[sadburbia]

I keep getting pop-ups from avast (sometimes up to 9 different ones at a time) saying that it has found a threat called "hxxp://go.wvydeo.com/resultsa" and "hxxp://redirect.ads-free.net". I have ran a full system scan with avast, uninstall every strange and unwanted program, checked all internet browsers for add-ons and extensions that I didn't install, and still I haven't found anything. I have done what multiple sites have said to do, and the threats keep popping up.

 

I was wondering if anyone on here could help me.

 

Thanks.

[Advertisements]

Hello and welcome to Geeks To Go My nickname is Pystryker , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

• If you are receiving help for this issue at another forum, please let me know so I can close this thread.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
• At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
• If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
• This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
• It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
• If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
• If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
• Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
• Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
• Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we?


Hello, let's get a look at your system and see what's going on.


Scan with Farbar's Recovery Scan Tool (FRST)


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Place a check in the box marked Addition.txt
  
  
• Press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

[pystryker]

Hello and welcome to Geeks To Go My nickname is Pystryker , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

• If you are receiving help for this issue at another forum, please let me know so I can close this thread.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
• At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
• If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
• This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
• It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
• If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
• If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
• Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
• Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
• Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we?


Hello, let's get a look at your system and see what's going on.


Scan with Farbar's Recovery Scan Tool (FRST)


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Place a check in the box marked Addition.txt
  
  
• Press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

[sadburbia]

Here are the results of the scan:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014

Ran by Dylan (administrator) on DYLAN-PC on 27-12-2014 12:36:11

Running from C:\Users\Dylan\Desktop

Loaded Profile: Dylan (Available profiles: Dylan)

Platform: Windows 7 Ultimate (X64) OS Language: English (United States)

Internet Explorer Version 9

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe

(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(BitTorrent Inc.) C:\Users\Dylan\AppData\Roaming\uTorrent\uTorrent.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe

(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe

(Microsoft Corporation) C:\Windows\System32\audiodg.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)

HKLM-x32\...\Run: [BCSSync] => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2010-09-09] (CANON INC.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-24] (AVAST Software)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Run: [Steam] => "E:\Steam\steam.exe" -silent

HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)

HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Run: [uTorrent] => C:\Users\Dylan\AppData\Roaming\uTorrent\uTorrent.exe [1378640 2014-12-16] (BitTorrent Inc.)

Startup: C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKU\S-1-5-21-7168381-1346554665-19701182-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKU\S-1-5-21-7168381-1346554665-19701182-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL No File

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll No File

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File [ ]

Tcpip\..\Interfaces\{8E993832-3F8F-4EF9-82CB-E969C5E142DD}: [NameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File

FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-08]

 

Chrome: 

=======

CHR HomePage: Profile 1 -> hxxp://google.com.au/

CHR StartupUrls: Profile 1 -> "hxxp://google.com/"

CHR Profile: C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Google Drive) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-23]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]

CHR Extension: (YouTube) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-23]

CHR Extension: (Archive Poster) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ceakpicibkmdilicebgddflnfbpmcpgd [2013-12-07]

CHR Extension: (Adblock Plus) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-04-23]

CHR Extension: (Google Search) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-23]

CHR Extension: (XKit) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2013-05-17]

CHR Extension: (AdBlock) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-31]

CHR Extension: (Google Wallet) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR Extension: (Gmail) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-23]

CHR HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-24]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-24] (AVAST Software)

S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)

S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)

R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-24] (Wacom Technology, Corp.)

S3 DAUpdaterSvc; E:\Steam\steamapps\common\Dragon Age Origins\bin_ship\DAUpdaterSvc.Service.exe [X]

S3 Microsoft SharePoint Workspace Audit Service; "C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice [X]

S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-24] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-24] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-24] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-24] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-24] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-24] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-24] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-24] ()

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-03-08] ()

R3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2014-05-28] (MotioninJoy) [File not signed]

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

S3 MSICDSetup; \??\D:\CDriver64.sys [X]

S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-12-27 12:36 - 2014-12-27 12:36 - 00018283 _____ () C:\Users\Dylan\Desktop\FRST.txt

2014-12-27 12:32 - 2014-12-27 12:33 - 02122752 _____ (Farbar) C:\Users\Dylan\Desktop\FRST64.exe

2014-12-24 22:10 - 2014-12-24 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-12-24 22:09 - 2014-12-24 22:10 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2014-12-24 22:09 - 2014-12-24 22:10 - 00000000 ____D () C:\Program Files\iTunes

2014-12-24 22:09 - 2014-12-24 22:10 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-12-24 22:09 - 2014-12-24 22:09 - 00000000 ____D () C:\Program Files\iPod

2014-12-24 22:04 - 2014-12-24 22:05 - 00000000 ____D () C:\AdwCleaner

2014-12-24 21:48 - 2014-12-27 12:36 - 00000000 ____D () C:\FRST

2014-12-24 14:35 - 2014-12-24 14:35 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-12-24 14:35 - 2014-12-24 14:35 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-12-24 13:54 - 2014-12-24 13:54 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2014-12-24 03:12 - 2014-12-24 03:13 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage

2014-12-19 19:51 - 2014-06-23 01:17 - 00045056 _____ (KeepVid) C:\Users\Dylan\Documents\VidJoin.exe

2014-12-19 19:51 - 2014-04-11 10:04 - 27353088 _____ () C:\Users\Dylan\Documents\ffmpeg.exe

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-12-27 12:36 - 2013-03-08 21:11 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\uTorrent

2014-12-27 12:19 - 2013-03-08 19:48 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\vlc

2014-12-27 12:16 - 2013-03-08 21:15 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-12-27 11:44 - 2013-03-08 17:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-27 02:08 - 2013-03-08 17:07 - 02028357 _____ () C:\Windows\WindowsUpdate.log

2014-12-26 23:38 - 2013-06-28 01:49 - 00000000 ___RD () C:\Users\Dylan\Google Drive

2014-12-26 23:38 - 2013-04-27 13:21 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\WTablet

2014-12-26 23:37 - 2014-09-06 14:59 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}

2014-12-26 23:37 - 2013-03-08 18:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2014-12-26 23:37 - 2013-03-08 17:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-26 23:37 - 2009-07-14 15:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-26 23:37 - 2009-07-14 15:21 - 00189487 _____ () C:\Windows\setupact.log

2014-12-25 09:13 - 2009-07-14 15:15 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-25 09:13 - 2009-07-14 15:15 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-24 22:13 - 2013-03-08 19:33 - 00183986 _____ () C:\Windows\PFRO.log

2014-12-24 22:09 - 2014-05-24 11:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-12-24 22:09 - 2013-03-08 20:26 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-12-24 22:04 - 2013-09-16 03:28 - 00001058 _____ () C:\Users\Public\Desktop\VLC media player.lnk

2014-12-24 14:46 - 2013-03-08 18:33 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-12-24 14:35 - 2014-08-07 19:54 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-12-24 14:35 - 2014-01-27 03:22 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2014-12-24 14:35 - 2013-03-08 18:33 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-12-24 14:35 - 2013-03-08 18:33 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-12-24 14:35 - 2013-03-08 18:33 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-12-24 14:35 - 2013-03-08 18:33 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-12-24 14:35 - 2013-03-08 18:33 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-12-24 01:20 - 2013-09-21 15:35 - 00000000 ____D () C:\Users\Dylan\Documents\Writing

2014-12-20 22:03 - 2013-03-18 17:42 - 00000132 _____ () C:\Users\Dylan\AppData\Roaming\Adobe PNG Format CS6 Prefs

2014-12-10 21:16 - 2013-03-08 21:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-12-10 21:16 - 2013-03-08 21:15 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-12-10 21:16 - 2013-03-08 17:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-12-10 12:57 - 2013-11-26 21:41 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-12-09 15:32 - 2013-03-08 20:29 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-12-03 16:21 - 2013-04-03 21:46 - 00001456 _____ () C:\Users\Dylan\AppData\Local\Adobe Save for Web 13.0 Prefs

 

Some content of TEMP:

====================

C:\Users\Dylan\AppData\Local\Temp\nskADC0.exe

C:\Users\Dylan\AppData\Local\Temp\Quarantine.exe

C:\Users\Dylan\AppData\Local\Temp\sqlite3.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-12-27 07:34

 

==================== End Of Log ============================

[sadburbia]

Here are the Addition results:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2014

Ran by Dylan at 2014-12-27 12:36:40

Running from C:\Users\Dylan\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)

µTorrent (HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)

3TB+Unlock B12.1102.1 (HKLM-x32\...\{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}) (Version: 1.00.0001 - GIGABYTE)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004627584.48.56.38866290 - Audible, Inc.)

AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)

AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden

Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)

Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version:  - Wacom Technology Corp.)

Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)

BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)

Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version:  - )

Canon MX420 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series) (Version:  - Canon Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)

Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)

Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)

Dragon Age: Origins (HKLM-x32\...\Steam App 17450) (Version:  - BioWare)

Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)

Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden

Electronic Super Joy: Groove City (HKLM-x32\...\Steam App 301460) (Version:  - Michael Todd Games)

Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)

Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version:  - DrinkBox Studios)

Heavy Bullets (HKLM-x32\...\Steam App 297120) (Version:  - Terri Vellmann)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)

Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)

K-Lite Codec Pack 5.5.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 5.5.0 - )

KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version:  - KMP) <==== ATTENTION

L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)

Lone Survivor: The Director's Cut (HKLM-x32\...\Steam App 209830) (Version:  - Jasper Byrne)

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - )

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

My Game Long Name (HKLM\...\UDK-ccc39f60-ca93-4601-a4bb-e321a7b52c79) (Version:  - Epic Games, Inc.)

Nero12EssTSST (HKLM-x32\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)

NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)

ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)

Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)

RealWorld Paint (HKLM-x32\...\{B6694991-632B-4DA4-B636-58A862645144}) (Version: 13.1.0 - RealWorld Graphics)

resident evil 4 / biohazard 4 (HKLM-x32\...\Steam App 254700) (Version:  - Capcom)

Rocketbirds: Hardboiled Chicken version 1.0 (HKLM-x32\...\{C2C65FFD-58CA-4EEC-92CF-2117884C4822}_is1) (Version: 1.0 - )

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)

Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)

The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)

Tiny Thief (HKLM-x32\...\Steam App 257080) (Version:  - 5 Ants)

TL-WN881ND Driver (HKLM-x32\...\{B512F025-E992-44D0-B1F4-D6E1D3339C80}) (Version: 1.0.0 - TP-LINK)

Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)

TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.)

WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.)

WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Year Walk (HKLM-x32\...\Steam App 269050) (Version:  - Simogo)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-7168381-1346554665-19701182-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\Display.dll (Microsoft Corporation)

 

==================== Restore Points  =========================

 

27-12-2014 07:40:51 Scheduled Checkpoint

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 13:04 - 2009-06-11 07:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {158EBABA-D09E-485B-AC5B-E870EB8A45FE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-24] (AVAST Software)

Task: {18A63B9F-7C41-400C-AB97-A9F5F7571B88} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {1AF1C898-4957-44DD-8E9B-6E0D96AFE70D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()

Task: {1EA787E9-0F07-464C-96EF-10F7FAAE124C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)

Task: {2EE64472-CBD8-4C71-A580-9926A09D4EA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-26] (Piriform Ltd)

Task: {4A2E611F-2C0C-4200-87C6-FCEF3F505167} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()

Task: {73968138-4F32-402E-BE7A-51465A215B7A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)

Task: {78615E5A-405C-49B2-94FA-89DC525EF64E} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-04-29] ()

Task: {8B6C33A0-4355-47F3-9F66-08582CF7B9D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)

Task: {B53285DA-26A5-469D-8583-459CEED4719D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-02-13 13:07 - 2013-08-29 10:53 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2014-12-26 07:06 - 2014-12-26 07:06 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122501\algo.dll

2014-12-27 07:40 - 2014-12-27 07:40 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122601\algo.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

2014-12-26 23:37 - 2014-12-26 23:37 - 00098816 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32api.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00110080 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\pywintypes27.dll

2014-12-26 23:37 - 2014-12-26 23:37 - 00364544 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\pythoncom27.dll

2014-12-26 23:37 - 2014-12-26 23:37 - 00045568 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\_socket.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 01160704 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\_ssl.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00320512 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32com.shell.shell.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00713216 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\_hashlib.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 01175040 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\wx._core_.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00805888 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\wx._gdi_.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00811008 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\wx._windows_.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 01062400 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\wx._controls_.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00735232 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\wx._misc_.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00128512 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\_elementtree.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00127488 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\pyexpat.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00557056 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\pysqlite2._sqlite.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00087552 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\_ctypes.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00119808 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32file.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00108544 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32security.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00007168 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\hashobjs_ext.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00167936 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32gui.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00018432 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32event.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00038912 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32inet.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00011264 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32crypt.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00070656 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\wx._html2.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00027136 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\_multiprocessing.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00035840 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32process.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00686080 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\unicodedata.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00122368 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\wx._wizard.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00024064 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32pipe.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00025600 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32pdh.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00525640 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\windows._lib_cacheinvalidation.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00010240 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\select.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00017408 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32profile.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00022528 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\win32ts.pyd

2014-12-26 23:37 - 2014-12-26 23:37 - 00078336 _____ () C:\Users\Dylan\AppData\Local\Temp\_MEI28962\wx._animate.pyd

2013-02-13 13:08 - 2013-08-29 10:55 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

2014-12-24 14:35 - 2014-12-24 14:35 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2013-09-10 04:47 - 2012-10-22 12:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll

2013-09-10 04:47 - 2012-07-09 18:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll

2013-09-10 04:47 - 2011-12-06 17:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll

2013-09-10 04:47 - 2012-03-23 11:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll

2013-03-08 17:47 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2014-12-13 00:45 - 2014-12-06 12:20 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll

2014-12-13 00:45 - 2014-12-06 12:20 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll

2014-12-13 00:45 - 2014-12-06 12:20 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll

2014-12-13 00:45 - 2014-12-06 12:20 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

2014-10-11 13:05 - 2014-10-11 13:05 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\ProgramData\TEMP:888AFB86

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-7168381-1346554665-19701182-500 - Administrator - Disabled)

Dylan (S-1-5-21-7168381-1346554665-19701182-1000 - Administrator - Enabled) => C:\Users\Dylan

Guest (S-1-5-21-7168381-1346554665-19701182-501 - Limited - Disabled)

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/27/2014 01:29:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 10046

 

Error: (12/27/2014 01:29:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 10046

 

Error: (12/27/2014 01:29:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/27/2014 01:29:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 9016

 

Error: (12/27/2014 01:29:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 9016

 

Error: (12/27/2014 01:29:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/27/2014 01:29:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8018

 

Error: (12/27/2014 01:29:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8018

 

Error: (12/27/2014 01:29:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/27/2014 01:29:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

 

 

System errors:

=============

Error: (12/26/2014 00:42:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (12/26/2014 03:10:37 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR1.

 

Error: (12/25/2014 07:08:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Windows Update service hung on starting.

 

Error: (12/25/2014 09:43:42 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Windows Update service hung on starting.

 

Error: (12/25/2014 09:37:03 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 9:35:13 AM on ‎25/‎12/‎2014 was unexpected.

 

Error: (12/25/2014 08:15:31 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

 

Error: (12/25/2014 02:42:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (12/24/2014 10:41:41 PM) (Source: volsnap) (EventID: 36) (User: )

Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

 

Error: (12/24/2014 10:19:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Windows Update service hung on starting.

 

Error: (12/24/2014 10:17:14 PM) (Source: BROWSER) (EventID: 8032) (User: )

Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{8E993832-3F8F-4EF9-82CB-E969C5E142DD}.

The backup browser is stopping.

 

 

Microsoft Office Sessions:

=========================

Error: (12/27/2014 01:29:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 10046

 

Error: (12/27/2014 01:29:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 10046

 

Error: (12/27/2014 01:29:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/27/2014 01:29:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 9016

 

Error: (12/27/2014 01:29:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 9016

 

Error: (12/27/2014 01:29:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/27/2014 01:29:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8018

 

Error: (12/27/2014 01:29:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8018

 

Error: (12/27/2014 01:29:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (12/27/2014 01:29:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core™ i5-3570 CPU @ 3.40GHz

Percentage of memory in use: 37%

Total physical RAM: 8138.16 MB

Available physical RAM: 5072.52 MB

Total Pagefile: 16274.45 MB

Available Pagefile: 12552.71 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:48.73 GB) (Free:6.18 GB) NTFS

Drive e: (New Volume) (Fixed) (Total:882.68 GB) (Free:108.47 GB) NTFS

Drive f: (Elements) (Fixed) (Total:1863.01 GB) (Free:200.95 GB) NTFS

Drive g: (New Volume) (Fixed) (Total:931.51 GB) (Free:230.32 GB) NTFS

Drive v: (Other Stuff) (Network) (Total:1071.34 GB) (Free:1008.26 GB) NTFS

Drive w: (Movies) (Network) (Total:976.56 GB) (Free:732 GB) NTFS

Drive x: (Games) (Network) (Total:976.56 GB) (Free:849.72 GB) NTFS

Drive y: (Downloads.) (Network) (Total:1817.83 GB) (Free:1203.99 GB) NTFS

Drive z: (Tv shows) (Network) (Total:2794.39 GB) (Free:1718.8 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A9912835)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=882.7 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 001A85C3)

Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

 

========================================================

Disk: 2 (Size: 931.5 GB) (Disk ID: 90909090)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

[pystryker]

Hello

Not see anything malware related in the logs, but we'll give it a good scrubbing and run some further scans to make sure nothing is lurking.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: P2P Warning and Program Uninstalls


The Dangers of P2P Programs

I noticed that you have a P2P file sharing program (Bit Torrent) on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams

USA Today Artticle on P2P Programs

File Sharing Infects 500,000 Computers

I very much recommend you uninstall this program from your machine. If not, I can guarantee you will be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.


Program Uninstalls

Please uninstall the following program as it is a known adware/malware program is a danger to the security of your machine.

KMP Service


Step 2: Fix with FRST

• Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
• Right-click in the open notepad and select Paste).
• Save it on the desktop as fixlist.txt

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
AlternateDataStreams: C:\ProgramData\TEMP:888AFB86
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
Emptytemp:
Hosts:
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: Junkware Removal Tool


Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 4: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop

• Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
• Close any open windows or browsers.
• Pause your Anti-Virus program if it is running.
• Once it starts, click on the Scan button.
• Let the scan complete itself. This may take a few minutes.
• Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
• When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
  • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
  This report is also saved at C:\AdwCleaner[R0].txt

Step 5: Scan with TDSSKiller


Please download TDSSKiller to the desktop.

Alternate download is here.

• Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
• When the main GUI(graphical user interface) window opens, click on Change Parameters
• Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
• Click on Start Scan, the scan will run.
• When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
• A Report will have been created by TDSSKiller in your root directory C:\
• To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
• Post the contents of that log in your next reply please.

Note: Do not have TDSSKiller remove anything if found at this point in time!


Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

Fixlog.txt Log

Junkware Removal Tool Log

AdwCleaner Log

TDSSKiller Log

How is the machine running? Any further warnings?

[sadburbia]

Here is the Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-12-2014

Ran by Dylan at 2014-12-27 13:31:25 Run:2

Running from C:\Users\Dylan\Desktop

Loaded Profile: Dylan (Available profiles: Dylan)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Start

CreateRestorePoint:

CloseProcesses:

HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Run: [AdobeBridge] => [X]

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL No File

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL No File

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File

CHR HKU\S-1-5-21-7168381-1346554665-19701182-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

AlternateDataStreams: C:\ProgramData\TEMP:888AFB86

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state on

CMD: ipconfig /flushdns

Emptytemp:

Hosts:

End

*****************

 

Restore point was successfully created.

Processes closed successfully.

HKU\S-1-5-21-7168381-1346554665-19701182-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}" => Key deleted successfully.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" => Key deleted successfully.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}" => Key deleted successfully.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}" => Key deleted successfully.

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" => Key deleted successfully.

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => Key deleted successfully.

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.

"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.

"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0" => Key deleted successfully.

"HKU\S-1-5-21-7168381-1346554665-19701182-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.

C:\ProgramData\TEMP => ":888AFB86" ADS removed successfully.

 

=========  netsh advfirewall reset =========

 

Ok.

 

 

========= End of CMD: =========

 

 

=========  netsh advfirewall set allprofiles state on =========

 

Ok.

 

 

========= End of CMD: =========

 

 

=========  ipconfig /flushdns =========

 

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========= End of CMD: =========

 

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.

Hosts was reset successfully.

