/02/2016 08:04:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/02/2016 08:04:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (01/02/2016 08:04:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (01/02/2016 08:04:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/02/2016 08:04:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (01/02/2016 08:04:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (01/02/2016 08:04:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 33%
Total physical RAM: 3316.61 MB
Available physical RAM: 2214.44 MB
Total Virtual: 6631.53 MB
Available Virtual: 5501.97 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:477.21 GB) (Free:424.37 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DOCS D) (Fixed) (Total:454.3 GB) (Free:436.22 GB) NTFS
Drive e: (Data Split 1) (Fixed) (Total:465.76 GB) (Free:140.03 GB) NTFS
Drive f: (Data Split 2) (Fixed) (Total:465.75 GB) (Free:121.57 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 40DB9245)
Partition 1: (Active) - (Size=477.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=454.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:26 PM

Posted 02 January 2016 - 01:10 PM

2015-12-17 08:23 - 2015-12-17 08:23 - 00000000 ____D C:\TDSSKiller_Quarantine


What has been deleted? Can you please post the log?
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 MeerMan

MeerMan
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 02 January 2016 - 01:54 PM

The log is no longer on the computer. Perhaps I deleted it. A quarantine folder seems to remain and I can show the contents of ini files there:

 

Filenam=C:\TDSSKiller_Quarantine\17.12.2015_08.21.59\susp0000\object.ini

 

"[InfectedObject]
Verdict: UnsignedFile.Multi.Generic"
 
Filenam= C:\TDSSKiller_Quarantine\17.12.2015_08.21.59\susp0000\svc0000\object.ini
 
"[InfectedObject]
Type: Service
Name: AppVerifier
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: "C:\ProgramData\Appverifier\AppVerifierService.exe""
 
Filenam=C:\TDSSKiller_Quarantine\17.12.2015_08.21.59\susp0000\svc0000\tsk0000.ini
 
"[InfectedFile]
Type: Raw image
Src: C:\ProgramData\Appverifier\AppVerifierService.exe
md5: 93A581CFF518B02E88C46754BAF2DE4B
sha256: F49F98C35D2B5DFDF94637D78118CCF0322C69134B296EBE62F555E62C62288A"
 
 
Thank you!
Meerman


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:26 PM

Posted 03 January 2016 - 05:45 AM

That was no malware.

 

Please follow the instructions below:

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

tdss.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 MeerMan

MeerMan
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 03 January 2016 - 07:36 AM

I have copied the report below. Also.. I was surprised and I am concerned that my copy of tdsskiller.exe disappeared from my desktop. It is usually in a security apps folder on my desktop but it was not there this morning. I downloaded a fresh copy for this report.

 

Thank you!

 

 

