This topic is lockedThere should be another log Addition.txt log produced with the last FRST scan. Please post that log. The other item you posted was the fixlist. I'm going to consult with a colleague regarding your machine and will post further instructions as soon as possible.
Browser Hijacked [Solved]
Started by
trucker
, Jan 25 2015 07:09 AM
#46
Posted 03 February 2015 - 03:49 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
There should be another log Addition.txt log produced with the last FRST scan. Please post that log. The other item you posted was the fixlist. I'm going to consult with a colleague regarding your machine and will post further instructions as soon as possible.
#47
Posted 04 February 2015 - 08:26 AM
trucker
- Topic Starter
-
- Member
-
- 233 posts
Member
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-01-2015
Ran by Lonnie at 2015-02-04 09:24:19
Running from C:\Users\Lonnie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
aioscnnr (Version: 7.6.13.10 - Your Company Name) Hidden
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassins Creed Revelations 1.0 (HKLM\...\Assassins Creed Revelations_is1) (Version: 1.0 - Ubisoft)
BoneLab (HKLM\...\{D16CBD59-07B3-4F98-A404-01B6D87A90F2}) (Version: 1.4.0.2 - Next Dimension Imaging)
C4USelfUpdater (Version: 1.00.0000 - Your Company Name) Hidden
center (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
CleanUp! (HKLM\...\CleanUp!) (Version: - )
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
essentials (Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Firestorm-Beta (remove only) (HKLM\...\Firestorm-Beta) (Version: 4.5.1.38838 - The Phoenix Firestorm Project, Inc.)
Firestorm-Release (remove only) (HKLM\...\Firestorm-Release) (Version: 4.6.9.42969 - The Phoenix Firestorm Project, Inc.)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - )
GeekBuddy (HKLM\...\{79B9250E-3714-4877-A2B0-D6C1E93E471A}) (Version: 4.18.121 - Comodo Security Solutions Inc)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
G'MIC for GIMP version 1.5.8.2 (HKLM\...\G'MIC for GIMP_is1) (Version: 1.5.8.2 - )
Google Books Downloader version 2.3 (HKLM\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
grillaprice (HKLM\...\grillaprice) (Version: - )
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
LEGO Batman 3 - Beyond Gotham (HKLM\...\LEGO Batman 3 - Beyond Gotham_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
magicJack (HKU\S-1-5-21-4227807349-2635072203-767282089-1001\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Morrowind (HKLM\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version: - )
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 en-US) (HKLM\...\Mozilla Thunderbird 31.4.0 (x86 en-US)) (Version: 31.4.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.12 - NVIDIA Corporation)
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice 4.1.0 (HKLM\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Pegasus Mail (HKLM\...\Pegasus Mail) (Version: - David Harris)
Pegasus Mail HTML Renderer 2.4.9.2 (HKLM\...\{A9F5E1E1-1281-4862-90B4-6CF8E6AF83CE}_is1) (Version: - Micha's Midnight Manufacture)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PrivDog (HKLM\...\PrivDog) (Version: 1.8.0.15 - privdog.com)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_27 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12094_27 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.6.75 - NVIDIA Corporation) Hidden
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
System Requirements Lab (HKLM\...\{AC369A7C-2E0D-4925-BFB1-AB50BF825CCC}) (Version: 6.0.8.0 - Husdawg, LLC)
TESV Skyrim LE version 1.9.32.0 (HKLM\...\TESV Skyrim LE_is1) (Version: 1.9.32.0 - Lyxer_Loader)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 2.1.0 - Tweaking.com)
Unity Web Player (HKU\S-1-5-21-4227807349-2635072203-767282089-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
Windows Phone app for desktop (HKLM\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4227807349-2635072203-767282089-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Lonnie\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
==================== Restore Points =========================
03-02-2015 12:30:14 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:04 - 2015-01-29 22:40 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0612857A-4D96-4A80-80A6-144442BF83C9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-01-04] (Apple Inc.)
Task: {08E826DF-7983-4D33-AC73-520F8D7D04B0} - \PastaQuotes No Task File <==== ATTENTION
Task: {1127E81B-ADF1-4EE9-B675-33A29DAF81AC} - System32\Tasks\{41A3FD47-AC06-4610-8451-A76D5A0D7F2F} => pcalua.exe -a C:\Users\Lonnie\Downloads\FirmwareFlashLauncher.exe -d C:\Users\Lonnie\Desktop
Task: {1C0D753B-E868-40BF-BCDD-5C0E1B51C8FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {3D705851-57CD-4512-8100-49D69CD5B55D} - System32\Tasks\{B3C33E76-D92C-4C87-8BA0-F6F6C0B1A367} => pcalua.exe -a "C:\Users\Lonnie\Downloads\erunt (2)\ERUNT.EXE" -d "C:\Users\Lonnie\Downloads\erunt (2)"
Task: {8ACFA7E6-9369-4009-BDAB-490273617C25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-28] (Google Inc.)
Task: {A017A1F5-B136-454F-88AB-D5C404F3C54B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-28] (Google Inc.)
Task: {B09F53FC-4A33-4BD4-B889-EAA07699C650} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-04] (COMODO)
Task: {B6573E58-A8CE-4337-9DF1-1A5EDDCD86B8} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-04] (COMODO)
Task: {BC797AF4-FBA2-4CBE-8435-561FACA9ABBF} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-04] (COMODO)
Task: {D20A8D01-F90F-4C11-8279-55328EDCA369} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-02-04] (COMODO)
Task: {E705D62B-0188-4E1F-8F81-CA96B6192A7E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-04] (COMODO)
Task: {F1E1FAEF-DC7C-4586-AB96-95A7AE31048C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-23 09:01 - 2014-07-02 14:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 00976080 _____ () C:\Program Files\Comodo\GeekBuddy\QtNetwork4.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 02254544 _____ () C:\Program Files\Comodo\GeekBuddy\QtCore4.dll
2015-01-30 04:25 - 2015-01-26 22:44 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
2015-01-30 04:25 - 2015-01-26 22:44 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\libegl.dll
2015-01-30 04:25 - 2015-01-26 22:44 - 09171272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.94\pdf.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 08024784 _____ () C:\Program Files\Comodo\GeekBuddy\QtGui4.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 00032976 _____ () C:\Program Files\Comodo\GeekBuddy\imageformats\qgif4.dll
2014-09-25 07:04 - 2014-09-25 07:04 - 01299664 _____ () C:\Program Files\Comodo\GeekBuddy\QtScript4.dll
2014-07-04 12:00 - 2014-07-04 12:00 - 00084344 _____ () C:\Users\Lonnie\AppData\Roaming\mjusbsp\octvqem_apiw.DLL
2013-04-15 17:39 - 2013-04-15 17:39 - 00070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-11-27 08:42 - 2014-11-27 08:42 - 00879808 _____ () C:\Program Files\Comodo\Dragon\libglesv2.dll
2014-11-27 08:33 - 2014-11-27 08:33 - 00134848 _____ () C:\Program Files\Comodo\Dragon\libegl.dll
2014-11-27 08:34 - 2014-11-27 08:34 - 00956608 _____ () C:\Program Files\Comodo\Dragon\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Lonnie\Desktop\Constitutional_amendment_process_(USA).png:$CmdZnID
AlternateDataStreams: C:\Users\Lonnie\Desktop\mbam-setup-2.0.4.1028.exe:$CmdZnID
AlternateDataStreams: C:\Users\Lonnie\Desktop\SecurityCheck.exe:$CmdZnID
AlternateDataStreams: C:\Users\Lonnie\Downloads\esetsmartinstaller_enu.exe:$CmdZnID
AlternateDataStreams: C:\Users\Lonnie\Downloads\FH12MAR_MOSTEP_09.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Lonnie\Downloads\FH12MAR_MOSTEP_CL.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Lonnie\Downloads\hunter-engagement-470x705.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Lonnie\Downloads\tweaking.com_registry_backup_setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Lonnie\Downloads\tweaking.com_registry_backup_setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Lonnie\Downloads\unicorn-6.2.1.91.iso:$CmdZnID
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4227807349-2635072203-767282089-500 - Administrator - Disabled)
Guest (S-1-5-21-4227807349-2635072203-767282089-501 - Limited - Disabled)
Lonnie (S-1-5-21-4227807349-2635072203-767282089-1001 - Administrator - Enabled) => C:\Users\Lonnie
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/04/2015 08:32:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_StiSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0x8c4
Faulting application start time: 0xsvchost.exe_StiSvc0
Faulting application path: svchost.exe_StiSvc1
Faulting module path: svchost.exe_StiSvc2
Report Id: svchost.exe_StiSvc3
Error: (02/03/2015 08:57:49 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c45a6cb7-af53-4660-b5b5-a9750d679111}
Error: (02/01/2015 07:12:35 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {66354274-4a95-422a-8d76-bff4208742b0}
Error: (01/31/2015 07:38:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_StiSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000374
Fault offset: 0x000c3873
Faulting process id: 0x944
Faulting application start time: 0xsvchost.exe_StiSvc0
Faulting application path: svchost.exe_StiSvc1
Faulting module path: svchost.exe_StiSvc2
Report Id: svchost.exe_StiSvc3
Error: (01/30/2015 08:45:21 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bff8e0e3-6b70-4119-8543-4c38cf8578c9}
Error: (01/30/2015 09:34:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: gimp-2.8.exe, version: 2.8.14.0, time stamp: 0x00000000
Faulting module name: libpixman-1-0.dll, version: 0.0.0.0, time stamp: 0x0072a5f0
Exception code: 0xc0000005
Fault offset: 0x00084b3b
Faulting process id: 0xa4c
Faulting application start time: 0xgimp-2.8.exe0
Faulting application path: gimp-2.8.exe1
Faulting module path: gimp-2.8.exe2
Report Id: gimp-2.8.exe3
Error: (01/30/2015 06:27:15 AM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis
Error: (01/30/2015 06:27:15 AM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis
Error: (01/30/2015 06:27:15 AM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis
Error: (01/30/2015 06:27:15 AM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis
System errors:
=============
Error: (02/04/2015 08:32:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
Error: (02/03/2015 09:03:06 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000000a (0x00000074, 0x00000002, 0x00000001, 0x83085f02)C:\Windows\MEMORY.DMP020315-185641-01
Error: (02/03/2015 09:02:56 AM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
Error: (02/03/2015 09:02:58 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:57:51 AM on 2/3/2015 was unexpected.