EmptyTemp: => Removed 726.1 MB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog 13:33:52 ====

[sadburbia]

Here is the Junkware Removal Tool log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.0 (11.29.2014:1)

OS: Windows 7 Ultimate x64

Ran by Dylan on Sat 27/12/2014 at 13:40:51.47

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-7168381-1346554665-19701182-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\KMPAskPIPCount_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\KMPAskPIPCount_RASMANCS

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\Users\Dylan\AppData\Roaming\babylon"

Successfully deleted: [Folder] "C:\Users\Dylan\appdata\local\babylon"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 27/12/2014 at 13:43:33.72

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[sadburbia]

Here is the AdwCleaner Log:

 

# AdwCleaner v4.106 - Report created 27/12/2014 at 13:47:11

# Updated 21/12/2014 by Xplode

# Database : 2014-12-21.4 [Live]

# Operating System : Windows 7 Ultimate  (64 bits)

# Username : Dylan - DYLAN-PC

# Running from : C:\Users\Dylan\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Program Files\Hola

File Deleted : C:\END

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKCU\Software\Conduit

Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16470

 

 

-\\ Google Chrome v39.0.2171.95

 

 

-\\ Chromium v

 

 

*************************

 

AdwCleaner[R0].txt - [2802 octets] - [24/12/2014 22:04:26]

AdwCleaner[R1].txt - [1124 octets] - [27/12/2014 13:46:14]

AdwCleaner[S0].txt - [347 octets] - [24/12/2014 22:05:28]

AdwCleaner[S1].txt - [1011 octets] - [27/12/2014 13:47:11]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1071 octets] ##########

[sadburbia]

Here is the TDSS Killer log:

 

13:52:43.0898 0x1c04  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20

13:52:57.0831 0x1c04  ============================================================

13:52:57.0831 0x1c04  Current date / time: 2014/12/27 13:52:57.0831

13:52:57.0831 0x1c04  SystemInfo:

13:52:57.0831 0x1c04  

13:52:57.0831 0x1c04  OS Version: 6.1.7600 ServicePack: 0.0

13:52:57.0831 0x1c04  Product type: Workstation

13:52:57.0831 0x1c04  ComputerName: DYLAN-PC

13:52:57.0831 0x1c04  UserName: Dylan

13:52:57.0831 0x1c04  Windows directory: C:\Windows

13:52:57.0831 0x1c04  System windows directory: C:\Windows

13:52:57.0831 0x1c04  Running under WOW64

13:52:57.0831 0x1c04  Processor architecture: Intel x64

13:52:57.0831 0x1c04  Number of processors: 4

13:52:57.0831 0x1c04  Page size: 0x1000

13:52:57.0831 0x1c04  Boot type: Normal boot

13:52:57.0831 0x1c04  ============================================================

13:53:04.0254 0x1c04  KLMD registered as C:\Windows\system32\drivers\57258069.sys

13:53:04.0444 0x1c04  System UUID: {A5AA9F7D-D41B-F04A-4E29-E3F40417DC48}

13:53:04.0846 0x1c04  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:53:04.0846 0x1c04  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

13:53:04.0856 0x1c04  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

13:53:04.0856 0x1c04  ============================================================

13:53:04.0856 0x1c04  \Device\Harddisk0\DR0:

13:53:04.0856 0x1c04  MBR partitions:

13:53:04.0856 0x1c04  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

13:53:04.0856 0x1c04  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6175800

13:53:04.0856 0x1c04  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x61A8000, BlocksNum 0x6E55D800

13:53:04.0856 0x1c04  \Device\Harddisk1\DR1:

13:53:04.0866 0x1c04  MBR partitions:

13:53:04.0866 0x1c04  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000

13:53:04.0866 0x1c04  \Device\Harddisk2\DR2:

13:53:04.0866 0x1c04  MBR partitions:

13:53:04.0866 0x1c04  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800

13:53:04.0866 0x1c04  ============================================================

13:53:04.0896 0x1c04  C: <-> \Device\Harddisk0\DR0\Partition2

13:53:05.0026 0x1c04  E: <-> \Device\Harddisk0\DR0\Partition3

13:53:05.0446 0x1c04  F: <-> \Device\Harddisk1\DR1\Partition1

13:53:05.0496 0x1c04  G: <-> \Device\Harddisk2\DR2\Partition1

13:53:05.0496 0x1c04  ============================================================

13:53:05.0496 0x1c04  Initialize success

13:53:05.0496 0x1c04  ============================================================

13:53:25.0594 0x22bc  ============================================================

13:53:25.0594 0x22bc  Scan started

13:53:25.0594 0x22bc  Mode: Manual; SigCheck; TDLFS; 

13:53:25.0594 0x22bc  ============================================================

13:53:25.0594 0x22bc  KSN ping started

13:53:29.0424 0x22bc  KSN ping finished: true

13:53:33.0202 0x22bc  ================ Scan system memory ========================

13:53:33.0202 0x22bc  System memory - ok

13:53:33.0202 0x22bc  ================ Scan services =============================

13:53:33.0312 0x22bc  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys

13:53:33.0362 0x22bc  1394ohci - ok

13:53:33.0392 0x22bc  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys

13:53:33.0412 0x22bc  ACPI - ok

13:53:33.0422 0x22bc  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys

13:53:33.0442 0x22bc  AcpiPmi - ok

13:53:33.0522 0x22bc  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

13:53:33.0532 0x22bc  AdobeARMservice - ok

13:53:33.0602 0x22bc  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

13:53:33.0622 0x22bc  AdobeFlashPlayerUpdateSvc - ok

13:53:33.0642 0x22bc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

13:53:33.0662 0x22bc  adp94xx - ok

13:53:33.0682 0x22bc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

13:53:33.0692 0x22bc  adpahci - ok

13:53:33.0722 0x22bc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

13:53:33.0742 0x22bc  adpu320 - ok

13:53:33.0782 0x22bc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

13:53:33.0822 0x22bc  AeLookupSvc - ok

13:53:33.0872 0x22bc  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys

13:53:33.0902 0x22bc  AFD - ok

13:53:33.0922 0x22bc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys

13:53:33.0932 0x22bc  agp440 - ok

13:53:33.0952 0x22bc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

13:53:33.0972 0x22bc  ALG - ok

13:53:33.0982 0x22bc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys

13:53:33.0992 0x22bc  aliide - ok

13:53:34.0022 0x22bc  [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

13:53:34.0052 0x22bc  AMD External Events Utility - ok

13:53:34.0072 0x22bc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys

13:53:34.0082 0x22bc  amdide - ok

13:53:34.0092 0x22bc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

13:53:34.0112 0x22bc  AmdK8 - ok

13:53:34.0346 0x22bc  [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

13:53:34.0676 0x22bc  amdkmdag - ok

13:53:34.0716 0x22bc  [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

13:53:34.0746 0x22bc  amdkmdap - ok

13:53:34.0756 0x22bc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

13:53:34.0776 0x22bc  AmdPPM - ok

13:53:34.0786 0x22bc  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys

13:53:34.0806 0x22bc  amdsata - ok

13:53:34.0826 0x22bc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

13:53:34.0846 0x22bc  amdsbs - ok

13:53:34.0846 0x22bc  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys

13:53:34.0856 0x22bc  amdxata - ok

13:53:34.0876 0x22bc  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys

13:53:34.0906 0x22bc  AppID - ok

13:53:34.0916 0x22bc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

13:53:34.0956 0x22bc  AppIDSvc - ok

13:53:34.0966 0x22bc  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll

13:53:34.0976 0x22bc  Appinfo - ok

13:53:35.0016 0x22bc  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:53:35.0026 0x22bc  Apple Mobile Device - ok

13:53:35.0056 0x22bc  [ CC19A6452BA688EA32D14D8DBEC190F4, 6D52B63926E1766DB8BD00CC5CC0AD9EA3B68FC1E6C66FAF4E899606437468A3 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys

13:53:35.0066 0x22bc  AppleCharger - ok

13:53:35.0076 0x22bc  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe

13:53:35.0086 0x22bc  AppleChargerSrv - ok

13:53:35.0106 0x22bc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll

13:53:35.0136 0x22bc  AppMgmt - ok

13:53:35.0146 0x22bc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys

13:53:35.0156 0x22bc  arc - ok

13:53:35.0176 0x22bc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

13:53:35.0186 0x22bc  arcsas - ok

13:53:35.0216 0x22bc  [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys

13:53:35.0236 0x22bc  aswHwid - ok

13:53:35.0256 0x22bc  [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys

13:53:35.0266 0x22bc  aswMonFlt - ok

13:53:35.0286 0x22bc  [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys

13:53:35.0306 0x22bc  aswRdr - ok

13:53:35.0316 0x22bc  [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys

13:53:35.0326 0x22bc  aswRvrt - ok

13:53:35.0386 0x22bc  [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys

13:53:35.0426 0x22bc  aswSnx - ok

13:53:35.0456 0x22bc  [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP           C:\Windows\system32\drivers\aswSP.sys

13:53:35.0476 0x22bc  aswSP - ok

13:53:35.0516 0x22bc  [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm          C:\Windows\system32\drivers\aswStm.sys

13:53:35.0526 0x22bc  aswStm - ok

13:53:35.0546 0x22bc  [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys

13:53:35.0556 0x22bc  aswVmm - ok

13:53:35.0566 0x22bc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

13:53:35.0606 0x22bc  AsyncMac - ok

13:53:35.0616 0x22bc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys

13:53:35.0626 0x22bc  atapi - ok

13:53:35.0676 0x22bc  [ 7D89B0C443F6068E5B27AA3B972069FF, 34CBB7D44D060F1D614BCA1357C8A260A002C21E67D33E819F57815AC400CCBD ] athr            C:\Windows\system32\DRIVERS\athrx.sys

13:53:35.0766 0x22bc  athr - ok

13:53:35.0806 0x22bc  [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys

13:53:35.0826 0x22bc  AtiHDAudioService - ok

13:53:35.0866 0x22bc  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

13:53:35.0926 0x22bc  AudioEndpointBuilder - ok

13:53:35.0946 0x22bc  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

13:53:35.0986 0x22bc  AudioSrv - ok

13:53:36.0036 0x22bc  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

13:53:36.0046 0x22bc  avast! Antivirus - ok

13:53:36.0056 0x22bc  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

13:53:36.0086 0x22bc  AxInstSV - ok

13:53:36.0116 0x22bc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

13:53:36.0146 0x22bc  b06bdrv - ok

13:53:36.0166 0x22bc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

13:53:36.0196 0x22bc  b57nd60a - ok

13:53:36.0196 0x22bc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

13:53:36.0226 0x22bc  BDESVC - ok

13:53:36.0246 0x22bc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

13:53:36.0276 0x22bc  Beep - ok

13:53:36.0306 0x22bc  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll

13:53:36.0376 0x22bc  BFE - ok

13:53:36.0406 0x22bc  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll

13:53:36.0466 0x22bc  BITS - ok

13:53:36.0476 0x22bc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

13:53:36.0486 0x22bc  blbdrive - ok

13:53:36.0516 0x22bc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

13:53:36.0556 0x22bc  Bonjour Service - ok

13:53:36.0586 0x22bc  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

13:53:36.0606 0x22bc  bowser - ok

13:53:36.0606 0x22bc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:53:36.0636 0x22bc  BrFiltLo - ok