07:30:24.0850 0x0910  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
07:30:29.0140 0x0910  ============================================================
07:30:29.0140 0x0910  Current date / time: 2016/01/03 07:30:29.0140
07:30:29.0140 0x0910  SystemInfo:
07:30:29.0140 0x0910  
07:30:29.0140 0x0910  OS Version: 6.1.7601 ServicePack: 1.0
07:30:29.0140 0x0910  Product type: Workstation
07:30:29.0140 0x0910  ComputerName: OBG2015
07:30:29.0140 0x0910  UserName: DELL
07:30:29.0140 0x0910  Windows directory: C:\Windows
07:30:29.0140 0x0910  System windows directory: C:\Windows
07:30:29.0140 0x0910  Processor architecture: Intel x86
07:30:29.0140 0x0910  Number of processors: 2
07:30:29.0140 0x0910  Page size: 0x1000
07:30:29.0140 0x0910  Boot type: Normal boot
07:30:29.0140 0x0910  ============================================================
07:30:31.0293 0x0910  KLMD registered as C:\Windows\system32\drivers\63870198.sys
07:30:31.0683 0x0910  System UUID: {FC1C9C9B-C99E-98D1-D481-B3F4B3361C70}
07:30:32.0245 0x0910  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:30:32.0245 0x0910  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:30:32.0260 0x0910  ============================================================
07:30:32.0260 0x0910  \Device\Harddisk1\DR1:
07:30:32.0260 0x0910  MBR partitions:
07:30:32.0260 0x0910  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3BA6C800
07:30:32.0260 0x0910  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3BA6D000, BlocksNum 0x38C98800
07:30:32.0260 0x0910  \Device\Harddisk0\DR0:
07:30:32.0260 0x0910  MBR partitions:
07:30:32.0260 0x0910  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A383000
07:30:32.0260 0x0910  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A383800, BlocksNum 0x3A382000
07:30:32.0260 0x0910  ============================================================
07:30:32.0307 0x0910  C: <-> \Device\Harddisk1\DR1\Partition1
07:30:32.0791 0x0910  E: <-> \Device\Harddisk0\DR0\Partition1
07:30:32.0822 0x0910  D: <-> \Device\Harddisk1\DR1\Partition2
07:30:32.0822 0x0910  F: <-> \Device\Harddisk0\DR0\Partition2
07:30:32.0822 0x0910  ============================================================
07:30:32.0822 0x0910  Initialize success
07:30:32.0822 0x0910  ============================================================
07:30:46.0035 0x0b8c  ============================================================
07:30:46.0035 0x0b8c  Scan started
07:30:46.0035 0x0b8c  Mode: Manual; SigCheck; TDLFS; 
07:30:46.0035 0x0b8c  ============================================================
07:30:46.0035 0x0b8c  KSN ping started
07:30:48.0843 0x0b8c  KSN ping finished: true
07:30:50.0200 0x0b8c  ================ Scan system memory ========================
07:30:50.0200 0x0b8c  System memory - ok
07:30:50.0200 0x0b8c  ================ Scan services =============================
07:30:50.0309 0x0b8c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
07:30:50.0419 0x0b8c  1394ohci - ok
07:30:50.0450 0x0b8c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
07:30:50.0465 0x0b8c  ACPI - ok
07:30:50.0481 0x0b8c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
07:30:50.0512 0x0b8c  AcpiPmi - ok
07:30:50.0543 0x0b8c  [ 3DB3FB83217627D9A0CB8BAE6CC5B491, 20150F8D65EB8220ED98C5F984E42A74CDCC813DC0CD303F3E244FEA78BE38CB ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
07:30:50.0590 0x0b8c  ADIHdAudAddService - ok
07:30:50.0684 0x0b8c  [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:30:50.0715 0x0b8c  AdobeARMservice - ok
07:30:50.0746 0x0b8c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:30:50.0777 0x0b8c  adp94xx - ok
07:30:50.0809 0x0b8c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:30:50.0840 0x0b8c  adpahci - ok
07:30:50.0855 0x0b8c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:30:50.0871 0x0b8c  adpu320 - ok
07:30:50.0902 0x0b8c  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:30:50.0949 0x0b8c  AeLookupSvc - ok
07:30:50.0996 0x0b8c  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
07:30:51.0058 0x0b8c  AFD - ok
07:30:51.0074 0x0b8c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
07:30:51.0105 0x0b8c  agp440 - ok
07:30:51.0105 0x0b8c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
07:30:51.0136 0x0b8c  aic78xx - ok
07:30:51.0152 0x0b8c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
07:30:51.0199 0x0b8c  ALG - ok
07:30:51.0230 0x0b8c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:30:51.0245 0x0b8c  aliide - ok
07:30:51.0261 0x0b8c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
07:30:51.0292 0x0b8c  amdagp - ok
07:30:51.0292 0x0b8c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
07:30:51.0323 0x0b8c  amdide - ok
07:30:51.0323 0x0b8c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:30:51.0370 0x0b8c  AmdK8 - ok
07:30:51.0386 0x0b8c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
07:30:51.0417 0x0b8c  AmdPPM - ok
07:30:51.0448 0x0b8c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
07:30:51.0479 0x0b8c  amdsata - ok
07:30:51.0495 0x0b8c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
07:30:51.0526 0x0b8c  amdsbs - ok
07:30:51.0526 0x0b8c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
07:30:51.0557 0x0b8c  amdxata - ok
07:30:51.0589 0x0b8c  [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID           C:\Windows\system32\drivers\appid.sys
07:30:51.0635 0x0b8c  AppID - ok
07:30:51.0651 0x0b8c  [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
07:30:51.0682 0x0b8c  AppIDSvc - ok
07:30:51.0713 0x0b8c  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo         C:\Windows\System32\appinfo.dll
07:30:51.0745 0x0b8c  Appinfo - ok
07:30:51.0760 0x0b8c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
07:30:51.0776 0x0b8c  arc - ok
07:30:51.0791 0x0b8c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:30:51.0807 0x0b8c  arcsas - ok
07:30:51.0885 0x0b8c  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
07:30:51.0916 0x0b8c  aspnet_state - ok
07:30:51.0932 0x0b8c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:30:51.0963 0x0b8c  AsyncMac - ok
07:30:51.0994 0x0b8c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
07:30:52.0010 0x0b8c  atapi - ok
07:30:52.0041 0x0b8c  [ 5B38D6E5FEDBCC7925597412554798BB, 628FFA1F0C2F38E7AD631CEF509FA5A703CA4B6255FDC68DFA8271F6982ED7AB ] atchksrv        C:\Program Files\Intel\AMT\atchksrv.exe
07:30:52.0103 0x0b8c  atchksrv - detected UnsignedFile.Multi.Generic ( 1 )
07:30:54.0960 0x0b8c  Detect skipped due to KSN trusted
07:30:54.0960 0x0b8c  atchksrv - ok
07:30:55.0007 0x0b8c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:30:55.0054 0x0b8c  AudioEndpointBuilder - ok
07:30:55.0054 0x0b8c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
07:30:55.0085 0x0b8c  Audiosrv - ok
07:30:55.0303 0x0b8c  [ DE64FD35F5BDE4A04B8EFBA13A3E875A, C7607CF179C9CF399C8ACA5B22F78B439BEF6DB9C86CDA05FC07D0402D3BD5DC ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
07:30:55.0381 0x0b8c  avc3 - ok
07:30:55.0444 0x0b8c  [ FF78566EB551FB98C87A7929603121D1, 8E896DDFDAC370F9205CC1E56FE5AC0F9B6A229CD8136CD0D6FEE32B4ECAF79A ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
07:30:55.0491 0x0b8c  avchv - ok
07:30:55.0537 0x0b8c  [ F502C197EE6E3E533A701DE93307FEB6, B5A2F32A4C612A6AC61AC5DCC5559607350D2CA0DA8291EA3A36BAB35BC5A2C3 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
07:30:55.0569 0x0b8c  avckf - ok
07:30:55.0615 0x0b8c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
07:30:55.0678 0x0b8c  AxInstSV - ok
07:30:55.0709 0x0b8c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
07:30:55.0756 0x0b8c  b06bdrv - ok
07:30:55.0787 0x0b8c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
07:30:55.0834 0x0b8c  b57nd60x - ok
07:30:55.0849 0x0b8c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
07:30:55.0896 0x0b8c  BDESVC - ok
07:30:55.0959 0x0b8c  [ A858ED8F06ADD083907FB20AB4A4E82D, 8C74F8E417E961402D0B91C19DA61BD7A732A5D7E8419F9831E00D7085263964 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
07:30:55.0990 0x0b8c  bdfwfpf - ok
07:30:56.0021 0x0b8c  [ 4ABE98479C0D30D36D1E5C15567F78D9, 352112ABE68750A483C5B4EA305F8629A5197D9DD02D9582B177D3FB12EE32F6 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
07:30:56.0052 0x0b8c  BDVEDISK - ok
07:30:56.0052 0x0b8c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:30:56.0099 0x0b8c  Beep - ok
07:30:56.0115 0x0b8c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
07:30:56.0177 0x0b8c  BFE - ok
07:30:56.0208 0x0b8c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
07:30:56.0271 0x0b8c  BITS - ok
07:30:56.0302 0x0b8c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
07:30:56.0317 0x0b8c  blbdrive - ok
07:30:56.0333 0x0b8c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:30:56.0385 0x0b8c  bowser - ok
07:30:56.0387 0x0b8c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
07:30:56.0434 0x0b8c  BrFiltLo - ok
07:30:56.0434 0x0b8c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
07:30:56.0480 0x0b8c  BrFiltUp - ok
07:30:56.0496 0x0b8c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
07:30:56.0512 0x0b8c  Browser - ok
07:30:56.0543 0x0b8c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
07:30:56.0590 0x0b8c  Brserid - ok
07:30:56.0590 0x0b8c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
07:30:56.0621 0x0b8c  BrSerWdm - ok
07:30:56.0636 0x0b8c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
07:30:56.0668 0x0b8c  BrUsbMdm - ok
07:30:56.0668 0x0b8c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
07:30:56.0699 0x0b8c  BrUsbSer - ok
07:30:56.0699 0x0b8c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:30:56.0730 0x0b8c  BTHMODEM - ok
07:30:56.0761 0x0b8c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
07:30:56.0808 0x0b8c  bthserv - ok
07:30:56.0808 0x0b8c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:30:56.0855 0x0b8c  cdfs - ok
07:30:56.0870 0x0b8c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:30:56.0917 0x0b8c  cdrom - ok
07:30:56.0933 0x0b8c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
07:30:56.0964 0x0b8c  CertPropSvc - ok
07:30:56.0980 0x0b8c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
07:30:57.0026 0x0b8c  circlass - ok
07:30:57.0042 0x0b8c  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
07:30:57.0073 0x0b8c  CLFS - ok
07:30:57.0089 0x0b8c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:30:57.0136 0x0b8c  clr_optimization_v2.0.50727_32 - ok
07:30:57.0151 0x0b8c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:30:57.0214 0x0b8c  clr_optimization_v4.0.30319_32 - ok
07:30:57.0214 0x0b8c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
07:30:57.0245 0x0b8c  CmBatt - ok
07:30:57.0260 0x0b8c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:30:57.0292 0x0b8c  cmdide - ok
07:30:57.0323 0x0b8c  [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG             C:\Windows\system32\Drivers\cng.sys
07:30:57.0354 0x0b8c  CNG - ok
07:30:57.0370 0x0b8c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
07:30:57.0401 0x0b8c  Compbatt - ok
07:30:57.0416 0x0b8c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
07:30:57.0448 0x0b8c  CompositeBus - ok
07:30:57.0448 0x0b8c  COMSysApp - ok
07:30:57.0463 0x0b8c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:30:57.0494 0x0b8c  crcdisk - ok
07:30:57.0510 0x0b8c  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:30:57.0557 0x0b8c  CryptSvc - ok
07:30:57.0588 0x0b8c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:30:57.0635 0x0b8c  DcomLaunch - ok
07:30:57.0666 0x0b8c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
07:30:57.0697 0x0b8c  defragsvc - ok
07:30:57.0713 0x0b8c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:30:57.0760 0x0b8c  DfsC - ok
07:30:57.0775 0x0b8c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
07:30:57.0806 0x0b8c  Dhcp - ok
07:30:57.0869 0x0b8c  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
07:30:57.0916 0x0b8c  DiagTrack - ok
07:30:57.0947 0x0b8c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
07:30:57.0978 0x0b8c  discache - ok
07:30:57.0978 0x0b8c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
07:30:58.0025 0x0b8c  Disk - ok
07:30:58.0072 0x0b8c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:30:58.0103 0x0b8c  Dnscache - ok
07:30:58.0118 0x0b8c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
07:30:58.0165 0x0b8c  dot3svc - ok
07:30:58.0165 0x0b8c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
07:30:58.0212 0x0b8c  DPS - ok
07:30:58.0243 0x0b8c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:30:58.0274 0x0b8c  drmkaud - ok
07:30:58.0321 0x0b8c  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:30:58.0368 0x0b8c  DXGKrnl - ok
07:30:58.0384 0x0b8c  [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
07:30:58.0415 0x0b8c  e1express - ok
07:30:58.0446 0x0b8c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
07:30:58.0540 0x0b8c  EapHost - ok
07:30:58.0789 0x0b8c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
07:30:58.0914 0x0b8c  ebdrv - ok
07:30:58.0945 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] EFS             C:\Windows\System32\lsass.exe
07:30:59.0288 0x0b8c  EFS - ok
07:30:59.0335 0x0b8c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:30:59.0398 0x0b8c  ehRecvr - ok
07:30:59.0398 0x0b8c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
07:30:59.0429 0x0b8c  ehSched - ok
07:30:59.0460 0x0b8c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:30:59.0507 0x0b8c  elxstor - ok
07:30:59.0538 0x0b8c  [ E9EFCB47B90FD5498695BB7FEFD36CAE, 453B956C99C4D3626B0B0BDB449E9F0283D01AD50C331E298D219B4710BD6870 ] EpsonScanSvc    C:\Windows\system32\EscSvc.exe
07:30:59.0585 0x0b8c  EpsonScanSvc - ok
07:30:59.0600 0x0b8c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
07:30:59.0632 0x0b8c  ErrDev - ok
07:30:59.0663 0x0b8c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
07:30:59.0694 0x0b8c  EventSystem - ok
07:30:59.0710 0x0b8c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
07:30:59.0756 0x0b8c  exfat - ok
07:30:59.0772 0x0b8c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:30:59.0819 0x0b8c  fastfat - ok
07:30:59.0850 0x0b8c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
07:30:59.0881 0x0b8c  Fax - ok
07:30:59.0897 0x0b8c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
07:30:59.0928 0x0b8c  fdc - ok
07:30:59.0944 0x0b8c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
07:30:59.0959 0x0b8c  fdPHost - ok
07:30:59.0975 0x0b8c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:31:00.0006 0x0b8c  FDResPub - ok
07:31:00.0022 0x0b8c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:31:00.0037 0x0b8c  FileInfo - ok
07:31:00.0053 0x0b8c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:31:00.0084 0x0b8c  Filetrace - ok
07:31:00.0146 0x0b8c  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
07:31:00.0193 0x0b8c  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
07:31:02.0988 0x0b8c  Detect skipped due to KSN trusted
07:31:02.0988 0x0b8c  FLEXnet Licensing Service - ok
07:31:03.0003 0x0b8c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
07:31:03.0019 0x0b8c  flpydisk - ok
07:31:03.0034 0x0b8c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:31:03.0081 0x0b8c  FltMgr - ok
07:31:03.0128 0x0b8c  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
07:31:03.0175 0x0b8c  FontCache - ok
07:31:03.0206 0x0b8c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:31:03.0237 0x0b8c  FontCache3.0.0.0 - ok
07:31:03.0253 0x0b8c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
07:31:03.0268 0x0b8c  FsDepends - ok
07:31:03.0300 0x0b8c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:31:03.0331 0x0b8c  Fs_Rec - ok
07:31:03.0362 0x0b8c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
07:31:03.0378 0x0b8c  fvevol - ok
07:31:03.0393 0x0b8c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:31:03.0424 0x0b8c  gagp30kx - ok
07:31:03.0440 0x0b8c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:31:03.0471 0x0b8c  GEARAspiWDM - ok
07:31:03.0549 0x0b8c  [ FD460015C1FD6AE4C3FDE9143AA85864, E9578167AAD6B9350752AE4B50A61FD76B1A12A03830BEBE0E0A7B587B20D5B7 ] GIDv2           C:\Windows\system32\drivers\GIDv2.sys
07:31:03.0565 0x0b8c  GIDv2 - ok
07:31:03.0596 0x0b8c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
07:31:03.0643 0x0b8c  gpsvc - ok
07:31:03.0674 0x0b8c  [ 08B30A5403FCFCF5807D2F0596FE7ABA, D9C03EE2075D2D01C2AB221349745069AFFAA9B9D99E27EDE3CFB755FE97C22B ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
07:31:03.0705 0x0b8c  gzflt - ok
07:31:03.0705 0x0b8c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
07:31:03.0752 0x0b8c  hcw85cir - ok
07:31:03.0783 0x0b8c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:31:03.0830 0x0b8c  HdAudAddService - ok
07:31:03.0846 0x0b8c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:31:03.0877 0x0b8c  HDAudBus - ok
07:31:03.0892 0x0b8c  [ 0BF1D760B05CAAAF231123D53C4789E2, 53EB2FAEFC6267BA29831D2AFF6EDBF6916B25509D8C206D34FD52E76965856B ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
07:31:03.0955 0x0b8c  HECI - ok
07:31:03.0970 0x0b8c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
07:31:04.0002 0x0b8c  HidBatt - ok
07:31:04.0002 0x0b8c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:31:04.0048 0x0b8c  HidBth - ok
07:31:04.0064 0x0b8c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
07:31:04.0095 0x0b8c  HidIr - ok
07:31:04.0111 0x0b8c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
07:31:04.0142 0x0b8c  hidserv - ok
07:31:04.0158 0x0b8c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:31:04.0204 0x0b8c  HidUsb - ok
07:31:04.0220 0x0b8c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:31:04.0267 0x0b8c  hkmsvc - ok
07:31:04.0267 0x0b8c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:31:04.0314 0x0b8c  HomeGroupListener - ok
07:31:04.0329 0x0b8c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:31:04.0360 0x0b8c  HomeGroupProvider - ok
07:31:04.0376 0x0b8c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
07:31:04.0407 0x0b8c  HpSAMD - ok
07:31:04.0423 0x0b8c  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:31:04.0470 0x0b8c  HTTP - ok
07:31:04.0485 0x0b8c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
07:31:04.0501 0x0b8c  hwpolicy - ok
07:31:04.0516 0x0b8c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
07:31:04.0548 0x0b8c  i8042prt - ok
07:31:04.0563 0x0b8c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
07:31:04.0594 0x0b8c  iaStorV - ok
07:31:04.0657 0x0b8c  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:31:04.0704 0x0b8c  idsvc - ok
07:31:04.0719 0x0b8c  IEEtwCollectorService - ok
07:31:04.0860 0x0b8c  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