Error: (02/03/2015 08:43:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (02/01/2015 07:06:04 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (02/01/2015 07:05:31 AM) (Source: cdrom) (EventID: 15) (User: )
Description: The device, \Device\CdRom0, is not ready for access yet.
Error: (02/01/2015 07:05:31 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (02/01/2015 07:05:31 AM) (Source: cdrom) (EventID: 15) (User: )
Description: The device, \Device\CdRom0, is not ready for access yet.
Error: (02/01/2015 07:05:31 AM) (Source: cdrom) (EventID: 15) (User: )
Description: The device, \Device\CdRom0, is not ready for access yet.
Microsoft Office Sessions:
=========================
Error: (02/04/2015 08:32:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_StiSvc6.1.7600.163854a5bc100ntdll.dll6.1.7601.18247521ea91cc0000374000c38738c401d0407f0ed9dfb3C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll50c71715-ac72-11e4-9233-001a4d4ff044
Error: (02/03/2015 08:57:49 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c45a6cb7-af53-4660-b5b5-a9750d679111}
Error: (02/01/2015 07:12:35 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {66354274-4a95-422a-8d76-bff4208742b0}
Error: (01/31/2015 07:38:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_StiSvc6.1.7600.163854a5bc100ntdll.dll6.1.7601.18247521ea91cc0000374000c387394401d03d52c9e3171cC:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll0c2e6a2a-a946-11e4-9237-001a4d4ff044
Error: (01/30/2015 08:45:21 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bff8e0e3-6b70-4119-8543-4c38cf8578c9}
Error: (01/30/2015 09:34:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: gimp-2.8.exe2.8.14.000000000libpixman-1-0.dll0.0.0.00072a5f0c000000500084b3ba4c01d03c994b5dc736C:\Program Files\GIMP 2\bin\gimp-2.8.exeC:\Program Files\GIMP 2\bin\libpixman-1-0.dll10c2a5db-a88d-11e4-bd92-001a4d4ff044
Error: (01/30/2015 06:27:15 AM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis
Error: (01/30/2015 06:27:15 AM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis
Error: (01/30/2015 06:27:15 AM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis
Error: (01/30/2015 06:27:15 AM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis
==================== Memory info ===========================
Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 44%
Total physical RAM: 3582.49 MB
Available physical RAM: 1995.54 MB
Total Pagefile: 7163.27 MB
Available Pagefile: 5120.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:233.02 GB) (Free:75.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:116.53 GB) (Free:86.83 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 36363636)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116.2 GB) - (Type=05)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End Of Log ============================
#48
Posted 04 February 2015 - 08:27 AM
trucker
- Topic Starter
-
- Member
-
- 233 posts
Member
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-01-2015
Ran by Lonnie (administrator) on LONNIE-PC on 04-02-2015 09:22:42
Running from C:\Users\Lonnie\Desktop
Loaded Profiles: Lonnie (Available profiles: Lonnie)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit.exe
(magicJack L.P.) C:\Users\Lonnie\AppData\Roaming\mjusbsp\magicJack.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-05] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM\...\Run: [EKStatusMonitor] => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2015-01-04] (Apple Inc.)
HKLM\...\Run: [ComodoFSChrome] => "C:\Program Files\AdTrustMedia\PrivDog\FinalizeSetup.exe" /c
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1243864 2015-02-04] (COMODO)
HKLM\...\Run: [tvncontrol] => C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\...\Run: [GoogleChromeAutoLaunch_A4AAD752A94AD0D07B3FA88181A919F9] => C:\Program Files\Comodo\Dragon\dragon.exe [725696 2014-12-28] (Comodo)
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\...\Run: [cdloader] => C:\Users\Lonnie\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2015-02-04] (magicJack L.P.)