13:53:36.0636 0x22bc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:53:36.0656 0x22bc  BrFiltUp - ok

13:53:36.0676 0x22bc  [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser         C:\Windows\System32\browser.dll

13:53:36.0696 0x22bc  Browser - ok

13:53:36.0706 0x22bc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

13:53:36.0726 0x22bc  Brserid - ok

13:53:36.0756 0x22bc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

13:53:36.0766 0x22bc  BrSerWdm - ok

13:53:36.0766 0x22bc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

13:53:36.0786 0x22bc  BrUsbMdm - ok

13:53:36.0786 0x22bc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

13:53:36.0796 0x22bc  BrUsbSer - ok

13:53:36.0836 0x22bc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys

13:53:36.0866 0x22bc  BthEnum - ok

13:53:36.0876 0x22bc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

13:53:36.0886 0x22bc  BTHMODEM - ok

13:53:36.0936 0x22bc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys

13:53:36.0956 0x22bc  BthPan - ok

13:53:37.0007 0x22bc  [ D59773C7FDD3D795D6FE402EEEA8D71E, 9A26A1A3254D7BCDFADFFC9FD5D1A53A3DF12AC874FB2525AD33B87E42EFC5B1 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys

13:53:37.0027 0x22bc  BTHPORT - ok

13:53:37.0037 0x22bc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

13:53:37.0067 0x22bc  bthserv - ok

13:53:37.0107 0x22bc  [ 8504842634DD144C075B6B0C982CCEC4, BFBB8D67F146FBD4813BB8B29A3865C222966DA2B043732A5BCD759A40F4E5CE ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys

13:53:37.0117 0x22bc  BTHUSB - ok

13:53:37.0137 0x22bc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

13:53:37.0167 0x22bc  cdfs - ok

13:53:37.0177 0x22bc  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

13:53:37.0197 0x22bc  cdrom - ok

13:53:37.0197 0x22bc  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll

13:53:37.0227 0x22bc  CertPropSvc - ok

13:53:37.0237 0x22bc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

13:53:37.0257 0x22bc  circlass - ok

13:53:37.0277 0x22bc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

13:53:37.0297 0x22bc  CLFS - ok

13:53:37.0327 0x22bc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:53:37.0347 0x22bc  clr_optimization_v2.0.50727_32 - ok

13:53:37.0387 0x22bc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:53:37.0397 0x22bc  clr_optimization_v2.0.50727_64 - ok

13:53:37.0457 0x22bc  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:53:37.0497 0x22bc  clr_optimization_v4.0.30319_32 - ok

13:53:37.0527 0x22bc  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:53:37.0547 0x22bc  clr_optimization_v4.0.30319_64 - ok

13:53:37.0547 0x22bc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

13:53:37.0557 0x22bc  CmBatt - ok

13:53:37.0567 0x22bc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys

13:53:37.0577 0x22bc  cmdide - ok

13:53:37.0597 0x22bc  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys

13:53:37.0637 0x22bc  CNG - ok

13:53:37.0647 0x22bc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

13:53:37.0657 0x22bc  Compbatt - ok

13:53:37.0687 0x22bc  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

13:53:37.0717 0x22bc  CompositeBus - ok

13:53:37.0767 0x22bc  COMSysApp - ok

13:53:37.0777 0x22bc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

13:53:37.0797 0x22bc  crcdisk - ok

13:53:37.0877 0x22bc  [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

13:53:37.0957 0x22bc  CryptSvc - ok

13:53:37.0977 0x22bc  [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC             C:\Windows\system32\drivers\csc.sys

13:53:38.0007 0x22bc  CSC - ok

13:53:38.0027 0x22bc  [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService      C:\Windows\System32\cscsvc.dll

13:53:38.0067 0x22bc  CscService - ok

13:53:38.0087 0x22bc  DAUpdaterSvc - ok

13:53:38.0117 0x22bc  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll

13:53:38.0157 0x22bc  DcomLaunch - ok

13:53:38.0177 0x22bc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

13:53:38.0217 0x22bc  defragsvc - ok

13:53:38.0247 0x22bc  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

13:53:38.0257 0x22bc  DfsC - ok

13:53:38.0277 0x22bc  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

13:53:38.0307 0x22bc  Dhcp - ok

13:53:38.0319 0x22bc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

13:53:38.0355 0x22bc  discache - ok

13:53:38.0364 0x22bc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys

13:53:38.0376 0x22bc  Disk - ok

13:53:38.0403 0x22bc  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

13:53:38.0433 0x22bc  Dnscache - ok

13:53:38.0443 0x22bc  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll

13:53:38.0473 0x22bc  dot3svc - ok

13:53:38.0493 0x22bc  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll

13:53:38.0523 0x22bc  DPS - ok

13:53:38.0553 0x22bc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

13:53:38.0573 0x22bc  drmkaud - ok

13:53:38.0613 0x22bc  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

13:53:38.0643 0x22bc  DXGKrnl - ok

13:53:38.0653 0x22bc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

13:53:38.0693 0x22bc  EapHost - ok

13:53:38.0773 0x22bc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

13:53:38.0903 0x22bc  ebdrv - ok

13:53:38.0933 0x22bc  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe

13:53:38.0943 0x22bc  EFS - ok

13:53:39.0003 0x22bc  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

13:53:39.0043 0x22bc  ehRecvr - ok

13:53:39.0083 0x22bc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

13:53:39.0093 0x22bc  ehSched - ok

13:53:39.0123 0x22bc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

13:53:39.0143 0x22bc  elxstor - ok

13:53:39.0153 0x22bc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys

13:53:39.0173 0x22bc  ErrDev - ok

13:53:39.0233 0x22bc  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys

13:53:39.0243 0x22bc  etdrv - ok

13:53:39.0263 0x22bc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

13:53:39.0303 0x22bc  EventSystem - ok

13:53:39.0303 0x22bc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

13:53:39.0333 0x22bc  exfat - ok

13:53:39.0343 0x22bc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

13:53:39.0403 0x22bc  fastfat - ok

13:53:39.0443 0x22bc  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe

13:53:39.0473 0x22bc  Fax - ok

13:53:39.0483 0x22bc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

13:53:39.0513 0x22bc  fdc - ok

13:53:39.0523 0x22bc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

13:53:39.0553 0x22bc  fdPHost - ok

13:53:39.0563 0x22bc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

13:53:39.0593 0x22bc  FDResPub - ok

13:53:39.0593 0x22bc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

13:53:39.0613 0x22bc  FileInfo - ok

13:53:39.0623 0x22bc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

13:53:39.0663 0x22bc  Filetrace - ok

13:53:39.0663 0x22bc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

13:53:39.0673 0x22bc  flpydisk - ok

13:53:39.0703 0x22bc  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

13:53:39.0713 0x22bc  FltMgr - ok

13:53:39.0753 0x22bc  [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache       C:\Windows\system32\FntCache.dll

13:53:39.0803 0x22bc  FontCache - ok

13:53:39.0823 0x22bc  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:53:39.0833 0x22bc  FontCache3.0.0.0 - ok

13:53:39.0843 0x22bc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

13:53:39.0853 0x22bc  FsDepends - ok

13:53:39.0873 0x22bc  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

13:53:39.0883 0x22bc  Fs_Rec - ok

13:53:39.0913 0x22bc  [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

13:53:39.0933 0x22bc  fvevol - ok

13:53:39.0933 0x22bc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

13:53:39.0954 0x22bc  gagp30kx - ok

13:53:39.0967 0x22bc  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys

13:53:39.0987 0x22bc  gdrv - ok

13:53:40.0007 0x22bc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

13:53:40.0017 0x22bc  GEARAspiWDM - ok

13:53:40.0047 0x22bc  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll

13:53:40.0097 0x22bc  gpsvc - ok

13:53:40.0147 0x22bc  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:53:40.0157 0x22bc  gupdate - ok

13:53:40.0157 0x22bc  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:53:40.0177 0x22bc  gupdatem - ok

13:53:40.0207 0x22bc  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys

13:53:40.0227 0x22bc  GVTDrv64 - ok

13:53:40.0227 0x22bc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

13:53:40.0257 0x22bc  hcw85cir - ok

13:53:40.0287 0x22bc  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

13:53:40.0317 0x22bc  HdAudAddService - ok

13:53:40.0347 0x22bc  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

13:53:40.0367 0x22bc  HDAudBus - ok

13:53:40.0377 0x22bc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

13:53:40.0397 0x22bc  HidBatt - ok

13:53:40.0427 0x22bc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

13:53:40.0457 0x22bc  HidBth - ok

13:53:40.0457 0x22bc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

13:53:40.0484 0x22bc  HidIr - ok

13:53:40.0488 0x22bc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

13:53:40.0518 0x22bc  hidserv - ok

13:53:40.0528 0x22bc  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

13:53:40.0538 0x22bc  HidUsb - ok

13:53:40.0568 0x22bc  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll

13:53:40.0598 0x22bc  hkmsvc - ok

13:53:40.0618 0x22bc  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll

13:53:40.0638 0x22bc  HomeGroupListener - ok

13:53:40.0648 0x22bc  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

13:53:40.0678 0x22bc  HomeGroupProvider - ok

13:53:40.0698 0x22bc  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys

13:53:40.0708 0x22bc  HpSAMD - ok

13:53:40.0788 0x22bc  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys

13:53:40.0828 0x22bc  HTTP - ok

13:53:40.0858 0x22bc  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

13:53:40.0868 0x22bc  hwpolicy - ok

13:53:40.0888 0x22bc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

13:53:40.0908 0x22bc  i8042prt - ok

13:53:40.0938 0x22bc  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

13:53:40.0958 0x22bc  iaStorV - ok

13:53:41.0018 0x22bc  [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

13:53:41.0048 0x22bc  ICCS - detected UnsignedFile.Multi.Generic ( 1 )

13:53:44.0462 0x22bc  Detect skipped due to KSN trusted

13:53:44.0462 0x22bc  ICCS - ok

13:53:44.0502 0x22bc  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

13:53:44.0532 0x22bc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )

13:53:48.0135 0x22bc  Detect skipped due to KSN trusted

13:53:48.0135 0x22bc  IDriverT - ok

13:53:48.0175 0x22bc  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:53:48.0225 0x22bc  idsvc - ok