07:31:05.0047 0x0b8c  igfx - ok
07:31:05.0094 0x0b8c  [ 741BE64EDD1B6FD707ECE53B9DA1E6F2, 2984B9F65EFD625CF14A375AD4AF04AF81CFFABAC4D423F6C7FC920B17922947 ] ignis           C:\Windows\system32\DRIVERS\ignis.sys
07:31:05.0125 0x0b8c  ignis - ok
07:31:05.0172 0x0b8c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:31:05.0187 0x0b8c  iirsp - ok
07:31:05.0218 0x0b8c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
07:31:05.0265 0x0b8c  IKEEXT - ok
07:31:05.0281 0x0b8c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
07:31:05.0296 0x0b8c  intelide - ok
07:31:05.0312 0x0b8c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:31:05.0343 0x0b8c  intelppm - ok
07:31:05.0437 0x0b8c  [ D46E04D83A3E174A98DC90FE23AB08DE, 0285B4A311645D292A26B276511877B46A42526BDBFBC12E3BD876A74F074720 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
07:31:05.0452 0x0b8c  IntuitUpdateServiceV4 - ok
07:31:05.0468 0x0b8c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:31:05.0499 0x0b8c  IPBusEnum - ok
07:31:05.0515 0x0b8c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:31:05.0546 0x0b8c  IpFilterDriver - ok
07:31:05.0577 0x0b8c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:31:05.0640 0x0b8c  iphlpsvc - ok
07:31:05.0655 0x0b8c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
07:31:05.0686 0x0b8c  IPMIDRV - ok
07:31:05.0702 0x0b8c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
07:31:05.0749 0x0b8c  IPNAT - ok
07:31:05.0764 0x0b8c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:31:05.0811 0x0b8c  IRENUM - ok
07:31:05.0827 0x0b8c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:31:05.0842 0x0b8c  isapnp - ok
07:31:05.0889 0x0b8c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
07:31:05.0920 0x0b8c  iScsiPrt - ok
07:31:05.0952 0x0b8c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:31:05.0967 0x0b8c  kbdclass - ok
07:31:05.0983 0x0b8c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:31:06.0014 0x0b8c  kbdhid - ok
07:31:06.0030 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] KeyIso          C:\Windows\system32\lsass.exe
07:31:06.0061 0x0b8c  KeyIso - ok
07:31:06.0092 0x0b8c  [ A061E519ACDE34843DFA3F1C7358DAA2, 457417DF5BDC267EA4649A2E65D72FC8308899C1E4F0D26113D31F42767E618E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:31:06.0123 0x0b8c  KSecDD - ok
07:31:06.0139 0x0b8c  [ 523091605C05F5DE880426A2FBA0F87C, 96884B50032B70F455D519934671940ED2493CA62CAACF68E89CCC2E5B0D3F01 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
07:31:06.0170 0x0b8c  KSecPkg - ok
07:31:06.0201 0x0b8c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:31:06.0248 0x0b8c  KtmRm - ok
07:31:06.0279 0x0b8c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
07:31:06.0326 0x0b8c  LanmanServer - ok
07:31:06.0342 0x0b8c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:31:06.0373 0x0b8c  LanmanWorkstation - ok
07:31:06.0420 0x0b8c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:31:06.0451 0x0b8c  lltdio - ok
07:31:06.0466 0x0b8c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:31:06.0513 0x0b8c  lltdsvc - ok
07:31:06.0529 0x0b8c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:31:06.0544 0x0b8c  lmhosts - ok
07:31:06.0576 0x0b8c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:31:06.0607 0x0b8c  LSI_FC - ok
07:31:06.0607 0x0b8c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:31:06.0638 0x0b8c  LSI_SAS - ok
07:31:06.0654 0x0b8c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
07:31:06.0685 0x0b8c  LSI_SAS2 - ok
07:31:06.0685 0x0b8c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:31:06.0716 0x0b8c  LSI_SCSI - ok
07:31:06.0716 0x0b8c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
07:31:06.0763 0x0b8c  luafv - ok
07:31:06.0794 0x0b8c  [ 40C7F4B63337414F967AC53E0520B06B, 1E42F17F17B8BF748EFB15112EDA2DBD76761A011673B654020084AEC02089F1 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
07:31:06.0810 0x0b8c  MBAMProtector - ok
07:31:06.0872 0x0b8c  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
07:31:06.0934 0x0b8c  MBAMService - ok
07:31:06.0966 0x0b8c  [ 63254775FE0F974F5316B4EC3F163038, 05C83C2A8C29075C25E506AA4554906096320DF5517EE550724A1DE35A7A5206 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
07:31:06.0981 0x0b8c  MBAMWebAccessControl - ok
07:31:07.0012 0x0b8c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:31:07.0044 0x0b8c  Mcx2Svc - ok
07:31:07.0059 0x0b8c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:31:07.0075 0x0b8c  megasas - ok
07:31:07.0090 0x0b8c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
07:31:07.0137 0x0b8c  MegaSR - ok
07:31:07.0153 0x0b8c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
07:31:07.0200 0x0b8c  MMCSS - ok
07:31:07.0215 0x0b8c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
07:31:07.0262 0x0b8c  Modem - ok
07:31:07.0278 0x0b8c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:31:07.0309 0x0b8c  monitor - ok
07:31:07.0324 0x0b8c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:31:07.0356 0x0b8c  mouclass - ok
07:31:07.0371 0x0b8c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
07:31:07.0402 0x0b8c  mouhid - ok
07:31:07.0418 0x0b8c  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
07:31:07.0449 0x0b8c  mountmgr - ok
07:31:07.0465 0x0b8c  [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:31:07.0527 0x0b8c  MozillaMaintenance - ok
07:31:07.0558 0x0b8c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:31:07.0590 0x0b8c  mpio - ok
07:31:07.0590 0x0b8c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:31:07.0621 0x0b8c  mpsdrv - ok
07:31:07.0652 0x0b8c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:31:07.0699 0x0b8c  MpsSvc - ok
07:31:07.0714 0x0b8c  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:31:07.0777 0x0b8c  MRxDAV - ok
07:31:07.0808 0x0b8c  [ C7492026F6691A92C4508DDDB041CE4E, 98B05C6B7EE5FE4F4BFCFDB807612897E692B4C07524506EB84B318535076ADD ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:31:07.0855 0x0b8c  mrxsmb - ok
07:31:07.0870 0x0b8c  [ 34779EBCFEAB87A236B33C365A637144, B2091C423A4767CC0616B4385FF3B8AC2CBDBCC9BF82F2C79670CC1BC1E49A02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:31:07.0902 0x0b8c  mrxsmb10 - ok
07:31:07.0933 0x0b8c  [ C34DE43FDAD9C32383BB4A5EE60126D4, 5F82D803ABB2817D9384D87435849A5EEE946B1C431348F26FA0220262DB1798 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:31:07.0948 0x0b8c  mrxsmb20 - ok
07:31:07.0980 0x0b8c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
07:31:08.0011 0x0b8c  msahci - ok
07:31:08.0026 0x0b8c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:31:08.0058 0x0b8c  msdsm - ok
07:31:08.0073 0x0b8c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
07:31:08.0104 0x0b8c  MSDTC - ok
07:31:08.0120 0x0b8c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:31:08.0151 0x0b8c  Msfs - ok
07:31:08.0167 0x0b8c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
07:31:08.0198 0x0b8c  mshidkmdf - ok
07:31:08.0214 0x0b8c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:31:08.0229 0x0b8c  msisadrv - ok
07:31:08.0260 0x0b8c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:31:08.0307 0x0b8c  MSiSCSI - ok
07:31:08.0307 0x0b8c  msiserver - ok
07:31:08.0323 0x0b8c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:31:08.0370 0x0b8c  MSKSSRV - ok
07:31:08.0385 0x0b8c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:31:08.0416 0x0b8c  MSPCLOCK - ok
07:31:08.0416 0x0b8c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:31:08.0463 0x0b8c  MSPQM - ok
07:31:08.0463 0x0b8c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:31:08.0494 0x0b8c  MsRPC - ok
07:31:08.0510 0x0b8c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:31:08.0526 0x0b8c  mssmbios - ok
07:31:08.0541 0x0b8c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:31:08.0572 0x0b8c  MSTEE - ok
07:31:08.0588 0x0b8c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
07:31:08.0619 0x0b8c  MTConfig - ok
07:31:08.0635 0x0b8c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:31:08.0650 0x0b8c  Mup - ok
07:31:08.0682 0x0b8c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
07:31:08.0713 0x0b8c  napagent - ok
07:31:08.0744 0x0b8c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:31:08.0760 0x0b8c  NativeWifiP - ok
07:31:08.0822 0x0b8c  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:31:08.0869 0x0b8c  NDIS - ok
07:31:08.0900 0x0b8c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
07:31:08.0947 0x0b8c  NdisCap - ok
07:31:08.0962 0x0b8c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:31:09.0009 0x0b8c  NdisTapi - ok
07:31:09.0025 0x0b8c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:31:09.0056 0x0b8c  Ndisuio - ok
07:31:09.0072 0x0b8c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:31:09.0134 0x0b8c  NdisWan - ok
07:31:09.0134 0x0b8c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:31:09.0181 0x0b8c  NDProxy - ok
07:31:09.0181 0x0b8c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:31:09.0228 0x0b8c  NetBIOS - ok
07:31:09.0228 0x0b8c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
07:31:09.0274 0x0b8c  NetBT - ok
07:31:09.0290 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] Netlogon        C:\Windows\system32\lsass.exe
07:31:09.0321 0x0b8c  Netlogon - ok
07:31:09.0368 0x0b8c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
07:31:09.0399 0x0b8c  Netman - ok
07:31:09.0430 0x0b8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:31:09.0493 0x0b8c  NetMsmqActivator - ok
07:31:09.0508 0x0b8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:31:09.0524 0x0b8c  NetPipeActivator - ok
07:31:09.0540 0x0b8c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
07:31:09.0571 0x0b8c  netprofm - ok
07:31:09.0618 0x0b8c  [ EA80490BB988EA22B7D3B3A4133CC9D1, 00190B9761D76BA4168B87B068C5F7D6DB1AFAE9C235B5655092692946A4A8A4 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
07:31:09.0680 0x0b8c  netr28u - ok
07:31:09.0696 0x0b8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:31:09.0711 0x0b8c  NetTcpActivator - ok
07:31:09.0711 0x0b8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:31:09.0742 0x0b8c  NetTcpPortSharing - ok
07:31:09.0758 0x0b8c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:31:09.0789 0x0b8c  nfrd960 - ok
07:31:09.0805 0x0b8c  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:31:09.0836 0x0b8c  NlaSvc - ok
07:31:09.0836 0x0b8c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:31:09.0883 0x0b8c  Npfs - ok
07:31:09.0898 0x0b8c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
07:31:09.0930 0x0b8c  nsi - ok
07:31:09.0930 0x0b8c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:31:09.0961 0x0b8c  nsiproxy - ok
07:31:10.0008 0x0b8c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:31:10.0070 0x0b8c  Ntfs - ok
07:31:10.0086 0x0b8c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
07:31:10.0117 0x0b8c  Null - ok
07:31:10.0132 0x0b8c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:31:10.0164 0x0b8c  nvraid - ok
07:31:10.0179 0x0b8c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:31:10.0210 0x0b8c  nvstor - ok
07:31:10.0226 0x0b8c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:31:10.0257 0x0b8c  nv_agp - ok
07:31:10.0257 0x0b8c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
07:31:10.0288 0x0b8c  ohci1394 - ok
07:31:10.0320 0x0b8c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
07:31:10.0351 0x0b8c  p2pimsvc - ok
07:31:10.0366 0x0b8c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:31:10.0398 0x0b8c  p2psvc - ok
07:31:10.0429 0x0b8c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
07:31:10.0460 0x0b8c  Parport - ok
07:31:10.0476 0x0b8c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:31:10.0507 0x0b8c  partmgr - ok
07:31:10.0522 0x0b8c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
07:31:10.0538 0x0b8c  Parvdm - ok
07:31:10.0554 0x0b8c  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:31:10.0585 0x0b8c  PcaSvc - ok
07:31:10.0616 0x0b8c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
07:31:10.0647 0x0b8c  pci - ok
07:31:10.0647 0x0b8c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
07:31:10.0678 0x0b8c  pciide - ok
07:31:10.0694 0x0b8c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
07:31:10.0725 0x0b8c  pcmcia - ok
07:31:10.0741 0x0b8c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
07:31:10.0772 0x0b8c  pcw - ok
07:31:10.0788 0x0b8c  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:31:10.0819 0x0b8c  PEAUTH - ok
07:31:10.0866 0x0b8c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
07:31:10.0959 0x0b8c  pla - ok
07:31:10.0990 0x0b8c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:31:11.0037 0x0b8c  PlugPlay - ok
07:31:11.0053 0x0b8c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
07:31:11.0084 0x0b8c  PNRPAutoReg - ok
07:31:11.0084 0x0b8c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
07:31:11.0115 0x0b8c  PNRPsvc - ok
07:31:11.0146 0x0b8c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:31:11.0193 0x0b8c  PolicyAgent - ok
07:31:11.0224 0x0b8c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
07:31:11.0256 0x0b8c  Power - ok
07:31:11.0287 0x0b8c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:31:11.0318 0x0b8c  PptpMiniport - ok
07:31:11.0349 0x0b8c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
07:31:11.0365 0x0b8c  Processor - ok
07:31:11.0474 0x0b8c  [ 04DF667C2E5DB358453C706D1280C3AD, 0EBA1A49268D0AAAD3CD1AD7BC3829FC97489FC61157ADB35DABF62A754DA608 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
07:31:11.0521 0x0b8c  ProductAgentService - ok
07:31:11.0552 0x0b8c  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
07:31:11.0599 0x0b8c  ProfSvc - ok
07:31:11.0614 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:31:11.0630 0x0b8c  ProtectedStorage - ok
07:31:11.0661 0x0b8c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
07:31:11.0692 0x0b8c  Psched - ok
07:31:11.0724 0x0b8c  [ 03E0FE281823BA64B3782F5B38950E73, D47E5536AD28D02B7D784846CFB2F4FD96187BFD64FC07BACDE9DC7B75D1D2E2 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
07:31:11.0755 0x0b8c  PxHelp20 - ok
07:31:11.0786 0x0b8c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:31:11.0848 0x0b8c  ql2300 - ok
07:31:11.0864 0x0b8c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:31:11.0895 0x0b8c  ql40xx - ok
07:31:11.0911 0x0b8c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
07:31:11.0958 0x0b8c  QWAVE - ok
07:31:11.0973 0x0b8c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:31:12.0004 0x0b8c  QWAVEdrv - ok
07:31:12.0004 0x0b8c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:31:12.0051 0x0b8c  RasAcd - ok
07:31:12.0067 0x0b8c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
07:31:12.0098 0x0b8c  RasAgileVpn - ok
07:31:12.0114 0x0b8c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
07:31:12.0160 0x0b8c  RasAuto - ok
07:31:12.0176 0x0b8c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:31:12.0207 0x0b8c  Rasl2tp - ok
07:31:12.0238 0x0b8c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
07:31:12.0285 0x0b8c  RasMan - ok
07:31:12.0285 0x0b8c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:31:12.0332 0x0b8c  RasPppoe - ok
07:31:12.0348 0x0b8c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:31:12.0379 0x0b8c  RasSstp - ok
07:31:12.0394 0x0b8c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:31:12.0441 0x0b8c  rdbss - ok
07:31:12.0457 0x0b8c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
07:31:12.0488 0x0b8c  rdpbus - ok
07:31:12.0504 0x0b8c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:31:12.0535 0x0b8c  RDPCDD - ok
07:31:12.0535 0x0b8c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:31:12.0566 0x0b8c  RDPENCDD - ok
07:31:12.0566 0x0b8c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
07:31:12.0597 0x0b8c  RDPREFMP - ok
07:31:12.0628 0x0b8c  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:31:12.0660 0x0b8c  RDPWD - ok
07:31:12.0675 0x0b8c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
07:31:12.0706 0x0b8c  rdyboost - ok
07:31:12.0738 0x0b8c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:31:12.0769 0x0b8c  RemoteAccess - ok
07:31:12.0784 0x0b8c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:31:12.0831 0x0b8c  RemoteRegistry - ok
07:31:12.0847 0x0b8c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
07:31:12.0878 0x0b8c  RpcEptMapper - ok
07:31:12.0909 0x0b8c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
07:31:12.0925 0x0b8c  RpcLocator - ok
07:31:12.0940 0x0b8c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
07:31:12.0987 0x0b8c  RpcSs - ok
07:31:12.0987 0x0b8c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:31:13.0018 0x0b8c  rspndr - ok
07:31:13.0050 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] SamSs           C:\Windows\system32\lsass.exe
07:31:13.0065 0x0b8c  SamSs - ok
07:31:13.0096 0x0b8c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:31:13.0128 0x0b8c  sbp2port - ok
07:31:13.0128 0x0b8c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:31:13.0174 0x0b8c  SCardSvr - ok
07:31:13.0190 0x0b8c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
07:31:13.0237 0x0b8c  scfilter - ok
07:31:13.0268 0x0b8c  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
07:31:13.0315 0x0b8c  Schedule - ok
07:31:13.0330 0x0b8c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:31:13.0362 0x0b8c  SCPolicySvc - ok
07:31:13.0377 0x0b8c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:31:13.0408 0x0b8c  SDRSVC - ok
07:31:13.0424 0x0b8c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:31:13.0471 0x0b8c  secdrv - ok
07:31:13.0471 0x0b8c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
07:31:13.0518 0x0b8c  seclogon - ok
07:31:13.0518 0x0b8c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
07:31:13.0564 0x0b8c  SENS - ok
07:31:13.0580 0x0b8c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
07:31:13.0627 0x0b8c  SensrSvc - ok
07:31:13.0642 0x0b8c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
07:31:13.0674 0x0b8c  Serenum - ok
07:31:13.0689 0x0b8c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
07:31:13.0720 0x0b8c  Serial - ok
07:31:13.0736 0x0b8c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:31:13.0767 0x0b8c  sermouse - ok
07:31:13.0783 0x0b8c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:31:13.0830 0x0b8c  SessionEnv - ok
07:31:13.0845 0x0b8c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
07:31:13.0861 0x0b8c  sffdisk - ok
07:31:13.0876 0x0b8c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:31:13.0908 0x0b8c  sffp_mmc - ok
07:31:13.0908 0x0b8c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
07:31:13.0939 0x0b8c  sffp_sd - ok