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\...\Run: [GoogleChromeAutoLaunch_5090660AF80758FEEBA1A8C0C9DF7D80] => C:\Program Files\Google\Chrome\Application\chrome.exe [843592 2015-01-26] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4227807349-2635072203-767282089-1001 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yah...}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-4227807349-2635072203-767282089-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yah...}&fr=chr-comodo
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{8270EF4F-3060-4E70-871D-BC3BABF46597}: [NameServer] 156.154.70.22,156.154.71.22
FireFox:
========
FF ProfilePath: C:\Users\Lonnie\AppData\Roaming\Mozilla\Firefox\Profiles\0937xwmn.default
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4227807349-2635072203-767282089-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lonnie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\.xml
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig
CHR StartupUrls: Default -> "https://www.google.com/", "hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppp", "hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppp"
CHR DefaultSearchKeyword: Default ->
CHR DefaultSearchURL: Default -> http://isearch.omiga...q={searchTerms}
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com...q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.94\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll No File
CHR Profile: C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-12-28]
CHR Extension: (Ancient History Encyclopedia) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle [2014-12-28]
CHR Extension: (Angry Birds) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-26]
CHR Extension: (Facebook) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-12-28]
CHR Extension: (AdBlock Plus) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjmhchkipehceidlknhjhbgaipcnafm [2014-12-29]
CHR Extension: (Calculator) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\decmldkknaaemlafplkkdmmmelbdnlja [2014-12-28]
CHR Extension: (A Space Shooter for FREE) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa [2014-12-28]
CHR Extension: (Typing Lessons) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\heehkcnmhmdicclbnofindfmokhfnjag [2014-12-28]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-12-28]
CHR Extension: (sixty second shooter) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnlbhjpainpnikdjnmcmiaombhhchkg [2014-12-28]
CHR Extension: (Jamstash) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccdpflnecheidefpofmlblgebobbloc [2014-12-28]
CHR Extension: (WordPress.com) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2014-12-28]
CHR Extension: (Coloring Pages) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhphoobahjckipglphjghghlgodanfj [2014-12-28]
CHR Extension: (Fieldrunners) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2014-12-28]
CHR Extension: (Chain Rxn) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkdlfmoglbdpomddljgapccmlognoaf [2014-12-28]
CHR Extension: (Search Helper: Preview, Note, Tag, Hide etc) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\naddbmiihfcdfaeencbcmbpioghcjlje [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-19]
CHR Extension: (Sidekick by HubSpot) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2015-01-15]
CHR Extension: (Weather Underground) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-12-28]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70864 2015-01-30] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2015-02-04] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2015-02-04] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2370240 2014-12-28] (Comodo Security Solutions, Inc.)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-10-29] (Teruten) [File not signed]
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2014-05-06] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-12-11] (Eastman Kodak Company)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14657824 2013-11-29] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2014-06-26] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17088 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [618072 2015-01-30] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41248 2015-01-30] (COMODO)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-10-29] () [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91200 2015-01-30] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-10-30] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-03 09:02 - 2015-02-03 09:03 - 00159072 _____ () C:\Windows\Minidump\020315-185641-01.dmp
2015-02-03 09:02 - 2015-02-03 09:02 - 00000000 ____D () C:\Windows\Minidump
2015-02-03 09:01 - 2015-02-03 09:01 - 290540326 _____ () C:\Windows\MEMORY.DMP
2015-02-03 08:57 - 2015-02-03 08:57 - 00000344 _____ () C:\Users\Lonnie\Desktop\fixlist.txt
2015-02-03 08:54 - 2015-02-03 08:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LONNIE-PC-Windows-7-Home-Premium-(32-bit).dat
2015-02-03 08:52 - 2015-02-03 08:52 - 00002181 _____ () C:\Users\Lonnie\Desktop\Tweaking.com - Registry Backup.lnk
2015-02-03 08:52 - 2015-02-03 08:52 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-02-03 08:52 - 2015-02-03 08:52 - 00000000 ____D () C:\RegBackup
2015-02-03 08:52 - 2015-02-03 08:52 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-02-03 08:51 - 2015-02-03 08:51 - 04803888 _____ () C:\Users\Lonnie\Downloads\tweaking.com_registry_backup_setup.exe
2015-02-02 06:49 - 2015-02-02 06:49 - 00005250 _____ () C:\Users\Lonnie\AppData\Local\recently-used.xbel
2015-02-01 18:40 - 2015-02-01 18:45 - 242776064 _____ () C:\Users\Lonnie\Downloads\unicorn-6.2.1.91.iso
2015-01-31 18:56 - 2015-02-04 08:30 - 00004474 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-01-31 18:55 - 2015-01-31 18:55 - 00852573 _____ () C:\Users\Lonnie\Desktop\SecurityCheck.exe
2015-01-31 07:48 - 2015-01-31 07:48 - 02347384 _____ (ESET) C:\Users\Lonnie\Downloads\esetsmartinstaller_enu.exe
2015-01-31 07:48 - 2015-01-31 07:48 - 00000000 ____D () C:\Program Files\ESET
2015-01-31 07:46 - 2015-01-31 07:46 - 00074951 _____ () C:\Users\Lonnie\Desktop\MBAM.txt
2015-01-31 06:51 - 2015-02-04 08:35 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 06:50 - 2015-01-31 07:13 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-31 06:50 - 2015-01-31 07:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-31 06:50 - 2015-01-31 07:13 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-31 06:50 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-31 06:50 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-31 06:50 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-31 06:49 - 2015-01-31 06:49 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Lonnie\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-30 07:38 - 2015-01-30 07:38 - 00000000 ____D () C:\Program Files\Common Files\COMODO
2015-01-30 06:20 - 2015-01-30 06:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-30 05:51 - 2015-02-04 09:22 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2015-01-30 05:51 - 2015-02-04 08:26 - 00001985 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-01-30 05:50 - 2015-01-30 05:50 - 00000000 ____D () C:\ProgramData\Shared Space
2015-01-30 05:48 - 2015-01-30 07:38 - 00002013 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2015-01-30 05:48 - 2015-01-30 05:48 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-01-30 05:45 - 2015-01-30 05:46 - 226075384 _____ (COMODO) C:\Users\Lonnie\Downloads\cispremium_installer_6100_08.exe
2015-01-29 23:13 - 2015-02-01 13:47 - 00022928 _____ () C:\Users\Lonnie\Desktop\Addition.txt
2015-01-29 23:12 - 2015-02-04 09:23 - 00018204 _____ () C:\Users\Lonnie\Desktop\FRST.txt
2015-01-29 23:00 - 2015-01-29 23:03 - 00000000 ____D () C:\AdwCleaner
2015-01-29 22:59 - 2015-01-29 22:59 - 02194432 _____ () C:\Users\Lonnie\Desktop\AdwCleaner.exe
2015-01-29 22:56 - 2015-01-29 22:56 - 00003785 _____ () C:\Users\Lonnie\Desktop\JRT.txt
2015-01-29 22:54 - 2015-01-29 22:54 - 01707939 _____ (Thisisu) C:\Users\Lonnie\Desktop\JRT.exe
2015-01-29 22:54 - 2015-01-29 22:54 - 00000000 ____D () C:\Windows\ERUNT
2015-01-29 22:46 - 2015-01-31 06:47 - 00000000 ____D () C:\Users\Lonnie\Desktop\FRST-OlderVersion
2015-01-29 10:44 - 2015-01-29 10:44 - 00045516 _____ () C:\Windows\system32\.crusader
2015-01-29 10:28 - 2015-01-29 22:48 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-29 10:28 - 2015-01-29 10:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-29 10:27 - 2015-01-29 10:28 - 10285456 _____ (SurfRight B.V.) C:\Users\Lonnie\Downloads\HitmanPro.exe
2015-01-29 10:06 - 2015-01-29 10:06 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Lonnie\Downloads\SpyHunter-Installer.exe
2015-01-29 09:20 - 2015-01-29 09:20 - 00000000 ____D () C:\themes
2015-01-29 09:20 - 2015-01-29 09:20 - 00000000 ____D () C:\cis
2015-01-29 09:20 - 2013-11-21 07:49 - 04814552 _____ (COMODO) C:\cmdinstall.exe
2015-01-29 09:20 - 2013-09-24 05:53 - 03360984 _____ (Terra Informatica Software, Inc.) C:\cmdhtml.dll