13:53:48.0235 0x22bc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

13:53:48.0245 0x22bc  iirsp - ok

13:53:48.0285 0x22bc  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll

13:53:48.0355 0x22bc  IKEEXT - ok

13:53:48.0455 0x22bc  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

13:53:48.0545 0x22bc  IntcAzAudAddService - ok

13:53:48.0605 0x22bc  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

13:53:48.0635 0x22bc  Intel® Capability Licensing Service Interface - ok

13:53:48.0675 0x22bc  [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

13:53:48.0685 0x22bc  Intel® ME Service - ok

13:53:48.0695 0x22bc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys

13:53:48.0705 0x22bc  intelide - ok

13:53:48.0735 0x22bc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

13:53:48.0755 0x22bc  intelppm - ok

13:53:48.0785 0x22bc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

13:53:48.0825 0x22bc  IPBusEnum - ok

13:53:48.0835 0x22bc  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:53:48.0855 0x22bc  IpFilterDriver - ok

13:53:48.0885 0x22bc  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

13:53:48.0925 0x22bc  iphlpsvc - ok

13:53:48.0935 0x22bc  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys

13:53:48.0945 0x22bc  IPMIDRV - ok

13:53:48.0955 0x22bc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

13:53:48.0985 0x22bc  IPNAT - ok

13:53:49.0065 0x22bc  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

13:53:49.0085 0x22bc  iPod Service - ok

13:53:49.0115 0x22bc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

13:53:49.0135 0x22bc  IRENUM - ok

13:53:49.0145 0x22bc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys

13:53:49.0155 0x22bc  isapnp - ok

13:53:49.0185 0x22bc  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

13:53:49.0205 0x22bc  iScsiPrt - ok

13:53:49.0295 0x22bc  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe

13:53:49.0305 0x22bc  iumsvc - ok

13:53:49.0325 0x22bc  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys

13:53:49.0335 0x22bc  iusb3hcs - ok

13:53:49.0355 0x22bc  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys

13:53:49.0375 0x22bc  iusb3hub - ok

13:53:49.0395 0x22bc  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys

13:53:49.0415 0x22bc  iusb3xhc - ok

13:53:49.0445 0x22bc  [ 4F0F3FDE7F571531B356B8BAB55DDF05, 822285DFAAEE50388C459F82E0C7EE881108482DD01C47C8D30E4969CFFB4FEF ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

13:53:49.0455 0x22bc  jhi_service - ok

13:53:49.0465 0x22bc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

13:53:49.0475 0x22bc  kbdclass - ok

13:53:49.0485 0x22bc  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

13:53:49.0505 0x22bc  kbdhid - ok

13:53:49.0505 0x22bc  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe

13:53:49.0525 0x22bc  KeyIso - ok

13:53:49.0555 0x22bc  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

13:53:49.0565 0x22bc  KSecDD - ok

13:53:49.0575 0x22bc  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

13:53:49.0585 0x22bc  KSecPkg - ok

13:53:49.0595 0x22bc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

13:53:49.0625 0x22bc  ksthunk - ok

13:53:49.0655 0x22bc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

13:53:49.0695 0x22bc  KtmRm - ok

13:53:49.0715 0x22bc  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\system32\srvsvc.dll

13:53:49.0755 0x22bc  LanmanServer - ok

13:53:49.0775 0x22bc  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

13:53:49.0805 0x22bc  LanmanWorkstation - ok

13:53:49.0815 0x22bc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

13:53:49.0845 0x22bc  lltdio - ok

13:53:49.0875 0x22bc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

13:53:49.0915 0x22bc  lltdsvc - ok

13:53:49.0925 0x22bc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

13:53:49.0955 0x22bc  lmhosts - ok

13:53:49.0965 0x22bc  [ 32BB92C41C73D0213B417AAEF83E3D30, A6FF20FCD4CB7C4980FFE7BF5A3FB32F4453FE9E8800E08E7235A28A42B224D2 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

13:53:49.0975 0x22bc  LMS - ok

13:53:49.0996 0x22bc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

13:53:50.0016 0x22bc  LSI_FC - ok

13:53:50.0016 0x22bc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

13:53:50.0026 0x22bc  LSI_SAS - ok

13:53:50.0036 0x22bc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:53:50.0046 0x22bc  LSI_SAS2 - ok

13:53:50.0056 0x22bc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:53:50.0076 0x22bc  LSI_SCSI - ok

13:53:50.0096 0x22bc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

13:53:50.0126 0x22bc  luafv - ok

13:53:50.0136 0x22bc  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

13:53:50.0146 0x22bc  Mcx2Svc - ok

13:53:50.0156 0x22bc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

13:53:50.0166 0x22bc  megasas - ok

13:53:50.0176 0x22bc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

13:53:50.0196 0x22bc  MegaSR - ok

13:53:50.0216 0x22bc  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys

13:53:50.0226 0x22bc  MEIx64 - ok

13:53:50.0256 0x22bc  Microsoft SharePoint Workspace Audit Service - ok

13:53:50.0276 0x22bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

13:53:50.0316 0x22bc  MMCSS - ok

13:53:50.0336 0x22bc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

13:53:50.0376 0x22bc  Modem - ok

13:53:50.0386 0x22bc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

13:53:50.0406 0x22bc  monitor - ok

13:53:50.0436 0x22bc  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys

13:53:50.0456 0x22bc  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )

13:53:53.0791 0x22bc  Detect skipped due to KSN trusted

13:53:53.0791 0x22bc  MotioninJoyXFilter - ok

13:53:53.0811 0x22bc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

13:53:53.0821 0x22bc  mouclass - ok

13:53:53.0841 0x22bc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

13:53:53.0851 0x22bc  mouhid - ok

13:53:53.0861 0x22bc  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

13:53:53.0871 0x22bc  mountmgr - ok

13:53:53.0881 0x22bc  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys

13:53:53.0891 0x22bc  mpio - ok

13:53:53.0911 0x22bc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

13:53:53.0941 0x22bc  mpsdrv - ok

13:53:53.0971 0x22bc  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll

13:53:54.0041 0x22bc  MpsSvc - ok

13:53:54.0051 0x22bc  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

13:53:54.0081 0x22bc  MRxDAV - ok

13:53:54.0101 0x22bc  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

13:53:54.0121 0x22bc  mrxsmb - ok

13:53:54.0131 0x22bc  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:53:54.0181 0x22bc  mrxsmb10 - ok

13:53:54.0201 0x22bc  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:53:54.0221 0x22bc  mrxsmb20 - ok

13:53:54.0251 0x22bc  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys

13:53:54.0261 0x22bc  msahci - ok

13:53:54.0271 0x22bc  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys

13:53:54.0281 0x22bc  msdsm - ok

13:53:54.0301 0x22bc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

13:53:54.0321 0x22bc  MSDTC - ok

13:53:54.0331 0x22bc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

13:53:54.0351 0x22bc  Msfs - ok

13:53:54.0371 0x22bc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

13:53:54.0411 0x22bc  mshidkmdf - ok

13:53:54.0431 0x22bc  MSICDSetup - ok

13:53:54.0431 0x22bc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys

13:53:54.0441 0x22bc  msisadrv - ok

13:53:54.0461 0x22bc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

13:53:54.0501 0x22bc  MSiSCSI - ok

13:53:54.0501 0x22bc  msiserver - ok

13:53:54.0521 0x22bc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

13:53:54.0551 0x22bc  MSKSSRV - ok

13:53:54.0578 0x22bc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

13:53:54.0602 0x22bc  MSPCLOCK - ok

13:53:54.0625 0x22bc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

13:53:54.0645 0x22bc  MSPQM - ok

13:53:54.0685 0x22bc  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

13:53:54.0705 0x22bc  MsRPC - ok

13:53:54.0715 0x22bc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

13:53:54.0725 0x22bc  mssmbios - ok

13:53:54.0735 0x22bc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

13:53:54.0755 0x22bc  MSTEE - ok

13:53:54.0765 0x22bc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

13:53:54.0785 0x22bc  MTConfig - ok

13:53:54.0795 0x22bc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

13:53:54.0815 0x22bc  Mup - ok

13:53:54.0845 0x22bc  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll

13:53:54.0885 0x22bc  napagent - ok

13:53:54.0915 0x22bc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

13:53:54.0955 0x22bc  NativeWifiP - ok

13:53:55.0015 0x22bc  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe

13:53:55.0045 0x22bc  NAUpdate - ok

13:53:55.0075 0x22bc  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys

13:53:55.0113 0x22bc  NDIS - ok

13:53:55.0123 0x22bc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

13:53:55.0153 0x22bc  NdisCap - ok

13:53:55.0173 0x22bc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

13:53:55.0193 0x22bc  NdisTapi - ok

13:53:55.0233 0x22bc  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

13:53:55.0263 0x22bc  Ndisuio - ok

13:53:55.0273 0x22bc  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

13:53:55.0303 0x22bc  NdisWan - ok

13:53:55.0313 0x22bc  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

13:53:55.0333 0x22bc  NDProxy - ok

13:53:55.0353 0x22bc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

13:53:55.0383 0x22bc  NetBIOS - ok

13:53:55.0393 0x22bc  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

13:53:55.0433 0x22bc  NetBT - ok

13:53:55.0443 0x22bc  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe

13:53:55.0453 0x22bc  Netlogon - ok

13:53:55.0473 0x22bc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

13:53:55.0513 0x22bc  Netman - ok

13:53:55.0533 0x22bc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

13:53:55.0573 0x22bc  netprofm - ok

13:53:55.0593 0x22bc  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:53:55.0603 0x22bc  NetTcpPortSharing - ok

13:53:55.0613 0x22bc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

13:53:55.0623 0x22bc  nfrd960 - ok

13:53:55.0643 0x22bc  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll

13:53:55.0693 0x22bc  NlaSvc - ok

13:53:55.0713 0x22bc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

13:53:55.0733 0x22bc  Npfs - ok

13:53:55.0753 0x22bc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

13:53:55.0773 0x22bc  nsi - ok

13:53:55.0783 0x22bc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

13:53:55.0823 0x22bc  nsiproxy - ok

13:53:55.0873 0x22bc  [ 184C189D4FC416978550FC599BB4EDDA, 1C29F23F86DE466A373728288421BE5DBD49C43BDAC900D7DAF9FB2137C7AE81 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