07:31:13.0939 0x0b8c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:31:13.0970 0x0b8c  sfloppy - ok
07:31:14.0001 0x0b8c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:31:14.0048 0x0b8c  SharedAccess - ok
07:31:14.0064 0x0b8c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:31:14.0110 0x0b8c  ShellHWDetection - ok
07:31:14.0126 0x0b8c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
07:31:14.0157 0x0b8c  sisagp - ok
07:31:14.0173 0x0b8c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
07:31:14.0204 0x0b8c  SiSRaid2 - ok
07:31:14.0220 0x0b8c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:31:14.0235 0x0b8c  SiSRaid4 - ok
07:31:14.0251 0x0b8c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:31:14.0298 0x0b8c  Smb - ok
07:31:14.0313 0x0b8c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:31:14.0329 0x0b8c  SNMPTRAP - ok
07:31:14.0344 0x0b8c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:31:14.0360 0x0b8c  spldr - ok
07:31:14.0391 0x0b8c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
07:31:14.0422 0x0b8c  Spooler - ok
07:31:14.0500 0x0b8c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
07:31:14.0641 0x0b8c  sppsvc - ok
07:31:14.0656 0x0b8c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
07:31:14.0703 0x0b8c  sppuinotify - ok
07:31:14.0734 0x0b8c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:31:14.0766 0x0b8c  srv - ok
07:31:14.0781 0x0b8c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:31:14.0828 0x0b8c  srv2 - ok
07:31:14.0828 0x0b8c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:31:14.0859 0x0b8c  srvnet - ok
07:31:14.0859 0x0b8c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:31:14.0906 0x0b8c  SSDPSRV - ok
07:31:14.0922 0x0b8c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:31:14.0953 0x0b8c  SstpSvc - ok
07:31:14.0984 0x0b8c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
07:31:15.0000 0x0b8c  stexstor - ok
07:31:15.0031 0x0b8c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
07:31:15.0078 0x0b8c  StiSvc - ok
07:31:15.0093 0x0b8c  [ E476C66713C842F58E61A95826ED1D57, 33632E8AE6D868EAC7D676E4236E78A0B1E613C9A5FA2470A0419B2E9A6CAE4B ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
07:31:15.0124 0x0b8c  stllssvr - ok
07:31:15.0140 0x0b8c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:31:15.0171 0x0b8c  swenum - ok
07:31:15.0187 0x0b8c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
07:31:15.0234 0x0b8c  swprv - ok
07:31:15.0280 0x0b8c  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
07:31:15.0358 0x0b8c  SysMain - ok
07:31:15.0374 0x0b8c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
07:31:15.0405 0x0b8c  TabletInputService - ok
07:31:15.0436 0x0b8c  [ B40FECCBA92D8495366B6974D35704FF, 532A9050EA2C017407E5302048E7BC461370DB48B1778D38509EC586446B1F28 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
07:31:15.0483 0x0b8c  tap0901 - ok
07:31:15.0499 0x0b8c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:31:15.0530 0x0b8c  TapiSrv - ok
07:31:15.0577 0x0b8c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
07:31:15.0608 0x0b8c  TBS - ok
07:31:15.0655 0x0b8c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:31:15.0733 0x0b8c  Tcpip - ok
07:31:15.0764 0x0b8c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
07:31:15.0811 0x0b8c  TCPIP6 - ok
07:31:15.0842 0x0b8c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:31:15.0858 0x0b8c  tcpipreg - ok
07:31:15.0889 0x0b8c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:31:15.0920 0x0b8c  TDPIPE - ok
07:31:15.0951 0x0b8c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:31:15.0967 0x0b8c  TDTCP - ok
07:31:16.0014 0x0b8c  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:31:16.0060 0x0b8c  tdx - ok
07:31:16.0076 0x0b8c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:31:16.0092 0x0b8c  TermDD - ok
07:31:16.0123 0x0b8c  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
07:31:16.0170 0x0b8c  TermService - ok
07:31:16.0201 0x0b8c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
07:31:16.0216 0x0b8c  Themes - ok
07:31:16.0232 0x0b8c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
07:31:16.0263 0x0b8c  THREADORDER - ok
07:31:16.0279 0x0b8c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
07:31:16.0326 0x0b8c  TrkWks - ok
07:31:16.0357 0x0b8c  [ 61073F2A7098B894539CB582C5BC7C27, 777698E12BD146726938798A2947C2A88DF7DFE15E5F6048B14215DB7BAE9433 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
07:31:16.0404 0x0b8c  trufos - ok
07:31:16.0419 0x0b8c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:31:16.0450 0x0b8c  TrustedInstaller - ok
07:31:16.0482 0x0b8c  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:31:16.0497 0x0b8c  tssecsrv - ok
07:31:16.0513 0x0b8c  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
07:31:16.0544 0x0b8c  TsUsbFlt - ok
07:31:16.0560 0x0b8c  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
07:31:16.0591 0x0b8c  TsUsbGD - ok
07:31:16.0622 0x0b8c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:31:16.0653 0x0b8c  tunnel - ok
07:31:16.0669 0x0b8c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:31:16.0700 0x0b8c  uagp35 - ok
07:31:16.0700 0x0b8c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:31:16.0747 0x0b8c  udfs - ok
07:31:16.0762 0x0b8c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:31:16.0794 0x0b8c  UI0Detect - ok
07:31:16.0809 0x0b8c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:31:16.0840 0x0b8c  uliagpkx - ok
07:31:16.0856 0x0b8c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:31:16.0887 0x0b8c  umbus - ok
07:31:16.0903 0x0b8c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
07:31:16.0934 0x0b8c  UmPass - ok
07:31:17.0043 0x0b8c  [ 22DE8541E57D8ADE6F576DCEB0E38A27, 03E91715D5FAD4C73D57FF5E694CBA53F4C5CA3D767D62837E19A5076DA2360F ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
07:31:17.0121 0x0b8c  UPDATESRV - ok
07:31:17.0152 0x0b8c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
07:31:17.0199 0x0b8c  upnphost - ok
07:31:17.0215 0x0b8c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:31:17.0246 0x0b8c  usbccgp - ok
07:31:17.0277 0x0b8c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:31:17.0309 0x0b8c  usbcir - ok
07:31:17.0324 0x0b8c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
07:31:17.0355 0x0b8c  usbehci - ok
07:31:17.0387 0x0b8c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:31:17.0418 0x0b8c  usbhub - ok
07:31:17.0433 0x0b8c  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
07:31:17.0465 0x0b8c  usbohci - ok
07:31:17.0480 0x0b8c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
07:31:17.0511 0x0b8c  usbprint - ok
07:31:17.0511 0x0b8c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:31:17.0558 0x0b8c  USBSTOR - ok
07:31:17.0574 0x0b8c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
07:31:17.0589 0x0b8c  usbuhci - ok
07:31:17.0621 0x0b8c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
07:31:17.0636 0x0b8c  UxSms - ok
07:31:17.0667 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] VaultSvc        C:\Windows\system32\lsass.exe
07:31:17.0683 0x0b8c  VaultSvc - ok
07:31:17.0714 0x0b8c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
07:31:17.0745 0x0b8c  vdrvroot - ok
07:31:17.0761 0x0b8c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
07:31:17.0808 0x0b8c  vds - ok
07:31:17.0823 0x0b8c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:31:17.0839 0x0b8c  vga - ok
07:31:17.0855 0x0b8c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:31:17.0901 0x0b8c  VgaSave - ok
07:31:17.0901 0x0b8c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
07:31:17.0948 0x0b8c  vhdmp - ok
07:31:17.0964 0x0b8c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
07:31:17.0979 0x0b8c  viaagp - ok
07:31:17.0995 0x0b8c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
07:31:18.0026 0x0b8c  ViaC7 - ok
07:31:18.0026 0x0b8c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:31:18.0057 0x0b8c  viaide - ok
07:31:18.0057 0x0b8c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:31:18.0089 0x0b8c  volmgr - ok
07:31:18.0104 0x0b8c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:31:18.0135 0x0b8c  volmgrx - ok
07:31:18.0135 0x0b8c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:31:18.0182 0x0b8c  volsnap - ok
07:31:18.0198 0x0b8c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:31:18.0229 0x0b8c  vsmraid - ok
07:31:18.0260 0x0b8c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
07:31:18.0338 0x0b8c  VSS - ok
07:31:18.0619 0x0b8c  [ 86452C0EC7194D91894C3A7222D4F2AD, F8487C5F7DECCEFBF29836D35FEDC86F2371EDACEF8A35314161D41C9A2AE502 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
07:31:18.0666 0x0b8c  VSSERV - ok
07:31:18.0681 0x0b8c  VUSB3HUB - ok
07:31:18.0681 0x0b8c  VUSBSTOR - ok
07:31:18.0697 0x0b8c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
07:31:18.0728 0x0b8c  vwifibus - ok
07:31:18.0744 0x0b8c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
07:31:18.0775 0x0b8c  vwififlt - ok
07:31:18.0806 0x0b8c  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
07:31:18.0822 0x0b8c  vwifimp - ok
07:31:18.0837 0x0b8c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
07:31:18.0884 0x0b8c  W32Time - ok
07:31:18.0900 0x0b8c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:31:18.0931 0x0b8c  WacomPen - ok
07:31:18.0947 0x0b8c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
07:31:18.0978 0x0b8c  WANARP - ok
07:31:18.0993 0x0b8c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:31:19.0025 0x0b8c  Wanarpv6 - ok
07:31:19.0071 0x0b8c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
07:31:19.0134 0x0b8c  wbengine - ok
07:31:19.0149 0x0b8c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
07:31:19.0181 0x0b8c  WbioSrvc - ok
07:31:19.0196 0x0b8c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:31:19.0243 0x0b8c  wcncsvc - ok
07:31:19.0259 0x0b8c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:31:19.0290 0x0b8c  WcsPlugInService - ok
07:31:19.0290 0x0b8c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
07:31:19.0321 0x0b8c  Wd - ok
07:31:19.0352 0x0b8c  [ 5A833408ACFEADB92C7BEB2E7DB6B9BF, 7704B4183E7532F0E7FB964EB54894511042B6E6F588C09EE2C3DEDF0C58A7D8 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
07:31:19.0383 0x0b8c  WDC_SAM - ok
07:31:19.0415 0x0b8c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:31:19.0461 0x0b8c  Wdf01000 - ok
07:31:19.0493 0x0b8c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:31:19.0524 0x0b8c  WdiServiceHost - ok
07:31:19.0524 0x0b8c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:31:19.0539 0x0b8c  WdiSystemHost - ok
07:31:19.0586 0x0b8c  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
07:31:19.0664 0x0b8c  WebClient - ok
07:31:19.0680 0x0b8c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:31:19.0727 0x0b8c  Wecsvc - ok
07:31:19.0742 0x0b8c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:31:19.0789 0x0b8c  wercplsupport - ok
07:31:19.0820 0x0b8c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
07:31:19.0867 0x0b8c  WerSvc - ok
07:31:19.0883 0x0b8c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
07:31:19.0929 0x0b8c  WfpLwf - ok
07:31:19.0945 0x0b8c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
07:31:19.0976 0x0b8c  WIMMount - ok
07:31:20.0117 0x0b8c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
07:31:20.0257 0x0b8c  WinDefend - ok
07:31:20.0273 0x0b8c  WinHttpAutoProxySvc - ok
07:31:20.0335 0x0b8c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:31:20.0382 0x0b8c  Winmgmt - ok
07:31:20.0429 0x0b8c  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
07:31:20.0475 0x0b8c  WinRM - ok
07:31:20.0538 0x0b8c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
07:31:20.0553 0x0b8c  WinUsb - ok
07:31:20.0616 0x0b8c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:31:20.0678 0x0b8c  Wlansvc - ok
07:31:20.0678 0x0b8c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
07:31:20.0709 0x0b8c  WmiAcpi - ok
07:31:20.0741 0x0b8c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:31:20.0772 0x0b8c  wmiApSrv - ok
07:31:20.0850 0x0b8c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
07:31:20.0912 0x0b8c  WMPNetworkSvc - ok
07:31:20.0928 0x0b8c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:31:20.0959 0x0b8c  WPCSvc - ok
07:31:20.0959 0x0b8c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:31:20.0990 0x0b8c  WPDBusEnum - ok
07:31:21.0021 0x0b8c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:31:21.0053 0x0b8c  ws2ifsl - ok
07:31:21.0053 0x0b8c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
07:31:21.0084 0x0b8c  wscsvc - ok
07:31:21.0099 0x0b8c  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
07:31:21.0131 0x0b8c  WSDPrintDevice - ok
07:31:21.0131 0x0b8c  [ 7DC0270CFD4A05B4112E3EBBF083B595, DF4FCDE511F0B68B6C6E28C820EB722C34710F31A16023A9A297EAD228E00137 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
07:31:21.0162 0x0b8c  WSDScan - ok
07:31:21.0162 0x0b8c  WSearch - ok
07:31:21.0255 0x0b8c  [ 8F145DC71B87BB4D6829FF6ECC9FB8CE, 7841671FAF9EEF326B6A5F2E63C65DB2F54D15357527EBAD2ADDA1BB1FE0479E ] wuauserv        C:\Windows\system32\wuaueng.dll
07:31:21.0333 0x0b8c  wuauserv - ok
07:31:21.0365 0x0b8c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
07:31:21.0396 0x0b8c  WudfPf - ok
07:31:21.0427 0x0b8c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:31:21.0458 0x0b8c  WUDFRd - ok
07:31:21.0474 0x0b8c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:31:21.0505 0x0b8c  wudfsvc - ok
07:31:21.0536 0x0b8c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
07:31:21.0583 0x0b8c  WwanSvc - ok
07:31:21.0599 0x0b8c  xhcdrv - ok
07:31:21.0630 0x0b8c  ================ Scan global ===============================
07:31:21.0661 0x0b8c  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
07:31:21.0692 0x0b8c  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
07:31:21.0692 0x0b8c  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
07:31:21.0723 0x0b8c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
07:31:21.0739 0x0b8c  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
07:31:21.0739 0x0b8c  [ Global ] - ok
07:31:21.0755 0x0b8c  ================ Scan MBR ==================================
07:31:21.0755 0x0b8c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
07:31:21.0989 0x0b8c  \Device\Harddisk1\DR1 - ok
07:31:21.0989 0x0b8c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:31:22.0535 0x0b8c  \Device\Harddisk0\DR0 - ok
07:31:22.0535 0x0b8c  ================ Scan VBR ==================================
07:31:22.0535 0x0b8c  [ 40525B3CBA4FA78704F72334AEC98AC7 ] \Device\Harddisk1\DR1\Partition1
07:31:22.0628 0x0b8c  \Device\Harddisk1\DR1\Partition1 - ok
07:31:22.0675 0x0b8c  [ 65D28C230A6A8BF48D80F7E8059309BD ] \Device\Harddisk1\DR1\Partition2
07:31:22.0691 0x0b8c  \Device\Harddisk1\DR1\Partition2 - ok
07:31:22.0691 0x0b8c  [ 541C1282E155E12442872AE6E85854A4 ] \Device\Harddisk0\DR0\Partition1
07:31:22.0722 0x0b8c  \Device\Harddisk0\DR0\Partition1 - ok
07:31:22.0722 0x0b8c  [ 5C901E406CF09936CB7FFF6AE22650F4 ] \Device\Harddisk0\DR0\Partition2
07:31:22.0722 0x0b8c  \Device\Harddisk0\DR0\Partition2 - ok
07:31:22.0722 0x0b8c  ================ Scan generic autorun ======================
07:31:22.0971 0x0b8c  [ AEB3E8A6308604C3490A36D06D6685DC, CAFAE7697261CDA6934E324FC45D893BB452F23A1196FECC6930B72FFA8A2738 ] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
07:31:22.0987 0x0b8c  Adobe Acrobat Speed Launcher - ok
07:31:23.0127 0x0b8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:31:23.0205 0x0b8c  Sidebar - ok
07:31:23.0237 0x0b8c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:31:23.0283 0x0b8c  mctadmin - ok
07:31:23.0315 0x0b8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:31:23.0346 0x0b8c  Sidebar - ok
07:31:23.0361 0x0b8c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:31:23.0393 0x0b8c  mctadmin - ok
07:31:23.0439 0x0b8c  [ C740EF83E6BFCBB1DC7D5D13F22AB812, 8865FE777375BA20BC268FC9872B0C6ED0814316A4201DEB8C261E0F00EF0BBD ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
07:31:23.0486 0x0b8c  Bitdefender Wallet Agent - ok
07:31:23.0611 0x0b8c  [ A9D6FD155C4143242BA1FEAFE54129A7, 2ACC52FE5ECDC124DDA70ABB7DAE3AD0C22DFB128C324F196FBBE102027AE7AA ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIJJE.EXE
07:31:23.0627 0x0b8c  EPLTarget\P0000000000000002 - ok
07:31:23.0642 0x0b8c  [ A9D6FD155C4143242BA1FEAFE54129A7, 2ACC52FE5ECDC124DDA70ABB7DAE3AD0C22DFB128C324F196FBBE102027AE7AA ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIJJE.EXE
07:31:23.0673 0x0b8c  EPLTarget\P0000000000000000 - ok
07:31:23.0705 0x0b8c  [ C740EF83E6BFCBB1DC7D5D13F22AB812, 8865FE777375BA20BC268FC9872B0C6ED0814316A4201DEB8C261E0F00EF0BBD ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
07:31:23.0751 0x0b8c  Bitdefender Wallet Agent - ok
07:31:23.0751 0x0b8c  Waiting for KSN requests completion. In queue: 310
07:31:24.0752 0x0b8c  Waiting for KSN requests completion. In queue: 310
07:31:25.0766 0x0b8c  Waiting for KSN requests completion. In queue: 310
07:31:26.0626 0x0e6c  Object required for P2P: [ 86452C0EC7194D91894C3A7222D4F2AD ] VSSERV
07:31:26.0766 0x0b8c  Waiting for KSN requests completion. In queue: 51
07:31:27.0780 0x0b8c  Waiting for KSN requests completion. In queue: 51
07:31:28.0794 0x0b8c  Waiting for KSN requests completion. In queue: 51
07:31:29.0683 0x0e6c  Object send P2P result: true
07:31:29.0699 0x0e6c  Object required for P2P: [ C740EF83E6BFCBB1DC7D5D13F22AB812 ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
07:31:29.0808 0x0b8c  Waiting for KSN requests completion. In queue: 4
07:31:30.0809 0x0b8c  Waiting for KSN requests completion. In queue: 4
07:31:31.0823 0x0b8c  Waiting for KSN requests completion. In queue: 4
07:31:32.0743 0x0e6c  Object send P2P result: true
07:31:32.0743 0x0e6c  Object required for P2P: [ C740EF83E6BFCBB1DC7D5D13F22AB812 ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
07:31:32.0837 0x0b8c  Waiting for KSN requests completion. In queue: 3
07:31:33.0851 0x0b8c  Waiting for KSN requests completion. In queue: 3
07:31:34.0865 0x0b8c  Waiting for KSN requests completion. In queue: 3
07:31:35.0785 0x0e6c  Object send P2P result: true
07:31:35.0910 0x0b8c  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.24.1264 ), 0x41000 ( enabled : updated )
07:31:35.0925 0x0b8c  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.24.1264 ), 0x41010 ( enabled )
07:31:38.0795 0x0b8c  ============================================================
07:31:38.0795 0x0b8c  Scan finished
07:31:38.0795 0x0b8c  ============================================================
07:31:38.0795 0x1018  Detected object count: 0
07:31:38.0795 0x1018  Actual detected object count: 0
 