2015-01-29 09:20 - 2013-09-24 05:53 - 00281816 _____ (Igor Pavlov) C:\7za.dll
2015-01-29 08:21 - 2015-01-29 09:21 - 00000674 _____ () C:\Windows\system32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2015-01-29 08:21 - 2015-01-29 09:20 - 00001123 __RSH () C:\Windows\system32\{1606DC18-9578-4cbd-8312-8E9868F06A1D}.conf
2015-01-29 08:06 - 2015-01-29 08:06 - 00353699 _____ () C:\Users\Lonnie\Documents\CisReport_x86_v8.0.0.4344_20150129-080558.zip
2015-01-28 10:34 - 2015-01-28 10:36 - 00000045 _____ () C:\Users\Lonnie\Documents\Indiana TID number.txt
2015-01-26 21:23 - 2015-01-26 21:23 - 00000000 ____D () C:\Users\Lonnie\Documents\Empire Earth II
2015-01-26 21:14 - 2015-01-26 21:15 - 00000000 ____D () C:\Program Files\GameSpy Arcade
2015-01-26 21:14 - 2015-01-26 21:14 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-01-26 21:14 - 2015-01-26 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-01-26 09:23 - 2015-01-26 09:23 - 01120768 _____ (Farbar) C:\Users\Lonnie\Downloads\FRST (1).exe
2015-01-26 08:35 - 2015-01-26 08:36 - 04176437 _____ () C:\Users\Lonnie\Downloads\tdsskiller.zip
2015-01-26 08:30 - 2015-01-26 09:28 - 00038221 _____ () C:\Users\Lonnie\Downloads\Addition.txt
2015-01-26 08:28 - 2015-02-04 09:22 - 00000000 ____D () C:\FRST
2015-01-26 08:28 - 2015-01-26 09:28 - 00039281 _____ () C:\Users\Lonnie\Downloads\FRST.txt
2015-01-26 08:27 - 2015-01-31 06:47 - 01122304 _____ (Farbar) C:\Users\Lonnie\Desktop\FRST.exe
2015-01-24 21:55 - 2015-01-24 21:55 - 00056322 _____ () C:\Users\Lonnie\Desktop\Extras.Txt
2015-01-24 21:53 - 2015-01-24 21:53 - 00106122 _____ () C:\Users\Lonnie\Desktop\OTL.Txt
2015-01-24 21:38 - 2015-01-24 21:38 - 00602112 _____ (OldTimer Tools) C:\Users\Lonnie\Desktop\OTL (1).exe
2015-01-24 21:37 - 2015-01-24 21:37 - 00602112 _____ (OldTimer Tools) C:\Users\Lonnie\Downloads\OTL.exe
2015-01-24 07:43 - 2015-01-24 07:43 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\dvdcss
2015-01-23 11:40 - 2015-01-24 07:30 - 00000000 ____D () C:\Users\Lonnie\Desktop\Body work
2015-01-23 09:20 - 2015-01-23 09:24 - 00000010 _____ () C:\Users\Lonnie\Documents\New Text Document (2).txt
2015-01-23 09:15 - 2015-01-23 09:15 - 00347816 _____ (Microsoft Corporation) C:\Users\Lonnie\Downloads\MicrosoftFixit.HomeGroup.Run.exe
2015-01-22 20:23 - 2015-01-25 00:23 - 18126512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2015-01-13 14:18 - 2015-01-13 14:18 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-13 14:18 - 2015-01-13 14:18 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 14:18 - 2015-01-13 14:18 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 14:18 - 2015-01-13 14:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 14:18 - 2015-01-13 14:18 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 14:18 - 2015-01-13 14:18 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 11:31 - 2015-01-13 11:31 - 00000000 ____D () C:\Users\Lonnie\Documents\01-13-2015
2015-01-11 06:19 - 2015-01-11 06:19 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\Apple Computer
2015-01-06 08:42 - 2015-01-06 08:42 - 00000000 ____D () C:\Users\Lonnie\Documents\01-06-2015
2015-01-05 09:40 - 2015-01-05 09:47 - 00000000 ____D () C:\Users\Lonnie\Documents\01-05-2015
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 09:23 - 2014-12-28 09:17 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-04 09:23 - 2013-11-21 08:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-04 09:22 - 2014-12-28 09:17 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 08:40 - 2009-07-13 23:34 - 00022592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 08:40 - 2009-07-13 23:34 - 00022592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-04 08:37 - 2013-11-20 12:05 - 01309978 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 08:36 - 2014-06-04 09:55 - 00000995 _____ () C:\Users\Lonnie\Desktop\magicJack.lnk
2015-02-04 08:36 - 2014-06-04 09:55 - 00000981 _____ () C:\Users\Lonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk
2015-02-04 08:36 - 2014-05-28 21:36 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\mjusbsp
2015-02-04 08:32 - 2013-11-23 09:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-04 08:32 - 2013-11-21 10:31 - 00435310 _____ () C:\Windows\PFRO.log
2015-02-04 08:32 - 2013-11-20 09:30 - 00000000 ____D () C:\ProgramData\Kodak
2015-02-04 08:32 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 08:32 - 2009-07-13 23:39 - 00068023 _____ () C:\Windows\setupact.log
2015-02-03 09:03 - 2013-11-20 09:25 - 00000000 ____D () C:\Users\Lonnie
2015-02-02 06:49 - 2013-11-20 09:43 - 00000000 ____D () C:\Users\Lonnie\.gimp-2.8
2015-02-01 19:59 - 2013-11-23 09:26 - 00000000 ____D () C:\Users\Lonnie\AppData\Local\Firestorm
2015-01-31 07:38 - 2014-08-26 10:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-31 06:50 - 2013-12-01 09:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-30 09:40 - 2013-11-20 09:54 - 00000000 ____D () C:\Users\Lonnie\AppData\Local\gtk-2.0
2015-01-30 09:24 - 2014-09-13 19:09 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\vlc
2015-01-30 07:38 - 2013-11-20 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-01-30 07:27 - 2014-12-09 00:20 - 00618072 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-01-30 07:27 - 2014-12-09 00:20 - 00386768 _____ (COMODO) C:\Windows\system32\guard32.dll
2015-01-30 07:27 - 2014-12-09 00:20 - 00286424 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll
2015-01-30 07:27 - 2014-12-09 00:20 - 00091200 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-01-30 07:27 - 2014-12-09 00:20 - 00041248 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-01-30 07:27 - 2014-12-09 00:20 - 00040664 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll
2015-01-30 07:27 - 2014-12-09 00:20 - 00033520 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-01-30 07:27 - 2014-12-09 00:20 - 00017088 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-01-30 05:51 - 2013-11-20 10:59 - 00000000 ____D () C:\ProgramData\COMODO
2015-01-30 05:49 - 2013-11-20 10:58 - 00000000 ____D () C:\Program Files\Comodo
2015-01-30 04:25 - 2014-12-28 09:18 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-29 10:54 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-29 09:35 - 2013-09-27 05:28 - 00000000 ___HD () C:\VTRoot
2015-01-29 09:08 - 2013-11-21 23:05 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\Azureus
2015-01-26 21:19 - 2013-11-21 09:50 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-25 00:23 - 2013-11-21 08:59 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 00:23 - 2013-11-21 08:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-23 09:25 - 2009-07-13 21:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-19 07:41 - 2013-11-20 09:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-19 07:28 - 2013-11-20 09:54 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-16 11:16 - 2014-12-03 09:12 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-01-11 09:16 - 2015-01-04 08:16 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-11 09:16 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-11 09:16 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\registration
==================== Files in the root of some directories =======
2014-01-19 10:14 - 2014-01-19 10:14 - 0000000 _____ () C:\Users\Lonnie\AppData\Roaming\SharedSettings.ccs
2014-01-19 10:15 - 2014-01-19 10:15 - 0067992 _____ () C:\Users\Lonnie\AppData\Local\jkffplbl
2014-01-19 10:16 - 2014-01-19 10:16 - 0012326 _____ () C:\Users\Lonnie\AppData\Local\pavttpqp
2015-02-02 06:49 - 2015-02-02 06:49 - 0005250 _____ () C:\Users\Lonnie\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\Lonnie\AppData\Local\Temp\HitmanPro.exe
C:\Users\Lonnie\AppData\Local\Temp\Quarantine.exe
C:\Users\Lonnie\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signedScan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-01-2015
Ran by Lonnie (administrator) on LONNIE-PC on 04-02-2015 09:22:42
Running from C:\Users\Lonnie\Desktop
Loaded Profiles: Lonnie (Available profiles: Lonnie)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit.exe
(magicJack L.P.) C:\Users\Lonnie\AppData\Roaming\mjusbsp\magicJack.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
(Comodo) C:\Program Files\Comodo\Dragon\dragon.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-05] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM\...\Run: [EKStatusMonitor] => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2015-01-04] (Apple Inc.)
HKLM\...\Run: [ComodoFSChrome] => "C:\Program Files\AdTrustMedia\PrivDog\FinalizeSetup.exe" /c
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1243864 2015-02-04] (COMODO)
HKLM\...\Run: [tvncontrol] => C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\...\Run: [GoogleChromeAutoLaunch_A4AAD752A94AD0D07B3FA88181A919F9] => C:\Program Files\Comodo\Dragon\dragon.exe [725696 2014-12-28] (Comodo)
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\...\Run: [cdloader] => C:\Users\Lonnie\AppData\Roaming\mjusbsp\cdloader2.exe [51592 2015-02-04] (magicJack L.P.)