13:53:55.0933 0x22bc  Ntfs - ok

13:53:55.0943 0x22bc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

13:53:55.0963 0x22bc  Null - ok

13:53:56.0003 0x22bc  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys

13:53:56.0023 0x22bc  nvraid - ok

13:53:56.0053 0x22bc  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

13:53:56.0063 0x22bc  nvstor - ok

13:53:56.0073 0x22bc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys

13:53:56.0083 0x22bc  nv_agp - ok

13:53:56.0093 0x22bc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

13:53:56.0103 0x22bc  ohci1394 - ok

13:53:56.0153 0x22bc  ose - ok

13:53:56.0163 0x22bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

13:53:56.0183 0x22bc  p2pimsvc - ok

13:53:56.0203 0x22bc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

13:53:56.0223 0x22bc  p2psvc - ok

13:53:56.0243 0x22bc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

13:53:56.0263 0x22bc  Parport - ok

13:53:56.0283 0x22bc  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

13:53:56.0303 0x22bc  partmgr - ok

13:53:56.0303 0x22bc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

13:53:56.0323 0x22bc  PcaSvc - ok

13:53:56.0343 0x22bc  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys

13:53:56.0363 0x22bc  pci - ok

13:53:56.0383 0x22bc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys

13:53:56.0393 0x22bc  pciide - ok

13:53:56.0413 0x22bc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

13:53:56.0423 0x22bc  pcmcia - ok

13:53:56.0463 0x22bc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

13:53:56.0473 0x22bc  pcw - ok

13:53:56.0503 0x22bc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

13:53:56.0543 0x22bc  PEAUTH - ok

13:53:56.0573 0x22bc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

13:53:56.0643 0x22bc  PeerDistSvc - ok

13:53:56.0693 0x22bc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

13:53:56.0713 0x22bc  PerfHost - ok

13:53:56.0793 0x22bc  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll

13:53:56.0883 0x22bc  pla - ok

13:53:56.0913 0x22bc  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

13:53:56.0953 0x22bc  PlugPlay - ok

13:53:56.0963 0x22bc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

13:53:56.0973 0x22bc  PNRPAutoReg - ok

13:53:56.0993 0x22bc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

13:53:57.0013 0x22bc  PNRPsvc - ok

13:53:57.0053 0x22bc  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

13:53:57.0103 0x22bc  PolicyAgent - ok

13:53:57.0143 0x22bc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

13:53:57.0183 0x22bc  Power - ok

13:53:57.0193 0x22bc  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

13:53:57.0223 0x22bc  PptpMiniport - ok

13:53:57.0223 0x22bc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

13:53:57.0253 0x22bc  Processor - ok

13:53:57.0283 0x22bc  [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc         C:\Windows\system32\profsvc.dll

13:53:57.0303 0x22bc  ProfSvc - ok

13:53:57.0313 0x22bc  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe

13:53:57.0323 0x22bc  ProtectedStorage - ok

13:53:57.0343 0x22bc  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

13:53:57.0373 0x22bc  Psched - ok

13:53:57.0413 0x22bc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

13:53:57.0473 0x22bc  ql2300 - ok

13:53:57.0483 0x22bc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

13:53:57.0503 0x22bc  ql40xx - ok

13:53:57.0513 0x22bc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

13:53:57.0543 0x22bc  QWAVE - ok

13:53:57.0563 0x22bc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

13:53:57.0593 0x22bc  QWAVEdrv - ok

13:53:57.0603 0x22bc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

13:53:57.0623 0x22bc  RasAcd - ok

13:53:57.0633 0x22bc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

13:53:57.0663 0x22bc  RasAgileVpn - ok

13:53:57.0663 0x22bc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

13:53:57.0703 0x22bc  RasAuto - ok

13:53:57.0713 0x22bc  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

13:53:57.0773 0x22bc  Rasl2tp - ok

13:53:57.0793 0x22bc  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll

13:53:57.0823 0x22bc  RasMan - ok

13:53:57.0833 0x22bc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

13:53:57.0863 0x22bc  RasPppoe - ok

13:53:57.0863 0x22bc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

13:53:57.0903 0x22bc  RasSstp - ok

13:53:57.0913 0x22bc  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

13:53:57.0963 0x22bc  rdbss - ok

13:53:57.0973 0x22bc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

13:53:57.0983 0x22bc  rdpbus - ok

13:53:58.0003 0x22bc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

13:53:58.0024 0x22bc  RDPCDD - ok

13:53:58.0034 0x22bc  [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

13:53:58.0044 0x22bc  RDPDR - ok

13:53:58.0054 0x22bc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

13:53:58.0094 0x22bc  RDPENCDD - ok

13:53:58.0104 0x22bc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

13:53:58.0134 0x22bc  RDPREFMP - ok

13:53:58.0154 0x22bc  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

13:53:58.0174 0x22bc  RDPWD - ok

13:53:58.0194 0x22bc  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

13:53:58.0214 0x22bc  rdyboost - ok

13:53:58.0224 0x22bc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

13:53:58.0254 0x22bc  RemoteAccess - ok

13:53:58.0274 0x22bc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

13:53:58.0304 0x22bc  RemoteRegistry - ok

13:53:58.0344 0x22bc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys

13:53:58.0364 0x22bc  RFCOMM - ok

13:53:58.0394 0x22bc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

13:53:58.0424 0x22bc  RpcEptMapper - ok

13:53:58.0444 0x22bc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

13:53:58.0454 0x22bc  RpcLocator - ok

13:53:58.0494 0x22bc  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll

13:53:58.0524 0x22bc  RpcSs - ok

13:53:58.0564 0x22bc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

13:53:58.0594 0x22bc  rspndr - ok

13:53:58.0636 0x22bc  [ C20F64FCD5E2B40310A1774495877ACD, 459E337266EE510E67C5065D2CFDA6804BA5BAF82A4B6E43E80238C86269770D ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys

13:53:58.0652 0x22bc  RTHDMIAzAudService - ok

13:53:58.0691 0x22bc  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

13:53:58.0712 0x22bc  RTL8167 - ok

13:53:58.0722 0x22bc  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys

13:53:58.0752 0x22bc  s3cap - ok

13:53:58.0772 0x22bc  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe

13:53:58.0792 0x22bc  SamSs - ok

13:53:58.0802 0x22bc  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys

13:53:58.0822 0x22bc  sbp2port - ok

13:53:58.0852 0x22bc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

13:53:58.0892 0x22bc  SCardSvr - ok

13:53:58.0922 0x22bc  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

13:53:58.0952 0x22bc  scfilter - ok

13:53:59.0002 0x22bc  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll

13:53:59.0073 0x22bc  Schedule - ok

13:53:59.0103 0x22bc  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll

13:53:59.0133 0x22bc  SCPolicySvc - ok

13:53:59.0148 0x22bc  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

13:53:59.0157 0x22bc  SDRSVC - ok

13:53:59.0167 0x22bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

13:53:59.0207 0x22bc  secdrv - ok

13:53:59.0227 0x22bc  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll

13:53:59.0247 0x22bc  seclogon - ok

13:53:59.0257 0x22bc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

13:53:59.0287 0x22bc  SENS - ok

13:53:59.0297 0x22bc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

13:53:59.0327 0x22bc  SensrSvc - ok

13:53:59.0337 0x22bc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

13:53:59.0347 0x22bc  Serenum - ok

13:53:59.0357 0x22bc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

13:53:59.0377 0x22bc  Serial - ok

13:53:59.0407 0x22bc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

13:53:59.0427 0x22bc  sermouse - ok

13:53:59.0437 0x22bc  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll

13:53:59.0467 0x22bc  SessionEnv - ok

13:53:59.0477 0x22bc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys

13:53:59.0497 0x22bc  sffdisk - ok

13:53:59.0497 0x22bc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys

13:53:59.0517 0x22bc  sffp_mmc - ok

13:53:59.0517 0x22bc  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys

13:53:59.0527 0x22bc  sffp_sd - ok

13:53:59.0527 0x22bc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

13:53:59.0547 0x22bc  sfloppy - ok

13:53:59.0567 0x22bc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

13:53:59.0607 0x22bc  SharedAccess - ok

13:53:59.0637 0x22bc  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

13:53:59.0667 0x22bc  ShellHWDetection - ok

13:53:59.0667 0x22bc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:53:59.0677 0x22bc  SiSRaid2 - ok

13:53:59.0697 0x22bc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

13:53:59.0707 0x22bc  SiSRaid4 - ok

13:53:59.0717 0x22bc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

13:53:59.0747 0x22bc  Smb - ok

13:53:59.0767 0x22bc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

13:53:59.0777 0x22bc  SNMPTRAP - ok

13:53:59.0787 0x22bc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

13:53:59.0797 0x22bc  spldr - ok

13:53:59.0827 0x22bc  [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler         C:\Windows\System32\spoolsv.exe

13:53:59.0857 0x22bc  Spooler - ok

13:53:59.0937 0x22bc  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe

13:54:00.0047 0x22bc  sppsvc - ok

13:54:00.0057 0x22bc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

13:54:00.0107 0x22bc  sppuinotify - ok

13:54:00.0137 0x22bc  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys

13:54:00.0167 0x22bc  srv - ok

13:54:00.0197 0x22bc  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

13:54:00.0227 0x22bc  srv2 - ok

13:54:00.0257 0x22bc  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

13:54:00.0277 0x22bc  srvnet - ok

13:54:00.0277 0x22bc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

13:54:00.0307 0x22bc  SSDPSRV - ok

13:54:00.0327 0x22bc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

13:54:00.0357 0x22bc  SstpSvc - ok

13:54:00.0397 0x22bc  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

13:54:00.0437 0x22bc  Steam Client Service - ok

13:54:00.0447 0x22bc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

13:54:00.0457 0x22bc  stexstor - ok

13:54:00.0497 0x22bc  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll

13:54:00.0537 0x22bc  stisvc - ok

13:54:00.0567 0x22bc  [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys

13:54:00.0577 0x22bc  storflt - ok

13:54:00.0597 0x22bc  [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys

13:54:00.0607 0x22bc  storvsc - ok

13:54:00.0617 0x22bc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

13:54:00.0627 0x22bc  swenum - ok

13:54:00.0687 0x22bc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

13:54:00.0737 0x22bc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )

13:54:04.0092 0x22bc  Detect skipped due to KSN trusted

13:54:04.0092 0x22bc  SwitchBoard - ok

13:54:04.0112 0x22bc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

13:54:04.0162 0x22bc  swprv - ok

13:54:04.0192 0x22bc  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll

13:54:04.0272 0x22bc  SysMain - ok

13:54:04.0282 0x22bc  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll

13:54:04.0312 0x22bc  TabletInputService - ok

13:54:04.0432 0x22bc  [ B5B736216FF7C71D320BF493825752A1, B8B71658CBF7155269AEFA663BCA3C2FFA9811637C953F2CCDD60247F5277BD0 ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe

13:54:04.0552 0x22bc  TabletServicePen - ok

13:54:04.0572 0x22bc  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll

13:54:04.0612 0x22bc  TapiSrv - ok

13:54:04.0632 0x22bc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

13:54:04.0652 0x22bc  TBS - ok

13:54:04.0712 0x22bc  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

13:54:04.0802 0x22bc  Tcpip - ok

13:54:04.0862 0x22bc  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

13:54:04.0922 0x22bc  TCPIP6 - ok

13:54:04.0932 0x22bc  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

13:54:04.0962 0x22bc  tcpipreg - ok

13:54:04.0982 0x22bc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

13:54:05.0002 0x22bc  TDPIPE - ok

13:54:05.0022 0x22bc  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

13:54:05.0042 0x22bc  TDTCP - ok

13:54:05.0062 0x22bc  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

13:54:05.0102 0x22bc  tdx - ok

13:54:05.0142 0x22bc  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

13:54:05.0152 0x22bc  TermDD - ok

13:54:05.0172 0x22bc  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll

13:54:05.0212 0x22bc  TermService - ok

13:54:05.0232 0x22bc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

13:54:05.0252 0x22bc  Themes - ok

13:54:05.0272 0x22bc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

13:54:05.0302 0x22bc  THREADORDER - ok

13:54:05.0322 0x22bc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

13:54:05.0352 0x22bc  TrkWks - ok

13:54:05.0402 0x22bc  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

13:54:05.0422 0x22bc  TrustedInstaller - ok

13:54:05.0422 0x22bc  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

13:54:05.0482 0x22bc  tssecsrv - ok

13:54:05.0522 0x22bc  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

13:54:05.0562 0x22bc  tunnel - ok

13:54:05.0602 0x22bc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

13:54:05.0612 0x22bc  uagp35 - ok

13:54:05.0632 0x22bc  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

13:54:05.0682 0x22bc  udfs - ok

13:54:05.0702 0x22bc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

13:54:05.0722 0x22bc  UI0Detect - ok

13:54:05.0732 0x22bc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys

13:54:05.0752 0x22bc  uliagpkx - ok

13:54:05.0772 0x22bc  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

13:54:05.0792 0x22bc  umbus - ok

13:54:05.0792 0x22bc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

13:54:05.0812 0x22bc  UmPass - ok

13:54:05.0822 0x22bc  [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService    C:\Windows\System32\umrdp.dll

13:54:05.0842 0x22bc  UmRdpService - ok

13:54:05.0912 0x22bc  [ B89514A95A9D435EB974EA22153BB9FF, 66207577293CDC8DE040295D5B327C1354FAB7462175B74A9C7F22BEFF3078AD ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

13:54:05.0932 0x22bc  UNS - ok

13:54:05.0942 0x22bc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

13:54:05.0982 0x22bc  upnphost - ok

13:54:06.0052 0x22bc  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

13:54:06.0062 0x22bc  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )

13:54:13.0526 0x22bc  Detect skipped due to KSN trusted

13:54:13.0526 0x22bc  USBAAPL64 - ok

13:54:13.0546 0x22bc  [ 77B01BC848298223A95D4EC23E1785A1, 7D0FBBA746588401400226BB966507EE34EEBB2F4F16607601E3D7383CAD34E2 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

13:54:13.0576 0x22bc  usbaudio - ok

13:54:13.0596 0x22bc  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

13:54:13.0616 0x22bc  usbccgp - ok

13:54:13.0626 0x22bc  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys

13:54:13.0656 0x22bc  usbcir - ok

13:54:13.0686 0x22bc  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\drivers\usbehci.sys

13:54:13.0706 0x22bc  usbehci - ok

13:54:13.0766 0x22bc  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

13:54:13.0786 0x22bc  usbhub - ok

13:54:13.0806 0x22bc  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

13:54:13.0816 0x22bc  usbohci - ok

13:54:13.0826 0x22bc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

13:54:13.0846 0x22bc  usbprint - ok

13:54:13.0876 0x22bc  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:54:13.0906 0x22bc  USBSTOR - ok

13:54:13.0916 0x22bc  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

13:54:13.0926 0x22bc  usbuhci - ok

13:54:13.0936 0x22bc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

13:54:13.0966 0x22bc  UxSms - ok

13:54:13.0976 0x22bc  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe

13:54:13.0986 0x22bc  VaultSvc - ok

13:54:14.0006 0x22bc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys

13:54:14.0016 0x22bc  vdrvroot - ok

13:54:14.0036 0x22bc  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe

13:54:14.0066 0x22bc  vds - ok

13:54:14.0076 0x22bc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

13:54:14.0096 0x22bc  vga - ok

13:54:14.0106 0x22bc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

13:54:14.0136 0x22bc  VgaSave - ok

13:54:14.0136 0x22bc  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys

13:54:14.0156 0x22bc  vhdmp - ok

13:54:14.0166 0x22bc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys

13:54:14.0176 0x22bc  viaide - ok

13:54:14.0206 0x22bc  [ FF7C6E015AA32FC6BE0AEF582B802332, D59A4AC8A0B0F1B036E2A0BAE8F4DF302AAB1D62C7888224536A1622A912A7B0 ] VirtDiskBus     C:\Windows\system32\DRIVERS\VirtDiskBus64.sys

13:54:14.0216 0x22bc  VirtDiskBus - ok

13:54:14.0226 0x22bc  [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys

13:54:14.0246 0x22bc  vmbus - ok

13:54:14.0246 0x22bc  [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys

13:54:14.0266 0x22bc  VMBusHID - ok

13:54:14.0276 0x22bc  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys

13:54:14.0296 0x22bc  volmgr - ok

13:54:14.0316 0x22bc  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

13:54:14.0336 0x22bc  volmgrx - ok

13:54:14.0366 0x22bc  [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys

13:54:14.0386 0x22bc  volsnap - ok

13:54:14.0396 0x22bc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

13:54:14.0416 0x22bc  vsmraid - ok

13:54:14.0456 0x22bc  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe

13:54:14.0526 0x22bc  VSS - ok

13:54:14.0556 0x22bc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

13:54:14.0566 0x22bc  vwifibus - ok

13:54:14.0586 0x22bc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

13:54:14.0606 0x22bc  vwififlt - ok

13:54:14.0616 0x22bc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

13:54:14.0656 0x22bc  W32Time - ok

13:54:14.0686 0x22bc  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys

13:54:14.0706 0x22bc  wacommousefilter - ok

13:54:14.0706 0x22bc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

13:54:14.0726 0x22bc  WacomPen - ok

13:54:14.0756 0x22bc  wacomvhid - ok

13:54:14.0796 0x22bc  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

13:54:14.0836 0x22bc  WANARP - ok

13:54:14.0836 0x22bc  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

13:54:14.0872 0x22bc  Wanarpv6 - ok

13:54:14.0945 0x22bc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

13:54:15.0005 0x22bc  WatAdminSvc - ok

13:54:15.0135 0x22bc  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe

13:54:15.0225 0x22bc  wbengine - ok

13:54:15.0255 0x22bc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

13:54:15.0275 0x22bc  WbioSrvc - ok

13:54:15.0305 0x22bc  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll

13:54:15.0325 0x22bc  wcncsvc - ok

13:54:15.0345 0x22bc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

13:54:15.0355 0x22bc  WcsPlugInService - ok

13:54:15.0375 0x22bc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

13:54:15.0385 0x22bc  Wd - ok

13:54:15.0425 0x22bc  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

13:54:15.0455 0x22bc  Wdf01000 - ok

13:54:15.0475 0x22bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

13:54:15.0505 0x22bc  WdiServiceHost - ok

13:54:15.0505 0x22bc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

13:54:15.0525 0x22bc  WdiSystemHost - ok

13:54:15.0545 0x22bc  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll

13:54:15.0565 0x22bc  WebClient - ok

13:54:15.0595 0x22bc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

13:54:15.0625 0x22bc  Wecsvc - ok

13:54:15.0635 0x22bc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

13:54:15.0665 0x22bc  wercplsupport - ok

13:54:15.0675 0x22bc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

13:54:15.0705 0x22bc  WerSvc - ok

13:54:15.0725 0x22bc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

13:54:15.0755 0x22bc  WfpLwf - ok

13:54:15.0765 0x22bc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

13:54:15.0775 0x22bc  WIMMount - ok

13:54:15.0775 0x22bc  WinDefend - ok

13:54:15.0775 0x22bc  WinHttpAutoProxySvc - ok

13:54:15.0815 0x22bc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

13:54:15.0855 0x22bc  Winmgmt - ok

13:54:15.0905 0x22bc  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll

13:54:16.0005 0x22bc  WinRM - ok

13:54:16.0045 0x22bc  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

13:54:16.0055 0x22bc  WinUsb - ok

13:54:16.0086 0x22bc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

13:54:16.0136 0x22bc  Wlansvc - ok

13:54:16.0136 0x22bc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

13:54:16.0156 0x22bc  WmiAcpi - ok

13:54:16.0166 0x22bc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

13:54:16.0186 0x22bc  wmiApSrv - ok

13:54:16.0196 0x22bc  WMPNetworkSvc - ok

13:54:16.0196 0x22bc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

13:54:16.0216 0x22bc  WPCSvc - ok

13:54:16.0226 0x22bc  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

13:54:16.0256 0x22bc  WPDBusEnum - ok

13:54:16.0266 0x22bc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

13:54:16.0296 0x22bc  ws2ifsl - ok

13:54:16.0326 0x22bc  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\System32\wscsvc.dll

13:54:16.0346 0x22bc  wscsvc - ok

13:54:16.0346 0x22bc  WSearch - ok

13:54:16.0406 0x22bc  [ A2CC9A9BC30C6141FF99D85A4E26D7A7, AF6B6FD67B0A0CCB72215E2311EFCC27BF0B1805F3FF207056FE8B1FBDD374BE ] WTouchService   C:\Program Files\WTouch\WTouchService.exe

13:54:16.0416 0x22bc  WTouchService - ok

13:54:16.0476 0x22bc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

13:54:16.0566 0x22bc  wuauserv - ok

13:54:16.0586 0x22bc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

13:54:16.0609 0x22bc  WudfPf - ok

13:54:16.0618 0x22bc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

13:54:16.0638 0x22bc  WUDFRd - ok

13:54:16.0648 0x22bc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

13:54:16.0668 0x22bc  wudfsvc - ok

13:54:16.0688 0x22bc  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll

13:54:16.0708 0x22bc  WwanSvc - ok

13:54:16.0748 0x22bc  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys

13:54:16.0758 0x22bc  xusb21 - ok

13:54:16.0778 0x22bc  ================ Scan global ===============================

13:54:16.0798 0x22bc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

13:54:16.0828 0x22bc  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll

13:54:16.0838 0x22bc  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll

13:54:16.0848 0x22bc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

13:54:16.0858 0x22bc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

13:54:16.0870 0x22bc  [ Global ] - ok

13:54:16.0871 0x22bc  ================ Scan MBR ==================================