#8 MeerMan

MeerMan
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 03 January 2016 - 07:36 AM

I have copied the report below. Also.. I was surprised and I am concerned that my copy of tdsskiller.exe disappeared from my desktop. It is usually in a security apps folder on my desktop but it was not there this morning. I downloaded a fresh copy for this report.

 

Thank you!

 

 

07:30:24.0850 0x0910  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
07:30:29.0140 0x0910  ============================================================
07:30:29.0140 0x0910  Current date / time: 2016/01/03 07:30:29.0140
07:30:29.0140 0x0910  SystemInfo:
07:30:29.0140 0x0910  
07:30:29.0140 0x0910  OS Version: 6.1.7601 ServicePack: 1.0
07:30:29.0140 0x0910  Product type: Workstation
07:30:29.0140 0x0910  ComputerName: OBG2015
07:30:29.0140 0x0910  UserName: DELL
07:30:29.0140 0x0910  Windows directory: C:\Windows
07:30:29.0140 0x0910  System windows directory: C:\Windows
07:30:29.0140 0x0910  Processor architecture: Intel x86
07:30:29.0140 0x0910  Number of processors: 2
07:30:29.0140 0x0910  Page size: 0x1000
07:30:29.0140 0x0910  Boot type: Normal boot
07:30:29.0140 0x0910  ============================================================
07:30:31.0293 0x0910  KLMD registered as C:\Windows\system32\drivers\63870198.sys
07:30:31.0683 0x0910  System UUID: {FC1C9C9B-C99E-98D1-D481-B3F4B3361C70}
07:30:32.0245 0x0910  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:30:32.0245 0x0910  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:30:32.0260 0x0910  ============================================================
07:30:32.0260 0x0910  \Device\Harddisk1\DR1:
07:30:32.0260 0x0910  MBR partitions:
07:30:32.0260 0x0910  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3BA6C800
07:30:32.0260 0x0910  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3BA6D000, BlocksNum 0x38C98800
07:30:32.0260 0x0910  \Device\Harddisk0\DR0:
07:30:32.0260 0x0910  MBR partitions:
07:30:32.0260 0x0910  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A383000
07:30:32.0260 0x0910  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A383800, BlocksNum 0x3A382000
07:30:32.0260 0x0910  ============================================================
07:30:32.0307 0x0910  C: <-> \Device\Harddisk1\DR1\Partition1
07:30:32.0791 0x0910  E: <-> \Device\Harddisk0\DR0\Partition1
07:30:32.0822 0x0910  D: <-> \Device\Harddisk1\DR1\Partition2
07:30:32.0822 0x0910  F: <-> \Device\Harddisk0\DR0\Partition2
07:30:32.0822 0x0910  ============================================================
07:30:32.0822 0x0910  Initialize success
07:30:32.0822 0x0910  ============================================================
07:30:46.0035 0x0b8c  ============================================================
07:30:46.0035 0x0b8c  Scan started
07:30:46.0035 0x0b8c  Mode: Manual; SigCheck; TDLFS; 
07:30:46.0035 0x0b8c  ============================================================
07:30:46.0035 0x0b8c  KSN ping started
07:30:48.0843 0x0b8c  KSN ping finished: true
07:30:50.0200 0x0b8c  ================ Scan system memory ========================
07:30:50.0200 0x0b8c  System memory - ok
07:30:50.0200 0x0b8c  ================ Scan services =============================
07:30:50.0309 0x0b8c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
07:30:50.0419 0x0b8c  1394ohci - ok
07:30:50.0450 0x0b8c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
07:30:50.0465 0x0b8c  ACPI - ok
07:30:50.0481 0x0b8c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
07:30:50.0512 0x0b8c  AcpiPmi - ok
07:30:50.0543 0x0b8c  [ 3DB3FB83217627D9A0CB8BAE6CC5B491, 20150F8D65EB8220ED98C5F984E42A74CDCC813DC0CD303F3E244FEA78BE38CB ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
07:30:50.0590 0x0b8c  ADIHdAudAddService - ok
07:30:50.0684 0x0b8c  [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
07:30:50.0715 0x0b8c  AdobeARMservice - ok
07:30:50.0746 0x0b8c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:30:50.0777 0x0b8c  adp94xx - ok
07:30:50.0809 0x0b8c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:30:50.0840 0x0b8c  adpahci - ok
07:30:50.0855 0x0b8c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:30:50.0871 0x0b8c  adpu320 - ok
07:30:50.0902 0x0b8c  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:30:50.0949 0x0b8c  AeLookupSvc - ok
07:30:50.0996 0x0b8c  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
07:30:51.0058 0x0b8c  AFD - ok
07:30:51.0074 0x0b8c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
07:30:51.0105 0x0b8c  agp440 - ok
07:30:51.0105 0x0b8c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
07:30:51.0136 0x0b8c  aic78xx - ok
07:30:51.0152 0x0b8c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
07:30:51.0199 0x0b8c  ALG - ok
07:30:51.0230 0x0b8c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:30:51.0245 0x0b8c  aliide - ok
07:30:51.0261 0x0b8c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
07:30:51.0292 0x0b8c  amdagp - ok
07:30:51.0292 0x0b8c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
07:30:51.0323 0x0b8c  amdide - ok
07:30:51.0323 0x0b8c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:30:51.0370 0x0b8c  AmdK8 - ok
07:30:51.0386 0x0b8c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
07:30:51.0417 0x0b8c  AmdPPM - ok
07:30:51.0448 0x0b8c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
07:30:51.0479 0x0b8c  amdsata - ok
07:30:51.0495 0x0b8c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
07:30:51.0526 0x0b8c  amdsbs - ok
07:30:51.0526 0x0b8c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
07:30:51.0557 0x0b8c  amdxata - ok
07:30:51.0589 0x0b8c  [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID           C:\Windows\system32\drivers\appid.sys
07:30:51.0635 0x0b8c  AppID - ok
07:30:51.0651 0x0b8c  [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
07:30:51.0682 0x0b8c  AppIDSvc - ok
07:30:51.0713 0x0b8c  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo         C:\Windows\System32\appinfo.dll
07:30:51.0745 0x0b8c  Appinfo - ok
07:30:51.0760 0x0b8c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
07:30:51.0776 0x0b8c  arc - ok
07:30:51.0791 0x0b8c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:30:51.0807 0x0b8c  arcsas - ok
07:30:51.0885 0x0b8c  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
07:30:51.0916 0x0b8c  aspnet_state - ok
07:30:51.0932 0x0b8c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:30:51.0963 0x0b8c  AsyncMac - ok
07:30:51.0994 0x0b8c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
07:30:52.0010 0x0b8c  atapi - ok
07:30:52.0041 0x0b8c  [ 5B38D6E5FEDBCC7925597412554798BB, 628FFA1F0C2F38E7AD631CEF509FA5A703CA4B6255FDC68DFA8271F6982ED7AB ] atchksrv        C:\Program Files\Intel\AMT\atchksrv.exe
07:30:52.0103 0x0b8c  atchksrv - detected UnsignedFile.Multi.Generic ( 1 )
07:30:54.0960 0x0b8c  Detect skipped due to KSN trusted
07:30:54.0960 0x0b8c  atchksrv - ok
07:30:55.0007 0x0b8c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:30:55.0054 0x0b8c  AudioEndpointBuilder - ok
07:30:55.0054 0x0b8c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
07:30:55.0085 0x0b8c  Audiosrv - ok
07:30:55.0303 0x0b8c  [ DE64FD35F5BDE4A04B8EFBA13A3E875A, C7607CF179C9CF399C8ACA5B22F78B439BEF6DB9C86CDA05FC07D0402D3BD5DC ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
07:30:55.0381 0x0b8c  avc3 - ok
07:30:55.0444 0x0b8c  [ FF78566EB551FB98C87A7929603121D1, 8E896DDFDAC370F9205CC1E56FE5AC0F9B6A229CD8136CD0D6FEE32B4ECAF79A ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
07:30:55.0491 0x0b8c  avchv - ok
07:30:55.0537 0x0b8c  [ F502C197EE6E3E533A701DE93307FEB6, B5A2F32A4C612A6AC61AC5DCC5559607350D2CA0DA8291EA3A36BAB35BC5A2C3 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
07:30:55.0569 0x0b8c  avckf - ok
07:30:55.0615 0x0b8c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
07:30:55.0678 0x0b8c  AxInstSV - ok
07:30:55.0709 0x0b8c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
07:30:55.0756 0x0b8c  b06bdrv - ok
07:30:55.0787 0x0b8c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
07:30:55.0834 0x0b8c  b57nd60x - ok
07:30:55.0849 0x0b8c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
07:30:55.0896 0x0b8c  BDESVC - ok
07:30:55.0959 0x0b8c  [ A858ED8F06ADD083907FB20AB4A4E82D, 8C74F8E417E961402D0B91C19DA61BD7A732A5D7E8419F9831E00D7085263964 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
07:30:55.0990 0x0b8c  bdfwfpf - ok
07:30:56.0021 0x0b8c  [ 4ABE98479C0D30D36D1E5C15567F78D9, 352112ABE68750A483C5B4EA305F8629A5197D9DD02D9582B177D3FB12EE32F6 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
07:30:56.0052 0x0b8c  BDVEDISK - ok
07:30:56.0052 0x0b8c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:30:56.0099 0x0b8c  Beep - ok
07:30:56.0115 0x0b8c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
07:30:56.0177 0x0b8c  BFE - ok
07:30:56.0208 0x0b8c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
07:30:56.0271 0x0b8c  BITS - ok
07:30:56.0302 0x0b8c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
07:30:56.0317 0x0b8c  blbdrive - ok
07:30:56.0333 0x0b8c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:30:56.0385 0x0b8c  bowser - ok
07:30:56.0387 0x0b8c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
07:30:56.0434 0x0b8c  BrFiltLo - ok
07:30:56.0434 0x0b8c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
07:30:56.0480 0x0b8c  BrFiltUp - ok
07:30:56.0496 0x0b8c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
07:30:56.0512 0x0b8c  Browser - ok
07:30:56.0543 0x0b8c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
07:30:56.0590 0x0b8c  Brserid - ok
07:30:56.0590 0x0b8c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
07:30:56.0621 0x0b8c  BrSerWdm - ok
07:30:56.0636 0x0b8c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
07:30:56.0668 0x0b8c  BrUsbMdm - ok
07:30:56.0668 0x0b8c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
07:30:56.0699 0x0b8c  BrUsbSer - ok
07:30:56.0699 0x0b8c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:30:56.0730 0x0b8c  BTHMODEM - ok
07:30:56.0761 0x0b8c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
07:30:56.0808 0x0b8c  bthserv - ok
07:30:56.0808 0x0b8c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:30:56.0855 0x0b8c  cdfs - ok
07:30:56.0870 0x0b8c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:30:56.0917 0x0b8c  cdrom - ok
07:30:56.0933 0x0b8c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
07:30:56.0964 0x0b8c  CertPropSvc - ok
07:30:56.0980 0x0b8c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
07:30:57.0026 0x0b8c  circlass - ok
07:30:57.0042 0x0b8c  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
07:30:57.0073 0x0b8c  CLFS - ok
07:30:57.0089 0x0b8c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:30:57.0136 0x0b8c  clr_optimization_v2.0.50727_32 - ok
07:30:57.0151 0x0b8c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:30:57.0214 0x0b8c  clr_optimization_v4.0.30319_32 - ok
07:30:57.0214 0x0b8c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
07:30:57.0245 0x0b8c  CmBatt - ok
07:30:57.0260 0x0b8c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:30:57.0292 0x0b8c  cmdide - ok
07:30:57.0323 0x0b8c  [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG             C:\Windows\system32\Drivers\cng.sys
07:30:57.0354 0x0b8c  CNG - ok
07:30:57.0370 0x0b8c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
07:30:57.0401 0x0b8c  Compbatt - ok
07:30:57.0416 0x0b8c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
07:30:57.0448 0x0b8c  CompositeBus - ok
07:30:57.0448 0x0b8c  COMSysApp - ok
07:30:57.0463 0x0b8c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:30:57.0494 0x0b8c  crcdisk - ok
07:30:57.0510 0x0b8c  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:30:57.0557 0x0b8c  CryptSvc - ok
07:30:57.0588 0x0b8c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:30:57.0635 0x0b8c  DcomLaunch - ok
07:30:57.0666 0x0b8c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
07:30:57.0697 0x0b8c  defragsvc - ok
07:30:57.0713 0x0b8c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:30:57.0760 0x0b8c  DfsC - ok
07:30:57.0775 0x0b8c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
07:30:57.0806 0x0b8c  Dhcp - ok
07:30:57.0869 0x0b8c  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
07:30:57.0916 0x0b8c  DiagTrack - ok
07:30:57.0947 0x0b8c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
07:30:57.0978 0x0b8c  discache - ok
07:30:57.0978 0x0b8c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
07:30:58.0025 0x0b8c  Disk - ok
07:30:58.0072 0x0b8c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:30:58.0103 0x0b8c  Dnscache - ok
07:30:58.0118 0x0b8c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
07:30:58.0165 0x0b8c  dot3svc - ok
07:30:58.0165 0x0b8c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
07:30:58.0212 0x0b8c  DPS - ok
07:30:58.0243 0x0b8c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:30:58.0274 0x0b8c  drmkaud - ok
07:30:58.0321 0x0b8c  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:30:58.0368 0x0b8c  DXGKrnl - ok
07:30:58.0384 0x0b8c  [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
07:30:58.0415 0x0b8c  e1express - ok
07:30:58.0446 0x0b8c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
07:30:58.0540 0x0b8c  EapHost - ok
07:30:58.0789 0x0b8c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
07:30:58.0914 0x0b8c  ebdrv - ok
07:30:58.0945 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] EFS             C:\Windows\System32\lsass.exe
07:30:59.0288 0x0b8c  EFS - ok
07:30:59.0335 0x0b8c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:30:59.0398 0x0b8c  ehRecvr - ok
07:30:59.0398 0x0b8c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
07:30:59.0429 0x0b8c  ehSched - ok
07:30:59.0460 0x0b8c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:30:59.0507 0x0b8c  elxstor - ok
07:30:59.0538 0x0b8c  [ E9EFCB47B90FD5498695BB7FEFD36CAE, 453B956C99C4D3626B0B0BDB449E9F0283D01AD50C331E298D219B4710BD6870 ] EpsonScanSvc    C:\Windows\system32\EscSvc.exe
07:30:59.0585 0x0b8c  EpsonScanSvc - ok
07:30:59.0600 0x0b8c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
07:30:59.0632 0x0b8c  ErrDev - ok
07:30:59.0663 0x0b8c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
07:30:59.0694 0x0b8c  EventSystem - ok
07:30:59.0710 0x0b8c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
07:30:59.0756 0x0b8c  exfat - ok
07:30:59.0772 0x0b8c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:30:59.0819 0x0b8c  fastfat - ok
07:30:59.0850 0x0b8c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
07:30:59.0881 0x0b8c  Fax - ok
07:30:59.0897 0x0b8c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
07:30:59.0928 0x0b8c  fdc - ok
07:30:59.0944 0x0b8c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
07:30:59.0959 0x0b8c  fdPHost - ok
07:30:59.0975 0x0b8c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:31:00.0006 0x0b8c  FDResPub - ok
07:31:00.0022 0x0b8c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:31:00.0037 0x0b8c  FileInfo - ok
07:31:00.0053 0x0b8c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:31:00.0084 0x0b8c  Filetrace - ok
07:31:00.0146 0x0b8c  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
07:31:00.0193 0x0b8c  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
07:31:02.0988 0x0b8c  Detect skipped due to KSN trusted
07:31:02.0988 0x0b8c  FLEXnet Licensing Service - ok
07:31:03.0003 0x0b8c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
07:31:03.0019 0x0b8c  flpydisk - ok
07:31:03.0034 0x0b8c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:31:03.0081 0x0b8c  FltMgr - ok
07:31:03.0128 0x0b8c  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
07:31:03.0175 0x0b8c  FontCache - ok
07:31:03.0206 0x0b8c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:31:03.0237 0x0b8c  FontCache3.0.0.0 - ok
07:31:03.0253 0x0b8c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
07:31:03.0268 0x0b8c  FsDepends - ok
07:31:03.0300 0x0b8c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:31:03.0331 0x0b8c  Fs_Rec - ok
07:31:03.0362 0x0b8c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
07:31:03.0378 0x0b8c  fvevol - ok
07:31:03.0393 0x0b8c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:31:03.0424 0x0b8c  gagp30kx - ok
07:31:03.0440 0x0b8c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:31:03.0471 0x0b8c  GEARAspiWDM - ok
07:31:03.0549 0x0b8c  [ FD460015C1FD6AE4C3FDE9143AA85864, E9578167AAD6B9350752AE4B50A61FD76B1A12A03830BEBE0E0A7B587B20D5B7 ] GIDv2           C:\Windows\system32\drivers\GIDv2.sys
07:31:03.0565 0x0b8c  GIDv2 - ok
07:31:03.0596 0x0b8c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
07:31:03.0643 0x0b8c  gpsvc - ok
07:31:03.0674 0x0b8c  [ 08B30A5403FCFCF5807D2F0596FE7ABA, D9C03EE2075D2D01C2AB221349745069AFFAA9B9D99E27EDE3CFB755FE97C22B ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
07:31:03.0705 0x0b8c  gzflt - ok
07:31:03.0705 0x0b8c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
07:31:03.0752 0x0b8c  hcw85cir - ok
07:31:03.0783 0x0b8c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:31:03.0830 0x0b8c  HdAudAddService - ok
07:31:03.0846 0x0b8c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:31:03.0877 0x0b8c  HDAudBus - ok
07:31:03.0892 0x0b8c  [ 0BF1D760B05CAAAF231123D53C4789E2, 53EB2FAEFC6267BA29831D2AFF6EDBF6916B25509D8C206D34FD52E76965856B ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
07:31:03.0955 0x0b8c  HECI - ok
07:31:03.0970 0x0b8c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
07:31:04.0002 0x0b8c  HidBatt - ok
07:31:04.0002 0x0b8c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:31:04.0048 0x0b8c  HidBth - ok
07:31:04.0064 0x0b8c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
07:31:04.0095 0x0b8c  HidIr - ok
07:31:04.0111 0x0b8c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
07:31:04.0142 0x0b8c  hidserv - ok
07:31:04.0158 0x0b8c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:31:04.0204 0x0b8c  HidUsb - ok
07:31:04.0220 0x0b8c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:31:04.0267 0x0b8c  hkmsvc - ok
07:31:04.0267 0x0b8c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:31:04.0314 0x0b8c  HomeGroupListener - ok
07:31:04.0329 0x0b8c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:31:04.0360 0x0b8c  HomeGroupProvider - ok
07:31:04.0376 0x0b8c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
07:31:04.0407 0x0b8c  HpSAMD - ok
07:31:04.0423 0x0b8c  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:31:04.0470 0x0b8c  HTTP - ok
07:31:04.0485 0x0b8c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
07:31:04.0501 0x0b8c  hwpolicy - ok
07:31:04.0516 0x0b8c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
07:31:04.0548 0x0b8c  i8042prt - ok
07:31:04.0563 0x0b8c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