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\...\Run: [GoogleChromeAutoLaunch_5090660AF80758FEEBA1A8C0C9DF7D80] => C:\Program Files\Google\Chrome\Application\chrome.exe [843592 2015-01-26] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4227807349-2635072203-767282089-1001 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yah...}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-4227807349-2635072203-767282089-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yah...}&fr=chr-comodo
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{8270EF4F-3060-4E70-871D-BC3BABF46597}: [NameServer] 156.154.70.22,156.154.71.22
FireFox:
========
FF ProfilePath: C:\Users\Lonnie\AppData\Roaming\Mozilla\Firefox\Profiles\0937xwmn.default
FF Homepage: about:home
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4227807349-2635072203-767282089-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lonnie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\.xml
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig
CHR StartupUrls: Default -> "https://www.google.com/", "hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppp", "hxxp://isearch.omiga?type=hppppppppppppppppppppppppppppppppp"
CHR DefaultSearchKeyword: Default ->
CHR DefaultSearchURL: Default -> http://isearch.omiga...q={searchTerms}
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com...q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.94\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll No File
CHR Profile: C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bejeweled) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2014-12-28]
CHR Extension: (Ancient History Encyclopedia) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle [2014-12-28]
CHR Extension: (Angry Birds) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-26]
CHR Extension: (Facebook) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-12-28]
CHR Extension: (AdBlock Plus) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjmhchkipehceidlknhjhbgaipcnafm [2014-12-29]
CHR Extension: (Calculator) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\decmldkknaaemlafplkkdmmmelbdnlja [2014-12-28]
CHR Extension: (A Space Shooter for FREE) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa [2014-12-28]
CHR Extension: (Typing Lessons) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\heehkcnmhmdicclbnofindfmokhfnjag [2014-12-28]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-12-28]
CHR Extension: (sixty second shooter) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnlbhjpainpnikdjnmcmiaombhhchkg [2014-12-28]
CHR Extension: (Jamstash) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccdpflnecheidefpofmlblgebobbloc [2014-12-28]
CHR Extension: (WordPress.com) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2014-12-28]
CHR Extension: (Coloring Pages) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhphoobahjckipglphjghghlgodanfj [2014-12-28]
CHR Extension: (Fieldrunners) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2014-12-28]
CHR Extension: (Chain Rxn) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkdlfmoglbdpomddljgapccmlognoaf [2014-12-28]
CHR Extension: (Search Helper: Preview, Note, Tag, Hide etc) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\naddbmiihfcdfaeencbcmbpioghcjlje [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-19]
CHR Extension: (Sidekick by HubSpot) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd [2015-01-15]
CHR Extension: (Weather Underground) - C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-12-28]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70864 2015-01-30] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5868440 2015-02-04] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664216 2015-02-04] (COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2370240 2014-12-28] (Comodo Security Solutions, Inc.)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-10-29] (Teruten) [File not signed]
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2014-05-06] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-12-11] (Eastman Kodak Company)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14657824 2013-11-29] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2014-06-26] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [17088 2015-01-30] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [618072 2015-01-30] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [41248 2015-01-30] (COMODO)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-10-29] () [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [91200 2015-01-30] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-10-30] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-03 09:02 - 2015-02-03 09:03 - 00159072 _____ () C:\Windows\Minidump\020315-185641-01.dmp
2015-02-03 09:02 - 2015-02-03 09:02 - 00000000 ____D () C:\Windows\Minidump
2015-02-03 09:01 - 2015-02-03 09:01 - 290540326 _____ () C:\Windows\MEMORY.DMP
2015-02-03 08:57 - 2015-02-03 08:57 - 00000344 _____ () C:\Users\Lonnie\Desktop\fixlist.txt
2015-02-03 08:54 - 2015-02-03 08:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-LONNIE-PC-Windows-7-Home-Premium-(32-bit).dat
2015-02-03 08:52 - 2015-02-03 08:52 - 00002181 _____ () C:\Users\Lonnie\Desktop\Tweaking.com - Registry Backup.lnk
2015-02-03 08:52 - 2015-02-03 08:52 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-02-03 08:52 - 2015-02-03 08:52 - 00000000 ____D () C:\RegBackup
2015-02-03 08:52 - 2015-02-03 08:52 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-02-03 08:51 - 2015-02-03 08:51 - 04803888 _____ () C:\Users\Lonnie\Downloads\tweaking.com_registry_backup_setup.exe
2015-02-02 06:49 - 2015-02-02 06:49 - 00005250 _____ () C:\Users\Lonnie\AppData\Local\recently-used.xbel
2015-02-01 18:40 - 2015-02-01 18:45 - 242776064 _____ () C:\Users\Lonnie\Downloads\unicorn-6.2.1.91.iso
2015-01-31 18:56 - 2015-02-04 08:30 - 00004474 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-01-31 18:55 - 2015-01-31 18:55 - 00852573 _____ () C:\Users\Lonnie\Desktop\SecurityCheck.exe
2015-01-31 07:48 - 2015-01-31 07:48 - 02347384 _____ (ESET) C:\Users\Lonnie\Downloads\esetsmartinstaller_enu.exe
2015-01-31 07:48 - 2015-01-31 07:48 - 00000000 ____D () C:\Program Files\ESET
2015-01-31 07:46 - 2015-01-31 07:46 - 00074951 _____ () C:\Users\Lonnie\Desktop\MBAM.txt
2015-01-31 06:51 - 2015-02-04 08:35 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 06:50 - 2015-01-31 07:13 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-31 06:50 - 2015-01-31 07:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-31 06:50 - 2015-01-31 07:13 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-31 06:50 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-31 06:50 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-31 06:50 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-31 06:49 - 2015-01-31 06:49 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Lonnie\Desktop\mbam-setup-2.0.4.1028.exe
2015-01-30 07:38 - 2015-01-30 07:38 - 00000000 ____D () C:\Program Files\Common Files\COMODO
2015-01-30 06:20 - 2015-01-30 06:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-30 05:51 - 2015-02-04 09:22 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2015-01-30 05:51 - 2015-02-04 08:26 - 00001985 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-01-30 05:50 - 2015-01-30 05:50 - 00000000 ____D () C:\ProgramData\Shared Space
2015-01-30 05:48 - 2015-01-30 07:38 - 00002013 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2015-01-30 05:48 - 2015-01-30 05:48 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-01-30 05:45 - 2015-01-30 05:46 - 226075384 _____ (COMODO) C:\Users\Lonnie\Downloads\cispremium_installer_6100_08.exe
2015-01-29 23:13 - 2015-02-01 13:47 - 00022928 _____ () C:\Users\Lonnie\Desktop\Addition.txt
2015-01-29 23:12 - 2015-02-04 09:23 - 00018204 _____ () C:\Users\Lonnie\Desktop\FRST.txt
2015-01-29 23:00 - 2015-01-29 23:03 - 00000000 ____D () C:\AdwCleaner
2015-01-29 22:59 - 2015-01-29 22:59 - 02194432 _____ () C:\Users\Lonnie\Desktop\AdwCleaner.exe
2015-01-29 22:56 - 2015-01-29 22:56 - 00003785 _____ () C:\Users\Lonnie\Desktop\JRT.txt
2015-01-29 22:54 - 2015-01-29 22:54 - 01707939 _____ (Thisisu) C:\Users\Lonnie\Desktop\JRT.exe
2015-01-29 22:54 - 2015-01-29 22:54 - 00000000 ____D () C:\Windows\ERUNT
2015-01-29 22:46 - 2015-01-31 06:47 - 00000000 ____D () C:\Users\Lonnie\Desktop\FRST-OlderVersion
2015-01-29 10:44 - 2015-01-29 10:44 - 00045516 _____ () C:\Windows\system32\.crusader
2015-01-29 10:28 - 2015-01-29 22:48 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-29 10:28 - 2015-01-29 10:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-29 10:27 - 2015-01-29 10:28 - 10285456 _____ (SurfRight B.V.) C:\Users\Lonnie\Downloads\HitmanPro.exe