13:54:16.0901 0x22bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

13:54:17.0141 0x22bc  \Device\Harddisk0\DR0 - ok

13:54:17.0141 0x22bc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

13:54:17.0731 0x22bc  \Device\Harddisk1\DR1 - ok

13:54:17.0731 0x22bc  [ 7FB272DAF8DCACD84508E60A4FC95E0B ] \Device\Harddisk2\DR2

13:54:17.0831 0x22bc  \Device\Harddisk2\DR2 - ok

13:54:17.0831 0x22bc  ================ Scan VBR ==================================

13:54:17.0831 0x22bc  [ F5C81DFE47CF2F935F2C60542B8FF40F ] \Device\Harddisk0\DR0\Partition1

13:54:17.0881 0x22bc  \Device\Harddisk0\DR0\Partition1 - ok

13:54:17.0881 0x22bc  [ 0B0F33F93F9802EE89136395C1359DE3 ] \Device\Harddisk0\DR0\Partition2

13:54:17.0911 0x22bc  \Device\Harddisk0\DR0\Partition2 - ok

13:54:17.0911 0x22bc  [ CD6FB5986469C8857C497B82212858C8 ] \Device\Harddisk0\DR0\Partition3

13:54:17.0931 0x22bc  \Device\Harddisk0\DR0\Partition3 - ok

13:54:17.0931 0x22bc  [ 0DB78CBAA0E6AA7B22168AAC172C4393 ] \Device\Harddisk1\DR1\Partition1

13:54:18.0031 0x22bc  \Device\Harddisk1\DR1\Partition1 - ok

13:54:18.0031 0x22bc  [ FBEEC06AA79AFA43BA0773990D15EAA5 ] \Device\Harddisk2\DR2\Partition1

13:54:18.0091 0x22bc  \Device\Harddisk2\DR2\Partition1 - ok

13:54:18.0091 0x22bc  ================ Scan generic autorun ======================

13:54:18.0381 0x22bc  [ 834A309C2FDF52FC09353F348CFE1235, FF8D5B0C4D8DEF3B313E11B01D6A2A29758E8721EF2EC0AAC2DB3C9AAF399276 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

13:54:18.0611 0x22bc  RtHDVCpl - ok

13:54:18.0651 0x22bc  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

13:54:18.0671 0x22bc  AdobeAAMUpdater-1.0 - ok

13:54:18.0701 0x22bc  [ D3B404B50A18167398711572A91AB7DF, 56F84EE4CF37565475650C475F8B7A08C140E875DD7117D7F4D6B92AF1592AF4 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe

13:54:18.0711 0x22bc  IMSS - ok

13:54:18.0771 0x22bc  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

13:54:18.0831 0x22bc  USB3MON - ok

13:54:18.0871 0x22bc  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

13:54:18.0881 0x22bc  APSDaemon - ok

13:54:18.0927 0x22bc  BCSSync - ok

13:54:18.0943 0x22bc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

13:54:18.0964 0x22bc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )

13:54:18.0964 0x22bc  Detect skipped due to KSN trusted

13:54:18.0964 0x22bc  SwitchBoard - ok

13:54:19.0091 0x22bc  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe

13:54:19.0131 0x22bc  AdobeCS6ServiceManager - ok

13:54:19.0281 0x22bc  [ 7516C453B017706D857A6E57F75D72AD, EDB67298B432990D16168C023FB8079B475DAEC540594E2020BBE8EBD017B5E9 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

13:54:19.0301 0x22bc  DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )

13:54:23.0182 0x22bc  Detect skipped due to KSN trusted

13:54:23.0182 0x22bc  DivXMediaServer - ok

13:54:23.0292 0x22bc  [ D3570ACC178180AC0D7C24645461A9D3, 9E3440A2537DD3E494ADC40DA63BE1EF4DE014E7DB17748A95841CA667CCE563 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

13:54:23.0312 0x22bc  IJNetworkScannerSelectorEX - ok

13:54:23.0482 0x22bc  [ 7C73B5C50CAEDB1771A049142026906B, A4992339D71A9297963C70616C4124BD701E46AEE439E09C392C2B2EBAE624E6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

13:54:23.0512 0x22bc  StartCCC - ok

13:54:23.0602 0x22bc  [ FB1A303207C1124C2B61A50E5A32AC21, 5BE93B9FDE657DCDAF4E8C02BC3F364C58B115DCE3AD10044FBCDC0FF90C2EBC ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

13:54:23.0642 0x22bc  DivXUpdate - ok

13:54:23.0712 0x22bc  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

13:54:23.0722 0x22bc  SunJavaUpdateSched - ok

13:54:24.0122 0x22bc  [ FFB8CB731D62EC434A552680E0F8EC1A, 7738881188FF99820F6FD667E32FE73E63260289188C449D3462F8B19C48D3FA ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

13:54:24.0282 0x22bc  AvastUI.exe - ok

13:54:24.0382 0x22bc  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe

13:54:24.0402 0x22bc  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )

13:54:28.0278 0x22bc  Detect skipped due to KSN trusted

13:54:28.0278 0x22bc  QuickTime Task - ok

13:54:28.0328 0x22bc  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

13:54:28.0348 0x22bc  iTunesHelper - ok

13:54:28.0398 0x22bc  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

13:54:28.0448 0x22bc  Sidebar - ok

13:54:28.0458 0x22bc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

13:54:28.0478 0x22bc  mctadmin - ok

13:54:28.0498 0x22bc  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

13:54:28.0538 0x22bc  Sidebar - ok

13:54:28.0538 0x22bc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

13:54:28.0558 0x22bc  mctadmin - ok

13:54:28.0558 0x22bc  Steam - ok

13:54:28.0598 0x22bc  GoogleDriveSync - ok

13:54:28.0838 0x22bc  [ 8E0EB63933A827D786DE027E42487E44, 387B1803C6F20DD525AE8C367F3997D2875102AE528CA1203D75399B74E41EFD ] C:\Users\Dylan\AppData\Roaming\uTorrent\uTorrent.exe

13:54:37.0724 0x22bc  uTorrent - ok

13:54:37.0724 0x22bc  Waiting for KSN requests completion. In queue: 1

13:54:38.0724 0x22bc  Waiting for KSN requests completion. In queue: 1

13:54:39.0731 0x22bc  Waiting for KSN requests completion. In queue: 1

13:54:40.0731 0x22bc  Waiting for KSN requests completion. In queue: 1

13:54:41.0731 0x22bc  Waiting for KSN requests completion. In queue: 1

13:54:42.0791 0x22bc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )

13:54:42.0791 0x22bc  Win FW state via NFP2: enabled

13:54:45.0932 0x22bc  ============================================================

13:54:45.0932 0x22bc  Scan finished

13:54:45.0932 0x22bc  ============================================================

13:54:45.0935 0x22b4  Detected object count: 0

13:54:45.0935 0x22b4  Actual detected object count: 0

13:55:19.0801 0x0bb0  Deinitialize success

[sadburbia]

The pop-ups usually come whenever I open Google Chrome (or a few minutes after), but as of now they have not popped up again. I will make another reply if they end up coming back.

[sadburbia]

Scratch that, they have started popping up again, this time with threat "hxxp://xmlka.com/" as well as all the others.

[pystryker]

Ok, let's reset Chrome back to it's default setting, and then we'll scan for remnants and orphans.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Reset Chrome to Default Setting

Please follow the instructions at this link to reset Chrome. Please follow the instructions in Step #2 at the page.

https://support.goog...765944?hl=en-GB


Step 2: Scan with Malwarebytes


Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits



Go back to the Dashboard and select Scan Now



If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.





On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 3: Scan with ESET Online Scanner


Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.

Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->

• Select the option YES, I accept the Terms of Use then click on Start
• When prompted allow the Add-On/Active X to install.
• Make sure that the option Remove found threats is NOT checked.
• Make sure that the option Scan archives is checked.
• Now click on Advanced Settings and select the following:
• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology
• Now click on Start
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically. The scan may take several hours.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• Now click on Finish
• Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Step 4: SecurityCheck Scan


Download Security Check by screen317 from here or here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

• ESET Scan Log
• MBAM Log
• SecurityCheck Log
• Any further popups?

[sadburbia]

Here is the MAMB log:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 27/12/2014

Scan Time: 7:19:48 PM

Logfile: MBAM.txt

Administrator: Yes

 

Version: 2.00.4.1028

Malware Database: v2014.12.27.03

Rootkit Database: v2014.12.23.02

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7

CPU: x64

File System: NTFS

User: Dylan

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 340463

Time Elapsed: 8 min, 36 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 1

Trojan.FakeMS.ED, HKLM\SOFTWARE\CLASSES\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}, Quarantined, [6fd5d78fe399a2944bd95899d52c946c], 

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 1

Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}, Delete-on-Reboot, [1e26f076cdaff442f5201546de251fe1], 

 

Files: 6

Trojan.Agent.ED, C:\ProgramData\Windows Genuine Advantage\{B0C305B2-FC29-452E-8B7D-0E9E4DCEC50E}\api-ms-win-system-umpo-l1-1-0.dll, Quarantined, [f94b4e186715eb4bb3e5847991705aa6], 

Trojan.FakeMS.ED, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\Display.dll, Delete-on-Reboot, [6fd5d78fe399a2944bd95899d52c946c], 

Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\8afc49b02429a, Delete-on-Reboot, [1e26f076cdaff442f5201546de251fe1], 

Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\aw.tmp, Delete-on-Reboot, [1e26f076cdaff442f5201546de251fe1], 

Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\awkg.tmp, Quarantined, [1e26f076cdaff442f5201546de251fe1], 

Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\muaya.tmp, Quarantined, [1e26f076cdaff442f5201546de251fe1], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

[sadburbia]

Here is the ESET log:

 

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=ae83ce7ade9b314ab02ac7d9edd92950

# engine=21716

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-12-27 09:55:22

# local_time=2014-12-27 08:25:22 (+0930, Cen. Australia Daylight Time)

# country="Australia"

# lang=1033

# osver=6.1.7600 NT 

# compatibility_mode_1='avast! Internet Security'

# compatibility_mode=779 16777213 85 72 0 184092812 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 0 171308762 0 0

# scanned=220505

# found=0

# cleaned=0

# scan_time=2302

[sadburbia]

Here is the Security Check log:

 

 Results of screen317's Security Check version 0.99.93  

 Windows 7  x64 (UAC is enabled)  

 Out of date service pack!! 

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

avast! Antivirus   

 Antivirus up to date!   

`````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 45  

 Java version 32-bit out of Date! 

  Adobe Flash Player 15.0.0.246 Flash Player out of Date!  

 Adobe Reader XI  

 Mozilla Firefox (34.0.5) 

 Google Chrome (39.0.2171.71) 

 Google Chrome (39.0.2171.95) 

````````Process Check: objlist.exe by Laurent````````  

 AVAST Software Avast AvastSvc.exe  

 AVAST Software Avast AvastUI.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 4% 

````````````````````End of Log``````````````````````