07:31:04.0594 0x0b8c  iaStorV - ok
07:31:04.0657 0x0b8c  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:31:04.0704 0x0b8c  idsvc - ok
07:31:04.0719 0x0b8c  IEEtwCollectorService - ok
07:31:04.0860 0x0b8c  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
07:31:05.0047 0x0b8c  igfx - ok
07:31:05.0094 0x0b8c  [ 741BE64EDD1B6FD707ECE53B9DA1E6F2, 2984B9F65EFD625CF14A375AD4AF04AF81CFFABAC4D423F6C7FC920B17922947 ] ignis           C:\Windows\system32\DRIVERS\ignis.sys
07:31:05.0125 0x0b8c  ignis - ok
07:31:05.0172 0x0b8c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:31:05.0187 0x0b8c  iirsp - ok
07:31:05.0218 0x0b8c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
07:31:05.0265 0x0b8c  IKEEXT - ok
07:31:05.0281 0x0b8c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
07:31:05.0296 0x0b8c  intelide - ok
07:31:05.0312 0x0b8c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:31:05.0343 0x0b8c  intelppm - ok
07:31:05.0437 0x0b8c  [ D46E04D83A3E174A98DC90FE23AB08DE, 0285B4A311645D292A26B276511877B46A42526BDBFBC12E3BD876A74F074720 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
07:31:05.0452 0x0b8c  IntuitUpdateServiceV4 - ok
07:31:05.0468 0x0b8c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:31:05.0499 0x0b8c  IPBusEnum - ok
07:31:05.0515 0x0b8c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:31:05.0546 0x0b8c  IpFilterDriver - ok
07:31:05.0577 0x0b8c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:31:05.0640 0x0b8c  iphlpsvc - ok
07:31:05.0655 0x0b8c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
07:31:05.0686 0x0b8c  IPMIDRV - ok
07:31:05.0702 0x0b8c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
07:31:05.0749 0x0b8c  IPNAT - ok
07:31:05.0764 0x0b8c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:31:05.0811 0x0b8c  IRENUM - ok
07:31:05.0827 0x0b8c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:31:05.0842 0x0b8c  isapnp - ok
07:31:05.0889 0x0b8c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
07:31:05.0920 0x0b8c  iScsiPrt - ok
07:31:05.0952 0x0b8c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:31:05.0967 0x0b8c  kbdclass - ok
07:31:05.0983 0x0b8c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:31:06.0014 0x0b8c  kbdhid - ok
07:31:06.0030 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] KeyIso          C:\Windows\system32\lsass.exe
07:31:06.0061 0x0b8c  KeyIso - ok
07:31:06.0092 0x0b8c  [ A061E519ACDE34843DFA3F1C7358DAA2, 457417DF5BDC267EA4649A2E65D72FC8308899C1E4F0D26113D31F42767E618E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:31:06.0123 0x0b8c  KSecDD - ok
07:31:06.0139 0x0b8c  [ 523091605C05F5DE880426A2FBA0F87C, 96884B50032B70F455D519934671940ED2493CA62CAACF68E89CCC2E5B0D3F01 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
07:31:06.0170 0x0b8c  KSecPkg - ok
07:31:06.0201 0x0b8c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:31:06.0248 0x0b8c  KtmRm - ok
07:31:06.0279 0x0b8c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
07:31:06.0326 0x0b8c  LanmanServer - ok
07:31:06.0342 0x0b8c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:31:06.0373 0x0b8c  LanmanWorkstation - ok
07:31:06.0420 0x0b8c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:31:06.0451 0x0b8c  lltdio - ok
07:31:06.0466 0x0b8c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:31:06.0513 0x0b8c  lltdsvc - ok
07:31:06.0529 0x0b8c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:31:06.0544 0x0b8c  lmhosts - ok
07:31:06.0576 0x0b8c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:31:06.0607 0x0b8c  LSI_FC - ok
07:31:06.0607 0x0b8c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:31:06.0638 0x0b8c  LSI_SAS - ok
07:31:06.0654 0x0b8c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
07:31:06.0685 0x0b8c  LSI_SAS2 - ok
07:31:06.0685 0x0b8c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:31:06.0716 0x0b8c  LSI_SCSI - ok
07:31:06.0716 0x0b8c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
07:31:06.0763 0x0b8c  luafv - ok
07:31:06.0794 0x0b8c  [ 40C7F4B63337414F967AC53E0520B06B, 1E42F17F17B8BF748EFB15112EDA2DBD76761A011673B654020084AEC02089F1 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
07:31:06.0810 0x0b8c  MBAMProtector - ok
07:31:06.0872 0x0b8c  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
07:31:06.0934 0x0b8c  MBAMService - ok
07:31:06.0966 0x0b8c  [ 63254775FE0F974F5316B4EC3F163038, 05C83C2A8C29075C25E506AA4554906096320DF5517EE550724A1DE35A7A5206 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
07:31:06.0981 0x0b8c  MBAMWebAccessControl - ok
07:31:07.0012 0x0b8c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:31:07.0044 0x0b8c  Mcx2Svc - ok
07:31:07.0059 0x0b8c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:31:07.0075 0x0b8c  megasas - ok
07:31:07.0090 0x0b8c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
07:31:07.0137 0x0b8c  MegaSR - ok
07:31:07.0153 0x0b8c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
07:31:07.0200 0x0b8c  MMCSS - ok
07:31:07.0215 0x0b8c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
07:31:07.0262 0x0b8c  Modem - ok
07:31:07.0278 0x0b8c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:31:07.0309 0x0b8c  monitor - ok
07:31:07.0324 0x0b8c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:31:07.0356 0x0b8c  mouclass - ok
07:31:07.0371 0x0b8c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
07:31:07.0402 0x0b8c  mouhid - ok
07:31:07.0418 0x0b8c  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
07:31:07.0449 0x0b8c  mountmgr - ok
07:31:07.0465 0x0b8c  [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:31:07.0527 0x0b8c  MozillaMaintenance - ok
07:31:07.0558 0x0b8c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:31:07.0590 0x0b8c  mpio - ok
07:31:07.0590 0x0b8c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:31:07.0621 0x0b8c  mpsdrv - ok
07:31:07.0652 0x0b8c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:31:07.0699 0x0b8c  MpsSvc - ok
07:31:07.0714 0x0b8c  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:31:07.0777 0x0b8c  MRxDAV - ok
07:31:07.0808 0x0b8c  [ C7492026F6691A92C4508DDDB041CE4E, 98B05C6B7EE5FE4F4BFCFDB807612897E692B4C07524506EB84B318535076ADD ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:31:07.0855 0x0b8c  mrxsmb - ok
07:31:07.0870 0x0b8c  [ 34779EBCFEAB87A236B33C365A637144, B2091C423A4767CC0616B4385FF3B8AC2CBDBCC9BF82F2C79670CC1BC1E49A02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:31:07.0902 0x0b8c  mrxsmb10 - ok
07:31:07.0933 0x0b8c  [ C34DE43FDAD9C32383BB4A5EE60126D4, 5F82D803ABB2817D9384D87435849A5EEE946B1C431348F26FA0220262DB1798 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:31:07.0948 0x0b8c  mrxsmb20 - ok
07:31:07.0980 0x0b8c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
07:31:08.0011 0x0b8c  msahci - ok
07:31:08.0026 0x0b8c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:31:08.0058 0x0b8c  msdsm - ok
07:31:08.0073 0x0b8c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
07:31:08.0104 0x0b8c  MSDTC - ok
07:31:08.0120 0x0b8c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:31:08.0151 0x0b8c  Msfs - ok
07:31:08.0167 0x0b8c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
07:31:08.0198 0x0b8c  mshidkmdf - ok
07:31:08.0214 0x0b8c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:31:08.0229 0x0b8c  msisadrv - ok
07:31:08.0260 0x0b8c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:31:08.0307 0x0b8c  MSiSCSI - ok
07:31:08.0307 0x0b8c  msiserver - ok
07:31:08.0323 0x0b8c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:31:08.0370 0x0b8c  MSKSSRV - ok
07:31:08.0385 0x0b8c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:31:08.0416 0x0b8c  MSPCLOCK - ok
07:31:08.0416 0x0b8c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:31:08.0463 0x0b8c  MSPQM - ok
07:31:08.0463 0x0b8c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:31:08.0494 0x0b8c  MsRPC - ok
07:31:08.0510 0x0b8c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:31:08.0526 0x0b8c  mssmbios - ok
07:31:08.0541 0x0b8c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:31:08.0572 0x0b8c  MSTEE - ok
07:31:08.0588 0x0b8c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
07:31:08.0619 0x0b8c  MTConfig - ok
07:31:08.0635 0x0b8c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:31:08.0650 0x0b8c  Mup - ok
07:31:08.0682 0x0b8c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
07:31:08.0713 0x0b8c  napagent - ok
07:31:08.0744 0x0b8c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:31:08.0760 0x0b8c  NativeWifiP - ok
07:31:08.0822 0x0b8c  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:31:08.0869 0x0b8c  NDIS - ok
07:31:08.0900 0x0b8c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
07:31:08.0947 0x0b8c  NdisCap - ok
07:31:08.0962 0x0b8c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:31:09.0009 0x0b8c  NdisTapi - ok
07:31:09.0025 0x0b8c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:31:09.0056 0x0b8c  Ndisuio - ok
07:31:09.0072 0x0b8c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:31:09.0134 0x0b8c  NdisWan - ok
07:31:09.0134 0x0b8c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:31:09.0181 0x0b8c  NDProxy - ok
07:31:09.0181 0x0b8c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:31:09.0228 0x0b8c  NetBIOS - ok
07:31:09.0228 0x0b8c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
07:31:09.0274 0x0b8c  NetBT - ok
07:31:09.0290 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] Netlogon        C:\Windows\system32\lsass.exe
07:31:09.0321 0x0b8c  Netlogon - ok
07:31:09.0368 0x0b8c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
07:31:09.0399 0x0b8c  Netman - ok
07:31:09.0430 0x0b8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:31:09.0493 0x0b8c  NetMsmqActivator - ok
07:31:09.0508 0x0b8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:31:09.0524 0x0b8c  NetPipeActivator - ok
07:31:09.0540 0x0b8c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
07:31:09.0571 0x0b8c  netprofm - ok
07:31:09.0618 0x0b8c  [ EA80490BB988EA22B7D3B3A4133CC9D1, 00190B9761D76BA4168B87B068C5F7D6DB1AFAE9C235B5655092692946A4A8A4 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
07:31:09.0680 0x0b8c  netr28u - ok
07:31:09.0696 0x0b8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:31:09.0711 0x0b8c  NetTcpActivator - ok
07:31:09.0711 0x0b8c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:31:09.0742 0x0b8c  NetTcpPortSharing - ok
07:31:09.0758 0x0b8c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:31:09.0789 0x0b8c  nfrd960 - ok
07:31:09.0805 0x0b8c  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:31:09.0836 0x0b8c  NlaSvc - ok
07:31:09.0836 0x0b8c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:31:09.0883 0x0b8c  Npfs - ok
07:31:09.0898 0x0b8c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
07:31:09.0930 0x0b8c  nsi - ok
07:31:09.0930 0x0b8c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:31:09.0961 0x0b8c  nsiproxy - ok
07:31:10.0008 0x0b8c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:31:10.0070 0x0b8c  Ntfs - ok
07:31:10.0086 0x0b8c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
07:31:10.0117 0x0b8c  Null - ok
07:31:10.0132 0x0b8c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:31:10.0164 0x0b8c  nvraid - ok
07:31:10.0179 0x0b8c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:31:10.0210 0x0b8c  nvstor - ok
07:31:10.0226 0x0b8c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:31:10.0257 0x0b8c  nv_agp - ok
07:31:10.0257 0x0b8c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
07:31:10.0288 0x0b8c  ohci1394 - ok
07:31:10.0320 0x0b8c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
07:31:10.0351 0x0b8c  p2pimsvc - ok
07:31:10.0366 0x0b8c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:31:10.0398 0x0b8c  p2psvc - ok
07:31:10.0429 0x0b8c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
07:31:10.0460 0x0b8c  Parport - ok
07:31:10.0476 0x0b8c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:31:10.0507 0x0b8c  partmgr - ok
07:31:10.0522 0x0b8c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
07:31:10.0538 0x0b8c  Parvdm - ok
07:31:10.0554 0x0b8c  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:31:10.0585 0x0b8c  PcaSvc - ok
07:31:10.0616 0x0b8c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
07:31:10.0647 0x0b8c  pci - ok
07:31:10.0647 0x0b8c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
07:31:10.0678 0x0b8c  pciide - ok
07:31:10.0694 0x0b8c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
07:31:10.0725 0x0b8c  pcmcia - ok
07:31:10.0741 0x0b8c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
07:31:10.0772 0x0b8c  pcw - ok
07:31:10.0788 0x0b8c  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:31:10.0819 0x0b8c  PEAUTH - ok
07:31:10.0866 0x0b8c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
07:31:10.0959 0x0b8c  pla - ok
07:31:10.0990 0x0b8c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:31:11.0037 0x0b8c  PlugPlay - ok
07:31:11.0053 0x0b8c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
07:31:11.0084 0x0b8c  PNRPAutoReg - ok
07:31:11.0084 0x0b8c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
07:31:11.0115 0x0b8c  PNRPsvc - ok
07:31:11.0146 0x0b8c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:31:11.0193 0x0b8c  PolicyAgent - ok
07:31:11.0224 0x0b8c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
07:31:11.0256 0x0b8c  Power - ok
07:31:11.0287 0x0b8c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:31:11.0318 0x0b8c  PptpMiniport - ok
07:31:11.0349 0x0b8c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
07:31:11.0365 0x0b8c  Processor - ok
07:31:11.0474 0x0b8c  [ 04DF667C2E5DB358453C706D1280C3AD, 0EBA1A49268D0AAAD3CD1AD7BC3829FC97489FC61157ADB35DABF62A754DA608 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
07:31:11.0521 0x0b8c  ProductAgentService - ok
07:31:11.0552 0x0b8c  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
07:31:11.0599 0x0b8c  ProfSvc - ok
07:31:11.0614 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:31:11.0630 0x0b8c  ProtectedStorage - ok
07:31:11.0661 0x0b8c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
07:31:11.0692 0x0b8c  Psched - ok
07:31:11.0724 0x0b8c  [ 03E0FE281823BA64B3782F5B38950E73, D47E5536AD28D02B7D784846CFB2F4FD96187BFD64FC07BACDE9DC7B75D1D2E2 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
07:31:11.0755 0x0b8c  PxHelp20 - ok
07:31:11.0786 0x0b8c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:31:11.0848 0x0b8c  ql2300 - ok
07:31:11.0864 0x0b8c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:31:11.0895 0x0b8c  ql40xx - ok
07:31:11.0911 0x0b8c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
07:31:11.0958 0x0b8c  QWAVE - ok
07:31:11.0973 0x0b8c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:31:12.0004 0x0b8c  QWAVEdrv - ok
07:31:12.0004 0x0b8c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:31:12.0051 0x0b8c  RasAcd - ok
07:31:12.0067 0x0b8c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
07:31:12.0098 0x0b8c  RasAgileVpn - ok
07:31:12.0114 0x0b8c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
07:31:12.0160 0x0b8c  RasAuto - ok
07:31:12.0176 0x0b8c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:31:12.0207 0x0b8c  Rasl2tp - ok
07:31:12.0238 0x0b8c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
07:31:12.0285 0x0b8c  RasMan - ok
07:31:12.0285 0x0b8c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:31:12.0332 0x0b8c  RasPppoe - ok
07:31:12.0348 0x0b8c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:31:12.0379 0x0b8c  RasSstp - ok
07:31:12.0394 0x0b8c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:31:12.0441 0x0b8c  rdbss - ok
07:31:12.0457 0x0b8c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
07:31:12.0488 0x0b8c  rdpbus - ok
07:31:12.0504 0x0b8c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:31:12.0535 0x0b8c  RDPCDD - ok
07:31:12.0535 0x0b8c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:31:12.0566 0x0b8c  RDPENCDD - ok
07:31:12.0566 0x0b8c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
07:31:12.0597 0x0b8c  RDPREFMP - ok
07:31:12.0628 0x0b8c  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:31:12.0660 0x0b8c  RDPWD - ok
07:31:12.0675 0x0b8c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
07:31:12.0706 0x0b8c  rdyboost - ok
07:31:12.0738 0x0b8c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:31:12.0769 0x0b8c  RemoteAccess - ok
07:31:12.0784 0x0b8c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:31:12.0831 0x0b8c  RemoteRegistry - ok
07:31:12.0847 0x0b8c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
07:31:12.0878 0x0b8c  RpcEptMapper - ok
07:31:12.0909 0x0b8c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
07:31:12.0925 0x0b8c  RpcLocator - ok
07:31:12.0940 0x0b8c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
07:31:12.0987 0x0b8c  RpcSs - ok
07:31:12.0987 0x0b8c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:31:13.0018 0x0b8c  rspndr - ok
07:31:13.0050 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] SamSs           C:\Windows\system32\lsass.exe
07:31:13.0065 0x0b8c  SamSs - ok
07:31:13.0096 0x0b8c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:31:13.0128 0x0b8c  sbp2port - ok
07:31:13.0128 0x0b8c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:31:13.0174 0x0b8c  SCardSvr - ok
07:31:13.0190 0x0b8c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
07:31:13.0237 0x0b8c  scfilter - ok
07:31:13.0268 0x0b8c  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
07:31:13.0315 0x0b8c  Schedule - ok
07:31:13.0330 0x0b8c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:31:13.0362 0x0b8c  SCPolicySvc - ok
07:31:13.0377 0x0b8c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:31:13.0408 0x0b8c  SDRSVC - ok
07:31:13.0424 0x0b8c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:31:13.0471 0x0b8c  secdrv - ok
07:31:13.0471 0x0b8c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
07:31:13.0518 0x0b8c  seclogon - ok
07:31:13.0518 0x0b8c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
07:31:13.0564 0x0b8c  SENS - ok
07:31:13.0580 0x0b8c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
07:31:13.0627 0x0b8c  SensrSvc - ok
07:31:13.0642 0x0b8c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
07:31:13.0674 0x0b8c  Serenum - ok
07:31:13.0689 0x0b8c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
07:31:13.0720 0x0b8c  Serial - ok
07:31:13.0736 0x0b8c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:31:13.0767 0x0b8c  sermouse - ok
07:31:13.0783 0x0b8c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:31:13.0830 0x0b8c  SessionEnv - ok
07:31:13.0845 0x0b8c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
07:31:13.0861 0x0b8c  sffdisk - ok
07:31:13.0876 0x0b8c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:31:13.0908 0x0b8c  sffp_mmc - ok
07:31:13.0908 0x0b8c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