2015-01-29 10:06 - 2015-01-29 10:06 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Lonnie\Downloads\SpyHunter-Installer.exe
2015-01-29 09:20 - 2015-01-29 09:20 - 00000000 ____D () C:\themes
2015-01-29 09:20 - 2015-01-29 09:20 - 00000000 ____D () C:\cis
2015-01-29 09:20 - 2013-11-21 07:49 - 04814552 _____ (COMODO) C:\cmdinstall.exe
2015-01-29 09:20 - 2013-09-24 05:53 - 03360984 _____ (Terra Informatica Software, Inc.) C:\cmdhtml.dll
2015-01-29 09:20 - 2013-09-24 05:53 - 00281816 _____ (Igor Pavlov) C:\7za.dll
2015-01-29 08:21 - 2015-01-29 09:21 - 00000674 _____ () C:\Windows\system32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2015-01-29 08:21 - 2015-01-29 09:20 - 00001123 __RSH () C:\Windows\system32\{1606DC18-9578-4cbd-8312-8E9868F06A1D}.conf
2015-01-29 08:06 - 2015-01-29 08:06 - 00353699 _____ () C:\Users\Lonnie\Documents\CisReport_x86_v8.0.0.4344_20150129-080558.zip
2015-01-28 10:34 - 2015-01-28 10:36 - 00000045 _____ () C:\Users\Lonnie\Documents\Indiana TID number.txt
2015-01-26 21:23 - 2015-01-26 21:23 - 00000000 ____D () C:\Users\Lonnie\Documents\Empire Earth II
2015-01-26 21:14 - 2015-01-26 21:15 - 00000000 ____D () C:\Program Files\GameSpy Arcade
2015-01-26 21:14 - 2015-01-26 21:14 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-01-26 21:14 - 2015-01-26 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-01-26 09:23 - 2015-01-26 09:23 - 01120768 _____ (Farbar) C:\Users\Lonnie\Downloads\FRST (1).exe
2015-01-26 08:35 - 2015-01-26 08:36 - 04176437 _____ () C:\Users\Lonnie\Downloads\tdsskiller.zip
2015-01-26 08:30 - 2015-01-26 09:28 - 00038221 _____ () C:\Users\Lonnie\Downloads\Addition.txt
2015-01-26 08:28 - 2015-02-04 09:22 - 00000000 ____D () C:\FRST
2015-01-26 08:28 - 2015-01-26 09:28 - 00039281 _____ () C:\Users\Lonnie\Downloads\FRST.txt
2015-01-26 08:27 - 2015-01-31 06:47 - 01122304 _____ (Farbar) C:\Users\Lonnie\Desktop\FRST.exe
2015-01-24 21:55 - 2015-01-24 21:55 - 00056322 _____ () C:\Users\Lonnie\Desktop\Extras.Txt
2015-01-24 21:53 - 2015-01-24 21:53 - 00106122 _____ () C:\Users\Lonnie\Desktop\OTL.Txt
2015-01-24 21:38 - 2015-01-24 21:38 - 00602112 _____ (OldTimer Tools) C:\Users\Lonnie\Desktop\OTL (1).exe
2015-01-24 21:37 - 2015-01-24 21:37 - 00602112 _____ (OldTimer Tools) C:\Users\Lonnie\Downloads\OTL.exe
2015-01-24 07:43 - 2015-01-24 07:43 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\dvdcss
2015-01-23 11:40 - 2015-01-24 07:30 - 00000000 ____D () C:\Users\Lonnie\Desktop\Body work
2015-01-23 09:20 - 2015-01-23 09:24 - 00000010 _____ () C:\Users\Lonnie\Documents\New Text Document (2).txt
2015-01-23 09:15 - 2015-01-23 09:15 - 00347816 _____ (Microsoft Corporation) C:\Users\Lonnie\Downloads\MicrosoftFixit.HomeGroup.Run.exe
2015-01-22 20:23 - 2015-01-25 00:23 - 18126512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2015-01-13 14:18 - 2015-01-13 14:18 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-13 14:18 - 2015-01-13 14:18 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 14:18 - 2015-01-13 14:18 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 14:18 - 2015-01-13 14:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 14:18 - 2015-01-13 14:18 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 14:18 - 2015-01-13 14:18 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 11:31 - 2015-01-13 11:31 - 00000000 ____D () C:\Users\Lonnie\Documents\01-13-2015
2015-01-11 06:19 - 2015-01-11 06:19 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\Apple Computer
2015-01-06 08:42 - 2015-01-06 08:42 - 00000000 ____D () C:\Users\Lonnie\Documents\01-06-2015
2015-01-05 09:40 - 2015-01-05 09:47 - 00000000 ____D () C:\Users\Lonnie\Documents\01-05-2015
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 09:23 - 2014-12-28 09:17 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-04 09:23 - 2013-11-21 08:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-04 09:22 - 2014-12-28 09:17 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 08:40 - 2009-07-13 23:34 - 00022592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 08:40 - 2009-07-13 23:34 - 00022592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-04 08:37 - 2013-11-20 12:05 - 01309978 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 08:36 - 2014-06-04 09:55 - 00000995 _____ () C:\Users\Lonnie\Desktop\magicJack.lnk
2015-02-04 08:36 - 2014-06-04 09:55 - 00000981 _____ () C:\Users\Lonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk
2015-02-04 08:36 - 2014-05-28 21:36 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\mjusbsp
2015-02-04 08:32 - 2013-11-23 09:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-04 08:32 - 2013-11-21 10:31 - 00435310 _____ () C:\Windows\PFRO.log
2015-02-04 08:32 - 2013-11-20 09:30 - 00000000 ____D () C:\ProgramData\Kodak
2015-02-04 08:32 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 08:32 - 2009-07-13 23:39 - 00068023 _____ () C:\Windows\setupact.log
2015-02-03 09:03 - 2013-11-20 09:25 - 00000000 ____D () C:\Users\Lonnie
2015-02-02 06:49 - 2013-11-20 09:43 - 00000000 ____D () C:\Users\Lonnie\.gimp-2.8
2015-02-01 19:59 - 2013-11-23 09:26 - 00000000 ____D () C:\Users\Lonnie\AppData\Local\Firestorm
2015-01-31 07:38 - 2014-08-26 10:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-31 06:50 - 2013-12-01 09:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-30 09:40 - 2013-11-20 09:54 - 00000000 ____D () C:\Users\Lonnie\AppData\Local\gtk-2.0
2015-01-30 09:24 - 2014-09-13 19:09 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\vlc
2015-01-30 07:38 - 2013-11-20 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-01-30 07:27 - 2014-12-09 00:20 - 00618072 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-01-30 07:27 - 2014-12-09 00:20 - 00386768 _____ (COMODO) C:\Windows\system32\guard32.dll
2015-01-30 07:27 - 2014-12-09 00:20 - 00286424 _____ (COMODO) C:\Windows\system32\cmdvrt32.dll
2015-01-30 07:27 - 2014-12-09 00:20 - 00091200 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-01-30 07:27 - 2014-12-09 00:20 - 00041248 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-01-30 07:27 - 2014-12-09 00:20 - 00040664 _____ (COMODO) C:\Windows\system32\cmdkbd32.dll
2015-01-30 07:27 - 2014-12-09 00:20 - 00033520 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-01-30 07:27 - 2014-12-09 00:20 - 00017088 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-01-30 05:51 - 2013-11-20 10:59 - 00000000 ____D () C:\ProgramData\COMODO
2015-01-30 05:49 - 2013-11-20 10:58 - 00000000 ____D () C:\Program Files\Comodo
2015-01-30 04:25 - 2014-12-28 09:18 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-29 10:54 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-29 09:35 - 2013-09-27 05:28 - 00000000 ___HD () C:\VTRoot
2015-01-29 09:08 - 2013-11-21 23:05 - 00000000 ____D () C:\Users\Lonnie\AppData\Roaming\Azureus
2015-01-26 21:19 - 2013-11-21 09:50 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-25 00:23 - 2013-11-21 08:59 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 00:23 - 2013-11-21 08:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-23 09:25 - 2009-07-13 21:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-19 07:41 - 2013-11-20 09:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-19 07:28 - 2013-11-20 09:54 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-16 11:16 - 2014-12-03 09:12 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-01-11 09:16 - 2015-01-04 08:16 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-11 09:16 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-11 09:16 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\registration
==================== Files in the root of some directories =======
2014-01-19 10:14 - 2014-01-19 10:14 - 0000000 _____ () C:\Users\Lonnie\AppData\Roaming\SharedSettings.ccs
2014-01-19 10:15 - 2014-01-19 10:15 - 0067992 _____ () C:\Users\Lonnie\AppData\Local\jkffplbl
2014-01-19 10:16 - 2014-01-19 10:16 - 0012326 _____ () C:\Users\Lonnie\AppData\Local\pavttpqp
2015-02-02 06:49 - 2015-02-02 06:49 - 0005250 _____ () C:\Users\Lonnie\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\Lonnie\AppData\Local\Temp\HitmanPro.exe
C:\Users\Lonnie\AppData\Local\Temp\Quarantine.exe
C:\Users\Lonnie\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-03 00:24
==================== End Of Log ============================
LastRegBack: 2015-02-03 00:24
==================== End Of Log ============================
#49
Posted 04 February 2015 - 06:30 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Hello 
Can you post the fixlog.txt log that was produced when the machine crashed? It should located on the desktop. Also, I'd like to take a second look with TDSSKiller and run Zoek.
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.
Step 1: TDSSKiller
Please download TDSSKiller to the desktop.
Alternate download is here.
Step 2: Scan with Zoek
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.
Step 1: Scan with Zoek
Please download Zoek and save to the desktop.
You will need to temp' disable your current installed Anti-Virus/Security software, how to do so can be read here.
Things I need to see in your next post:
Please post each of these logs as a separate reply in this thread.
TDSSKiller Log
Zoek-results.log
Can you post the fixlog.txt log that was produced when the machine crashed? It should located on the desktop. Also, I'd like to take a second look with TDSSKiller and run Zoek.
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.
Step 1: TDSSKiller
Please download TDSSKiller to the desktop.
Alternate download is here.
- Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
- When the main GUI(graphical user interface) window opens, click on Change Parameters
- Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
- Click on Start Scan, the scan will run.
- When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
- A Report will have been created by TDSSKiller in your root directory C:\
- To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
- Post the contents of that log in your next reply please.
Step 2: Scan with Zoek
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.
Step 1: Scan with Zoek
Please download Zoek and save to the desktop.
You will need to temp' disable your current installed Anti-Virus/Security software, how to do so can be read here.
- Right-click on zoek.exe and select Run as Administrator .
- Once the GUI(graphical user interface) has loaded >> click on the More Options tab >> select Auto Clean only.
- Ensure the option Scan All Users is selected >> now click on the Run Script tab.
- Zoek will momentary close and a new GUI will appear and the scan will commence.
- Please be patient as the scan may take some time depending on the specifications of your computer.
- Once the scan is completed a log file named zoek-results.log will open via notepad, post the contents in your next reply.
- If the system requires a reboot after the aforementioned scan, click on OK at the prompt(the log will appear after the reboot).
- The zoek-results.log can also be found on your system drive.
Things I need to see in your next post:
Please post each of these logs as a separate reply in this thread.
TDSSKiller Log
Zoek-results.log
#50
Posted 05 February 2015 - 09:59 AM
trucker
- Topic Starter
-
- Member
-
- 233 posts
Member
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-01-2015
Ran by Lonnie at 2015-02-03 08:57:49 Run:4
Running from C:\Users\Lonnie\Desktop
Loaded Profiles: Lonnie (Available profiles: Lonnie)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {08E826DF-7983-4D33-AC73-520F8D7D04B0} - \PastaQuotes No Task File <==== ATTENTION
Reg: Reg Delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\grillaprice" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\grillaprice" /F
Emptytemp:
End
*****************
#51
Posted 05 February 2015 - 10:07 AM
trucker
- Topic Starter
-
- Member
-
- 233 posts
Member
10:59:54.0842 0x12f8 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
11:00:01.0312 0x12f8 ============================================================
11:00:01.0313 0x12f8 Current date / time: 2015/02/05 11:00:01.0312
11:00:01.0313 0x12f8 SystemInfo:
11:00:01.0313 0x12f8
11:00:01.0313 0x12f8 OS Version: 6.1.7601 ServicePack: 1.0
11:00:01.0313 0x12f8 Product type: Workstation
11:00:01.0313 0x12f8 ComputerName: LONNIE-PC
11:00:01.0313 0x12f8 UserName: Lonnie
11:00:01.0313 0x12f8 Windows directory: C:\Windows
11:00:01.0313 0x12f8 System windows directory: C:\Windows
11:00:01.0313 0x12f8 Processor architecture: Intel x86
11:00:01.0313 0x12f8 Number of processors: 2
11:00:01.0313 0x12f8 Page size: 0x1000
11:00:01.0313 0x12f8 Boot type: Normal boot
11:00:01.0313 0x12f8 ============================================================
11:00:15.0857 0x12f8 KLMD registered as C:\Windows\system32\drivers\30900151.sys
11:00:16.0994 0x12f8 System UUID: {301A0C63-FB2C-ABCB-4333-22455DDED439}
11:00:18.0759 0x12f8 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:00:26.0879 0x12f8 Drive \Device\Harddisk1\DR1 - Size: 0xF6E2BC00 ( 3.86 Gb ), SectorSize: 0x200, Cylinders: 0x1F7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:00:27.0287 0x12f8 ============================================================
11:00:27.0288 0x12f8 \Device\Harddisk0\DR0:
11:00:27.0314 0x12f8 MBR partitions:
11:00:27.0314 0x12f8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D20AED4
11:00:27.0314 0x12f8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D20B000, BlocksNum 0xE910C8F
11:00:27.0429 0x12f8 ============================================================
11:00:27.0798 0x12f8 C: <-> \Device\Harddisk0\DR0\Partition1
11:00:27.0871 0x12f8 D: <-> \Device\Harddisk0\DR0\Partition2
11:00:27.0871 0x12f8 ============================================================
11:00:27.0871 0x12f8 Initialize success
11:00:27.0871 0x12f8 ============================================================
11:00:31.0881 0x0954 ============================================================
11:00:31.0881 0x0954 Scan started
11:00:31.0881 0x0954 Mode: Manual;
11:00:31.0881 0x0954 ============================================================
11:00:31.0881 0x0954 KSN ping started
11:00:45.0744 0x0954 KSN ping finished: true
11:00:47.0803 0x0954 ================ Scan system memory ========================
11:00:47.0803 0x0954 System memory - ok
11:00:47.0803 0x0954 ================ Scan services =============================
11:00:50.0481 0x0954 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:00:50.0646 0x0954 1394ohci - ok
11:00:50.0756 0x0954 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:00:50.0768 0x0954 ACPI - ok
11:00:50.0839 0x0954 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:00:50.0993 0x0954 AcpiPmi - ok
11:00:51.0304 0x0954 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:00:51.0470 0x0954 AdobeARMservice - ok
11:00:51.0579 0x0954 [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:00:51.0585 0x0954 AdobeFlashPlayerUpdateSvc - ok
11:00:51.0736 0x0954 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:00:52.0004 0x0954 adp94xx - ok
11:00:52.0087 0x0954 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:00:52.0291 0x0954 adpahci - ok
11:00:52.0400 0x0954 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:00:52.0508 0x0954 adpu320 - ok
11:00:52.0555 0x0954 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:00:52.0564 0x0954 AeLookupSvc - ok
11:00:52.0752 0x0954 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
11:00:52.0760 0x0954 AFD - ok
11:00:52.0800 0x0954 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
11:00:52.0819 0x0954 agp440 - ok
11:00:52.0889 0x0954 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:00:52.0927 0x0954 aic78xx - ok
11:00:53.0000 0x0954 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
11:00:53.0012 0x0954 ALG - ok
11:00:53.0037 0x0954 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
11:00:53.0052 0x0954 aliide - ok
11:00:53.0104 0x0954 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:00:53.0161 0x0954 amdagp - ok
11:00:53.0200 0x0954 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
11:00:53.0208 0x0954 amdide - ok
11:00:53.0267 0x0954 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:00:53.0285 0x0954 AmdK8 - ok
11:00:53.0309 0x0954 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:00:53.0340 0x0954 AmdPPM - ok
11:00:53.0437 0x0954 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:00:53.0595 0x0954 amdsata - ok
11:00:53.0690 0x0954 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:00:53.0791 0x0954 amdsbs - ok
11:00:53.0833 0x0954 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:00:53.0834 0x0954 amdxata - ok
11:00:53.0927 0x0954 [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID C:\Windows\system32\drivers\appid.sys
11:00:54.0110 0x0954 AppID - ok