07:31:13.0939 0x0b8c  sffp_sd - ok
07:31:13.0939 0x0b8c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:31:13.0970 0x0b8c  sfloppy - ok
07:31:14.0001 0x0b8c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:31:14.0048 0x0b8c  SharedAccess - ok
07:31:14.0064 0x0b8c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:31:14.0110 0x0b8c  ShellHWDetection - ok
07:31:14.0126 0x0b8c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
07:31:14.0157 0x0b8c  sisagp - ok
07:31:14.0173 0x0b8c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
07:31:14.0204 0x0b8c  SiSRaid2 - ok
07:31:14.0220 0x0b8c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:31:14.0235 0x0b8c  SiSRaid4 - ok
07:31:14.0251 0x0b8c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:31:14.0298 0x0b8c  Smb - ok
07:31:14.0313 0x0b8c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:31:14.0329 0x0b8c  SNMPTRAP - ok
07:31:14.0344 0x0b8c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:31:14.0360 0x0b8c  spldr - ok
07:31:14.0391 0x0b8c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
07:31:14.0422 0x0b8c  Spooler - ok
07:31:14.0500 0x0b8c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
07:31:14.0641 0x0b8c  sppsvc - ok
07:31:14.0656 0x0b8c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
07:31:14.0703 0x0b8c  sppuinotify - ok
07:31:14.0734 0x0b8c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:31:14.0766 0x0b8c  srv - ok
07:31:14.0781 0x0b8c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:31:14.0828 0x0b8c  srv2 - ok
07:31:14.0828 0x0b8c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:31:14.0859 0x0b8c  srvnet - ok
07:31:14.0859 0x0b8c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:31:14.0906 0x0b8c  SSDPSRV - ok
07:31:14.0922 0x0b8c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:31:14.0953 0x0b8c  SstpSvc - ok
07:31:14.0984 0x0b8c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
07:31:15.0000 0x0b8c  stexstor - ok
07:31:15.0031 0x0b8c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
07:31:15.0078 0x0b8c  StiSvc - ok
07:31:15.0093 0x0b8c  [ E476C66713C842F58E61A95826ED1D57, 33632E8AE6D868EAC7D676E4236E78A0B1E613C9A5FA2470A0419B2E9A6CAE4B ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
07:31:15.0124 0x0b8c  stllssvr - ok
07:31:15.0140 0x0b8c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:31:15.0171 0x0b8c  swenum - ok
07:31:15.0187 0x0b8c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
07:31:15.0234 0x0b8c  swprv - ok
07:31:15.0280 0x0b8c  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
07:31:15.0358 0x0b8c  SysMain - ok
07:31:15.0374 0x0b8c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
07:31:15.0405 0x0b8c  TabletInputService - ok
07:31:15.0436 0x0b8c  [ B40FECCBA92D8495366B6974D35704FF, 532A9050EA2C017407E5302048E7BC461370DB48B1778D38509EC586446B1F28 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
07:31:15.0483 0x0b8c  tap0901 - ok
07:31:15.0499 0x0b8c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:31:15.0530 0x0b8c  TapiSrv - ok
07:31:15.0577 0x0b8c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
07:31:15.0608 0x0b8c  TBS - ok
07:31:15.0655 0x0b8c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:31:15.0733 0x0b8c  Tcpip - ok
07:31:15.0764 0x0b8c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
07:31:15.0811 0x0b8c  TCPIP6 - ok
07:31:15.0842 0x0b8c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:31:15.0858 0x0b8c  tcpipreg - ok
07:31:15.0889 0x0b8c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:31:15.0920 0x0b8c  TDPIPE - ok
07:31:15.0951 0x0b8c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:31:15.0967 0x0b8c  TDTCP - ok
07:31:16.0014 0x0b8c  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:31:16.0060 0x0b8c  tdx - ok
07:31:16.0076 0x0b8c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:31:16.0092 0x0b8c  TermDD - ok
07:31:16.0123 0x0b8c  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
07:31:16.0170 0x0b8c  TermService - ok
07:31:16.0201 0x0b8c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
07:31:16.0216 0x0b8c  Themes - ok
07:31:16.0232 0x0b8c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
07:31:16.0263 0x0b8c  THREADORDER - ok
07:31:16.0279 0x0b8c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
07:31:16.0326 0x0b8c  TrkWks - ok
07:31:16.0357 0x0b8c  [ 61073F2A7098B894539CB582C5BC7C27, 777698E12BD146726938798A2947C2A88DF7DFE15E5F6048B14215DB7BAE9433 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
07:31:16.0404 0x0b8c  trufos - ok
07:31:16.0419 0x0b8c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:31:16.0450 0x0b8c  TrustedInstaller - ok
07:31:16.0482 0x0b8c  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:31:16.0497 0x0b8c  tssecsrv - ok
07:31:16.0513 0x0b8c  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
07:31:16.0544 0x0b8c  TsUsbFlt - ok
07:31:16.0560 0x0b8c  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
07:31:16.0591 0x0b8c  TsUsbGD - ok
07:31:16.0622 0x0b8c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:31:16.0653 0x0b8c  tunnel - ok
07:31:16.0669 0x0b8c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:31:16.0700 0x0b8c  uagp35 - ok
07:31:16.0700 0x0b8c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:31:16.0747 0x0b8c  udfs - ok
07:31:16.0762 0x0b8c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:31:16.0794 0x0b8c  UI0Detect - ok
07:31:16.0809 0x0b8c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:31:16.0840 0x0b8c  uliagpkx - ok
07:31:16.0856 0x0b8c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:31:16.0887 0x0b8c  umbus - ok
07:31:16.0903 0x0b8c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
07:31:16.0934 0x0b8c  UmPass - ok
07:31:17.0043 0x0b8c  [ 22DE8541E57D8ADE6F576DCEB0E38A27, 03E91715D5FAD4C73D57FF5E694CBA53F4C5CA3D767D62837E19A5076DA2360F ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
07:31:17.0121 0x0b8c  UPDATESRV - ok
07:31:17.0152 0x0b8c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
07:31:17.0199 0x0b8c  upnphost - ok
07:31:17.0215 0x0b8c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:31:17.0246 0x0b8c  usbccgp - ok
07:31:17.0277 0x0b8c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:31:17.0309 0x0b8c  usbcir - ok
07:31:17.0324 0x0b8c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
07:31:17.0355 0x0b8c  usbehci - ok
07:31:17.0387 0x0b8c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:31:17.0418 0x0b8c  usbhub - ok
07:31:17.0433 0x0b8c  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
07:31:17.0465 0x0b8c  usbohci - ok
07:31:17.0480 0x0b8c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
07:31:17.0511 0x0b8c  usbprint - ok
07:31:17.0511 0x0b8c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:31:17.0558 0x0b8c  USBSTOR - ok
07:31:17.0574 0x0b8c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
07:31:17.0589 0x0b8c  usbuhci - ok
07:31:17.0621 0x0b8c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
07:31:17.0636 0x0b8c  UxSms - ok
07:31:17.0667 0x0b8c  [ 5111FA6EC341BACC07FA69AA9764B6D2, ACF4095EE673AFAF9FDDE9E8EFA191A4A72BAA0371A3AD26925EA267E0E40E61 ] VaultSvc        C:\Windows\system32\lsass.exe
07:31:17.0683 0x0b8c  VaultSvc - ok
07:31:17.0714 0x0b8c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
07:31:17.0745 0x0b8c  vdrvroot - ok
07:31:17.0761 0x0b8c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
07:31:17.0808 0x0b8c  vds - ok
07:31:17.0823 0x0b8c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:31:17.0839 0x0b8c  vga - ok
07:31:17.0855 0x0b8c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:31:17.0901 0x0b8c  VgaSave - ok
07:31:17.0901 0x0b8c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
07:31:17.0948 0x0b8c  vhdmp - ok
07:31:17.0964 0x0b8c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
07:31:17.0979 0x0b8c  viaagp - ok
07:31:17.0995 0x0b8c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
07:31:18.0026 0x0b8c  ViaC7 - ok
07:31:18.0026 0x0b8c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:31:18.0057 0x0b8c  viaide - ok
07:31:18.0057 0x0b8c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:31:18.0089 0x0b8c  volmgr - ok
07:31:18.0104 0x0b8c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:31:18.0135 0x0b8c  volmgrx - ok
07:31:18.0135 0x0b8c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:31:18.0182 0x0b8c  volsnap - ok
07:31:18.0198 0x0b8c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:31:18.0229 0x0b8c  vsmraid - ok
07:31:18.0260 0x0b8c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
07:31:18.0338 0x0b8c  VSS - ok
07:31:18.0619 0x0b8c  [ 86452C0EC7194D91894C3A7222D4F2AD, F8487C5F7DECCEFBF29836D35FEDC86F2371EDACEF8A35314161D41C9A2AE502 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
07:31:18.0666 0x0b8c  VSSERV - ok
07:31:18.0681 0x0b8c  VUSB3HUB - ok
07:31:18.0681 0x0b8c  VUSBSTOR - ok
07:31:18.0697 0x0b8c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
07:31:18.0728 0x0b8c  vwifibus - ok
07:31:18.0744 0x0b8c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
07:31:18.0775 0x0b8c  vwififlt - ok
07:31:18.0806 0x0b8c  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
07:31:18.0822 0x0b8c  vwifimp - ok
07:31:18.0837 0x0b8c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
07:31:18.0884 0x0b8c  W32Time - ok
07:31:18.0900 0x0b8c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:31:18.0931 0x0b8c  WacomPen - ok
07:31:18.0947 0x0b8c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
07:31:18.0978 0x0b8c  WANARP - ok
07:31:18.0993 0x0b8c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:31:19.0025 0x0b8c  Wanarpv6 - ok
07:31:19.0071 0x0b8c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
07:31:19.0134 0x0b8c  wbengine - ok
07:31:19.0149 0x0b8c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
07:31:19.0181 0x0b8c  WbioSrvc - ok
07:31:19.0196 0x0b8c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:31:19.0243 0x0b8c  wcncsvc - ok
07:31:19.0259 0x0b8c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:31:19.0290 0x0b8c  WcsPlugInService - ok
07:31:19.0290 0x0b8c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
07:31:19.0321 0x0b8c  Wd - ok
07:31:19.0352 0x0b8c  [ 5A833408ACFEADB92C7BEB2E7DB6B9BF, 7704B4183E7532F0E7FB964EB54894511042B6E6F588C09EE2C3DEDF0C58A7D8 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
07:31:19.0383 0x0b8c  WDC_SAM - ok
07:31:19.0415 0x0b8c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:31:19.0461 0x0b8c  Wdf01000 - ok
07:31:19.0493 0x0b8c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:31:19.0524 0x0b8c  WdiServiceHost - ok
07:31:19.0524 0x0b8c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:31:19.0539 0x0b8c  WdiSystemHost - ok
07:31:19.0586 0x0b8c  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
07:31:19.0664 0x0b8c  WebClient - ok
07:31:19.0680 0x0b8c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:31:19.0727 0x0b8c  Wecsvc - ok
07:31:19.0742 0x0b8c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:31:19.0789 0x0b8c  wercplsupport - ok
07:31:19.0820 0x0b8c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
07:31:19.0867 0x0b8c  WerSvc - ok
07:31:19.0883 0x0b8c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
07:31:19.0929 0x0b8c  WfpLwf - ok
07:31:19.0945 0x0b8c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
07:31:19.0976 0x0b8c  WIMMount - ok
07:31:20.0117 0x0b8c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
07:31:20.0257 0x0b8c  WinDefend - ok
07:31:20.0273 0x0b8c  WinHttpAutoProxySvc - ok
07:31:20.0335 0x0b8c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:31:20.0382 0x0b8c  Winmgmt - ok
07:31:20.0429 0x0b8c  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
07:31:20.0475 0x0b8c  WinRM - ok
07:31:20.0538 0x0b8c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
07:31:20.0553 0x0b8c  WinUsb - ok
07:31:20.0616 0x0b8c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:31:20.0678 0x0b8c  Wlansvc - ok
07:31:20.0678 0x0b8c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
07:31:20.0709 0x0b8c  WmiAcpi - ok
07:31:20.0741 0x0b8c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:31:20.0772 0x0b8c  wmiApSrv - ok
07:31:20.0850 0x0b8c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
07:31:20.0912 0x0b8c  WMPNetworkSvc - ok
07:31:20.0928 0x0b8c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:31:20.0959 0x0b8c  WPCSvc - ok
07:31:20.0959 0x0b8c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:31:20.0990 0x0b8c  WPDBusEnum - ok
07:31:21.0021 0x0b8c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:31:21.0053 0x0b8c  ws2ifsl - ok
07:31:21.0053 0x0b8c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
07:31:21.0084 0x0b8c  wscsvc - ok
07:31:21.0099 0x0b8c  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
07:31:21.0131 0x0b8c  WSDPrintDevice - ok
07:31:21.0131 0x0b8c  [ 7DC0270CFD4A05B4112E3EBBF083B595, DF4FCDE511F0B68B6C6E28C820EB722C34710F31A16023A9A297EAD228E00137 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
07:31:21.0162 0x0b8c  WSDScan - ok
07:31:21.0162 0x0b8c  WSearch - ok
07:31:21.0255 0x0b8c  [ 8F145DC71B87BB4D6829FF6ECC9FB8CE, 7841671FAF9EEF326B6A5F2E63C65DB2F54D15357527EBAD2ADDA1BB1FE0479E ] wuauserv        C:\Windows\system32\wuaueng.dll
07:31:21.0333 0x0b8c  wuauserv - ok
07:31:21.0365 0x0b8c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
07:31:21.0396 0x0b8c  WudfPf - ok
07:31:21.0427 0x0b8c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:31:21.0458 0x0b8c  WUDFRd - ok
07:31:21.0474 0x0b8c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:31:21.0505 0x0b8c  wudfsvc - ok
07:31:21.0536 0x0b8c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
07:31:21.0583 0x0b8c  WwanSvc - ok
07:31:21.0599 0x0b8c  xhcdrv - ok
07:31:21.0630 0x0b8c  ================ Scan global ===============================
07:31:21.0661 0x0b8c  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
07:31:21.0692 0x0b8c  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
07:31:21.0692 0x0b8c  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
07:31:21.0723 0x0b8c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
07:31:21.0739 0x0b8c  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
07:31:21.0739 0x0b8c  [ Global ] - ok
07:31:21.0755 0x0b8c  ================ Scan MBR ==================================
07:31:21.0755 0x0b8c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
07:31:21.0989 0x0b8c  \Device\Harddisk1\DR1 - ok
07:31:21.0989 0x0b8c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:31:22.0535 0x0b8c  \Device\Harddisk0\DR0 - ok
07:31:22.0535 0x0b8c  ================ Scan VBR ==================================
07:31:22.0535 0x0b8c  [ 40525B3CBA4FA78704F72334AEC98AC7 ] \Device\Harddisk1\DR1\Partition1
07:31:22.0628 0x0b8c  \Device\Harddisk1\DR1\Partition1 - ok
07:31:22.0675 0x0b8c  [ 65D28C230A6A8BF48D80F7E8059309BD ] \Device\Harddisk1\DR1\Partition2
07:31:22.0691 0x0b8c  \Device\Harddisk1\DR1\Partition2 - ok
07:31:22.0691 0x0b8c  [ 541C1282E155E12442872AE6E85854A4 ] \Device\Harddisk0\DR0\Partition1
07:31:22.0722 0x0b8c  \Device\Harddisk0\DR0\Partition1 - ok
07:31:22.0722 0x0b8c  [ 5C901E406CF09936CB7FFF6AE22650F4 ] \Device\Harddisk0\DR0\Partition2
07:31:22.0722 0x0b8c  \Device\Harddisk0\DR0\Partition2 - ok
07:31:22.0722 0x0b8c  ================ Scan generic autorun ======================
07:31:22.0971 0x0b8c  [ AEB3E8A6308604C3490A36D06D6685DC, CAFAE7697261CDA6934E324FC45D893BB452F23A1196FECC6930B72FFA8A2738 ] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
07:31:22.0987 0x0b8c  Adobe Acrobat Speed Launcher - ok
07:31:23.0127 0x0b8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:31:23.0205 0x0b8c  Sidebar - ok
07:31:23.0237 0x0b8c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:31:23.0283 0x0b8c  mctadmin - ok
07:31:23.0315 0x0b8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
07:31:23.0346 0x0b8c  Sidebar - ok
07:31:23.0361 0x0b8c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
07:31:23.0393 0x0b8c  mctadmin - ok
07:31:23.0439 0x0b8c  [ C740EF83E6BFCBB1DC7D5D13F22AB812, 8865FE777375BA20BC268FC9872B0C6ED0814316A4201DEB8C261E0F00EF0BBD ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
07:31:23.0486 0x0b8c  Bitdefender Wallet Agent - ok
07:31:23.0611 0x0b8c  [ A9D6FD155C4143242BA1FEAFE54129A7, 2ACC52FE5ECDC124DDA70ABB7DAE3AD0C22DFB128C324F196FBBE102027AE7AA ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIJJE.EXE
07:31:23.0627 0x0b8c  EPLTarget\P0000000000000002 - ok
07:31:23.0642 0x0b8c  [ A9D6FD155C4143242BA1FEAFE54129A7, 2ACC52FE5ECDC124DDA70ABB7DAE3AD0C22DFB128C324F196FBBE102027AE7AA ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIJJE.EXE
07:31:23.0673 0x0b8c  EPLTarget\P0000000000000000 - ok
07:31:23.0705 0x0b8c  [ C740EF83E6BFCBB1DC7D5D13F22AB812, 8865FE777375BA20BC268FC9872B0C6ED0814316A4201DEB8C261E0F00EF0BBD ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
07:31:23.0751 0x0b8c  Bitdefender Wallet Agent - ok
07:31:23.0751 0x0b8c  Waiting for KSN requests completion. In queue: 310
07:31:24.0752 0x0b8c  Waiting for KSN requests completion. In queue: 310
07:31:25.0766 0x0b8c  Waiting for KSN requests completion. In queue: 310
07:31:26.0626 0x0e6c  Object required for P2P: [ 86452C0EC7194D91894C3A7222D4F2AD ] VSSERV
07:31:26.0766 0x0b8c  Waiting for KSN requests completion. In queue: 51
07:31:27.0780 0x0b8c  Waiting for KSN requests completion. In queue: 51
07:31:28.0794 0x0b8c  Waiting for KSN requests completion. In queue: 51
07:31:29.0683 0x0e6c  Object send P2P result: true
07:31:29.0699 0x0e6c  Object required for P2P: [ C740EF83E6BFCBB1DC7D5D13F22AB812 ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
07:31:29.0808 0x0b8c  Waiting for KSN requests completion. In queue: 4
07:31:30.0809 0x0b8c  Waiting for KSN requests completion. In queue: 4
07:31:31.0823 0x0b8c  Waiting for KSN requests completion. In queue: 4
07:31:32.0743 0x0e6c  Object send P2P result: true
07:31:32.0743 0x0e6c  Object required for P2P: [ C740EF83E6BFCBB1DC7D5D13F22AB812 ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
07:31:32.0837 0x0b8c  Waiting for KSN requests completion. In queue: 3
07:31:33.0851 0x0b8c  Waiting for KSN requests completion. In queue: 3
07:31:34.0865 0x0b8c  Waiting for KSN requests completion. In queue: 3
07:31:35.0785 0x0e6c  Object send P2P result: true
07:31:35.0910 0x0b8c  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.24.1264 ), 0x41000 ( enabled : updated )
07:31:35.0925 0x0b8c  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.24.1264 ), 0x41010 ( enabled )
07:31:38.0795 0x0b8c  ============================================================
07:31:38.0795 0x0b8c  Scan finished
07:31:38.0795 0x0b8c  ============================================================
07:31:38.0795 0x1018  Detected object count: 0
07:31:38.0795 0x1018  Actual detected object count: 0
 


#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:26 PM

Posted 03 January 2016 - 07:39 AM

OK, please do the following now:

Step 1

v21logo.PNG
Scan with Malwarebytes Anti-Malware.
  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].
mbamv21.gif

Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed, click on Finish.
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

Edited by deeprybka, 03 January 2016 - 07:39 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 MeerMan

MeerMan
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 03 January 2016 - 08:31 AM

I have completed step 1 and run Malwarebytes. Step 2 to follow soon:

 

Thank you!

 

(wrong log sent and deleted)

Edited by MeerMan, 03 January 2016 - 08:43 AM.


#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:26 PM

Posted 03 January 2016 - 08:33 AM

You have posted the TDSS-Killer log... :)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 MeerMan

MeerMan
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 03 January 2016 - 08:41 AM

Sorry for the mistake. Here is the Malwarebytes report:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/3/2016
Scan Time: 8:11 AM
Logfile: Malwarebytes.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.01.03.03
Rootkit Database: v2015.12.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: DELL
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340794
Time Elapsed: 15 min, 18 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.WinYahoo, HKLM\SOFTWARE\PCV-VARS, Quarantined, [64dbc76ef2a7be783b7452c7a3610df3], 
 
Registry Values: 1
PUP.Optional.WinYahoo, HKLM\SOFTWARE\PCV-VARS|affiliateid, Quarantined, [64dbc76ef2a7be783b7452c7a3610df3], 
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.AdPeak, C:\Users\DELL\Desktop\Security setups\install [1].exe, Quarantined, [68d7e64fe4b5b581bcd1caaf728f55ab], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:26 PM

Posted 03 January 2016 - 08:42 AM

:thumbup2:


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 MeerMan

MeerMan
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 03 January 2016 - 11:20 AM

STEP 2: ESET Scan. Sorry, I made another mistake and ran the scanner with setting "Remove Threats". 

 

Here is the log.txt result.  Thank you!  Meerman

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4d7abcd4feda014c9f2b476341dc4ab2
# end=init
# utc_time=2016-01-03 01:33:39
# local_time=2016-01-03 08:33:39 (-0500, Eastern Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27471
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4d7abcd4feda014c9f2b476341dc4ab2
# end=updated
# utc_time=2016-01-03 01:40:31
# local_time=2016-01-03 08:40:31 (-0500, Eastern Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4d7abcd4feda014c9f2b476341dc4ab2
# engine=27471
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-01-03 04:05:11
# local_time=2016-01-03 11:05:11 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2067 16777213 50 88 0 148206585 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 35286783 203381902 0 0
# scanned=304729
# found=26
# cleaned=26
# scan_time=8679
sh=580657D6A9919BC9A0DB6EDB578FC1EF0F54501F ft=1 fh=cbd5cd2c8d8158bf vn="a variant of Win32/InstallCore.AEO.gen potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\ADMINdell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DM51Y51N\install.exe"
sh=4101270357B096EF454463D13581E3D123C60560 ft=1 fh=2a17fddd6cb742ea vn="a variant of Win32/InstallCore.ACL potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\ADMINdell\AppData\Local\Temp\in0BD63D63\7176D8A0_stp\RAM.dll"
sh=4CEA705682BB790C11ABEF4561B0A3A04C405172 ft=1 fh=b2e2ce7ff5f99577 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\ADMINdell\Desktop\Phoenix Security\Security setups Phoenix\spsetup128.exe"
sh=6F77F2137756740F4E632BDD7FDAE582929CB411 ft=1 fh=cd73fc9df274ad5b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\ADMINdell\Desktop\Security setups\ccsetup509.exe"
sh=4CEA705682BB790C11ABEF4561B0A3A04C405172 ft=1 fh=b2e2ce7ff5f99577 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\ADMINdell\Desktop\Security setups\spsetup128.exe"
sh=4CEA705682BB790C11ABEF4561B0A3A04C405172 ft=1 fh=b2e2ce7ff5f99577 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\DELL\Desktop\Phoenix Security\Security setups Phoenix\spsetup128.exe"
sh=6F77F2137756740F4E632BDD7FDAE582929CB411 ft=1 fh=cd73fc9df274ad5b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\DELL\Desktop\Security setups\ccsetup509.exe"
sh=4CEA705682BB790C11ABEF4561B0A3A04C405172 ft=1 fh=b2e2ce7ff5f99577 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\DELL\Desktop\Security setups\spsetup128.exe"
sh=2CF9F87AA2EA689D9B9F5CCED4C51B2595C19027 ft=1 fh=4b16eff5bfe216f3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\DELL\Downloads\ccsetup510.exe"
sh=4CEA705682BB790C11ABEF4561B0A3A04C405172 ft=1 fh=b2e2ce7ff5f99577 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="D:\Phoenix Desktops Past\Phoenix Archive June7\Desktop itmesJun715\Security setups\spsetup128.exe"
sh=3032CB5B0066ACB77259EC89E9ECAFDB21C06BE6 ft=1 fh=4cc4f419610b1b22 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="D:\Phoenix Desktops Past\Phoenix ArchiveMay915\Desktop\Security setups\ccsetup505.exe"
sh=A0891BBD967ECCE9AE8DB8B3FE09C749555A045D ft=1 fh=a7590e5c62574721 vn="Win32/MyPCBackup.C potentially unwanted application (deleted - quarantined)" ac=C fn="D:\Phoenix Desktops Past\Phoenix ArchiveMay915\Desktop\Security setups\IObit-Malware-Fighter-Setup.exe"
sh=F4282582578C18E40F112B8030CF57AD482796B3 ft=1 fh=21d534f22498a626 vn="a variant of Win32/Adware.RegGenie application (cleaned by deleting - quarantined)" ac=C fn="E:\DOC Storage drive I\words\computer health\flamingo drivers\DriverInstalls\RegGenieSetup.exe"
sh=BFF71E263DE68F247D9167A5BD75FCE263BE4B60 ft=1 fh=1ddccbb3dd5dee4e vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application (deleted - quarantined)" ac=C fn="E:\FailedHDDg\DOWNLOADS\CoverterAPPS\TranslatorBar_1.exe"
sh=0D1D317D4147F4EFF4817AD64CEAC7165578686F ft=1 fh=c75bbb6af5235596 vn="a variant of Win32/AdWare.ErrorEND.A application (cleaned by deleting - quarantined)" ac=C fn="E:\FailedHDDg\DOWNLOADS\sOFTWARE\REGSERVO_Installer.exe"
sh=CF2EB58482134A7F5528E4D1BB32DACF82A53849 ft=1 fh=09d4328defaa8fd4 vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="E:\FailedHDDg\DOWNLOADS\sOFTWARE\SweetHome3D-4.0-windows-oc.exe"
sh=8193728637D16FEDD8E5809E6A5F177DEAE87145 ft=1 fh=8b9917ca3e69a6ac vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="E:\FailedHDDg\DOWNLOADS\sOFTWARE\SweetHome3D-4.3-windows-oc (1).exe"
sh=8193728637D16FEDD8E5809E6A5F177DEAE87145 ft=1 fh=8b9917ca3e69a6ac vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="E:\FailedHDDg\DOWNLOADS\sOFTWARE\SweetHome3D-4.3-windows-oc.exe"
sh=F4282582578C18E40F112B8030CF57AD482796B3 ft=1 fh=21d534f22498a626 vn="a variant of Win32/Adware.RegGenie application (cleaned by deleting - quarantined)" ac=C fn="E:\words\computer health\flamingo drivers\DriverInstalls\RegGenieSetup.exe"
sh=F4282582578C18E40F112B8030CF57AD482796B3 ft=1 fh=21d534f22498a626 vn="a variant of Win32/Adware.RegGenie application (cleaned by deleting - quarantined)" ac=C fn="E:\words Flamingo\computer health\flamingo drivers\DriverInstalls\RegGenieSetup.exe"
sh=012CB3E628C9FAC1159A4BA01F79C6C905757FF9 ft=1 fh=2ab5bfb1b985039b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="F:\PhoenixFailureRecoveredCFiles\Users\Al\Desktop\Security setups Phoenix\ccsetup506.exe"
sh=4CEA705682BB790C11ABEF4561B0A3A04C405172 ft=1 fh=b2e2ce7ff5f99577 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="F:\PhoenixFailureRecoveredCFiles\Users\Al\Desktop\Security setups Phoenix\spsetup128.exe"
sh=3A850827FB087FB18C4E794850BAAE943D7A2B7B ft=1 fh=cb07b7692be9da1c vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="F:\PhoenixFailureRecoveredCFiles\Users\Al\Downloads\rcsetup152(1).exe"
sh=3A850827FB087FB18C4E794850BAAE943D7A2B7B ft=1 fh=cb07b7692be9da1c vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="F:\PhoenixFailureRecoveredCFiles\Users\Al\Downloads\rcsetup152.exe"
sh=012CB3E628C9FAC1159A4BA01F79C6C905757FF9 ft=1 fh=2ab5bfb1b985039b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="F:\PhoenixFailureRecoveredCFiles\Users\AlanAdmin\Desktop\Security setups Phoenix\ccsetup506.exe"
sh=4CEA705682BB790C11ABEF4561B0A3A04C405172 ft=1 fh=b2e2ce7ff5f99577 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="F:\PhoenixFailureRecoveredCFiles\Users\AlanAdmin\Desktop\Security setups Phoenix\spsetup128.exe"


#15 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:03:26 PM

Posted 03 January 2016 - 11:22 AM

No problem. :)

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users