11:00:54.0178 0x0954 [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:00:54.0285 0x0954 AppIDSvc - ok
11:00:54.0338 0x0954 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
11:00:54.0350 0x0954 Appinfo - ok
11:00:54.0416 0x0954 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:00:54.0439 0x0954 arc - ok
11:00:54.0459 0x0954 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:00:54.0485 0x0954 arcsas - ok
11:00:55.0004 0x0954 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:00:55.0185 0x0954 aspnet_state - ok
11:00:55.0232 0x0954 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:00:55.0242 0x0954 AsyncMac - ok
11:00:55.0288 0x0954 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
11:00:55.0289 0x0954 atapi - ok
11:00:55.0445 0x0954 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:00:55.0477 0x0954 AudioEndpointBuilder - ok
11:00:55.0537 0x0954 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:00:55.0548 0x0954 Audiosrv - ok
11:00:55.0622 0x0954 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:00:55.0753 0x0954 AxInstSV - ok
11:00:55.0831 0x0954 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:00:55.0971 0x0954 b06bdrv - ok
11:00:56.0083 0x0954 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:00:56.0268 0x0954 b57nd60x - ok
11:00:56.0345 0x0954 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
11:00:56.0366 0x0954 BDESVC - ok
11:00:56.0427 0x0954 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
11:00:56.0443 0x0954 Beep - ok
11:00:56.0622 0x0954 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
11:00:56.0673 0x0954 BFE - ok
11:00:56.0812 0x0954 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
11:00:56.0854 0x0954 BITS - ok
11:00:56.0886 0x0954 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:00:56.0899 0x0954 blbdrive - ok
11:00:56.0957 0x0954 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:00:56.0972 0x0954 bowser - ok
11:00:56.0993 0x0954 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:00:56.0999 0x0954 BrFiltLo - ok
11:00:57.0020 0x0954 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:00:57.0032 0x0954 BrFiltUp - ok
11:00:57.0090 0x0954 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
11:00:57.0100 0x0954 Browser - ok
11:00:57.0175 0x0954 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:00:57.0312 0x0954 Brserid - ok
11:00:57.0338 0x0954 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:00:57.0361 0x0954 BrSerWdm - ok
11:00:57.0395 0x0954 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:00:57.0402 0x0954 BrUsbMdm - ok
11:00:57.0420 0x0954 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:00:57.0435 0x0954 BrUsbSer - ok
11:00:57.0456 0x0954 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:00:57.0475 0x0954 BTHMODEM - ok
11:00:57.0539 0x0954 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
11:00:57.0566 0x0954 bthserv - ok
11:00:57.0623 0x0954 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:00:57.0637 0x0954 cdfs - ok
11:00:57.0754 0x0954 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:00:57.0936 0x0954 cdrom - ok
11:00:58.0065 0x0954 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
11:00:58.0081 0x0954 CertPropSvc - ok
11:00:58.0184 0x0954 [ 34B4DB818E86C2822C2AF43108D660F1, 516831FF244C7D3018331D181278B81348A2160388BFB8DD215EEBEB2D947ED0 ] CFRMD C:\Windows\system32\DRIVERS\CFRMD.sys
11:00:58.0195 0x0954 CFRMD - ok
11:00:58.0266 0x0954 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:00:58.0283 0x0954 circlass - ok
11:00:58.0387 0x0954 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
11:00:58.0414 0x0954 CLFS - ok
11:00:58.0553 0x0954 [ E7FEED85EBA61455717A421E55217428, 26B1129601A49BB40B8A01BB8B3F1002F05C6189DDBD44DA889CA7C5B76CDCB3 ] CLPSLauncher C:\Program Files\Common Files\COMODO\launcher_service.exe
11:00:58.0555 0x0954 CLPSLauncher - ok
11:00:58.0791 0x0954 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:00:59.0106 0x0954 clr_optimization_v2.0.50727_32 - ok
11:00:59.0222 0x0954 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:00:59.0561 0x0954 clr_optimization_v4.0.30319_32 - ok
11:00:59.0620 0x0954 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:00:59.0653 0x0954 CmBatt - ok
11:01:00.0459 0x0954 [ 29CCF16C6212B7F0DCEA5F31DDE6319B, 1B52A384B55317032A8CAB28EAC6C79DA7B73FFBDE709F3E0127D6EB10306558 ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
11:01:00.0881 0x0954 CmdAgent - ok
11:01:01.0185 0x0954 [ 37767F0E536876355DD56F91D6FB7F59, 47336E261D5C08A2005FFAE2431DDAF06AA7A8544A3AEB56F9FA307DFD8C117C ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
11:01:01.0186 0x0954 cmderd - ok
11:01:01.0233 0x0954 [ 078D669C2F99BF8813298F28EB3C5074, 95AC509BBDFA06F255ADECB0E4ECD5A86B83F86D0150A6F7EFC2604B3D10BE2D ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
11:01:01.0252 0x0954 cmdGuard - ok
11:01:01.0289 0x0954 [ 4329475728F8D4C9A3A7F3B0ACA6C5C6, F2931D0E004B2799A6D5E359F4DA143FE7B8899D6DF383F5774C7426C4650D5C ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
11:01:01.0542 0x0954 cmdHlp - ok
11:01:01.0569 0x0954 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:01:01.0589 0x0954 cmdide - ok
11:01:01.0960 0x0954 [ CB3F27922714BB15FA78D0B096587B93, 85F626A33449E1F5B51889BE97FAF9200B76AF7BD247B7E85A634F23936F934C ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
11:01:02.0034 0x0954 cmdvirth - ok
11:01:02.0126 0x0954 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
11:01:02.0137 0x0954 CNG - ok
11:01:02.0169 0x0954 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:01:02.0187 0x0954 Compbatt - ok
11:01:02.0236 0x0954 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:01:02.0429 0x0954 CompositeBus - ok
11:01:02.0458 0x0954 COMSysApp - ok
11:01:02.0483 0x0954 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:01:02.0497 0x0954 crcdisk - ok
11:01:02.0547 0x0954 [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:01:02.0564 0x0954 CryptSvc - ok
11:01:02.0651 0x0954 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
11:01:02.0683 0x0954 DcomLaunch - ok
11:01:02.0735 0x0954 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
11:01:02.0747 0x0954 defragsvc - ok
11:01:02.0777 0x0954 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:01:02.0779 0x0954 DfsC - ok
11:01:02.0820 0x0954 [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:01:02.0959 0x0954 dg_ssudbus - ok
11:01:03.0503 0x0954 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:01:03.0530 0x0954 Dhcp - ok
11:01:03.0561 0x0954 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
11:01:03.0562 0x0954 discache - ok
11:01:03.0638 0x0954 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:01:03.0640 0x0954 Disk - ok
11:01:03.0670 0x0954 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:01:03.0676 0x0954 Dnscache - ok
11:01:03.0710 0x0954 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
11:01:04.0417 0x0954 dot3svc - ok
11:01:04.0599 0x0954 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
11:01:04.0605 0x0954 DPS - ok
11:01:05.0140 0x0954 [ E4A0D0C8F17073BE392F062DD1F6B50E, 26CF71517C09B24B6F6AB5AC902FF0D1426351BCCD6AB571510C83D0F6E32FE6 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
11:01:05.0256 0x0954 DragonUpdater - ok
11:01:05.0353 0x0954 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:01:05.0370 0x0954 drmkaud - ok
11:01:05.0445 0x0954 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:01:05.0745 0x0954 DXGKrnl - ok
11:01:05.0788 0x0954 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
11:01:05.0794 0x0954 EapHost - ok
11:01:06.0028 0x0954 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:01:07.0682 0x0954 ebdrv - ok
11:01:07.0718 0x0954 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe
11:01:07.0725 0x0954 EFS - ok
11:01:07.0962 0x0954 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:01:08.0406 0x0954 ehRecvr - ok
11:01:08.0454 0x0954 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
11:01:08.0490 0x0954 ehSched - ok
11:01:08.0681 0x0954 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:01:09.0121 0x0954 elxstor - ok
11:01:09.0298 0x0954 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:01:09.0310 0x0954 ErrDev - ok
11:01:09.0583 0x0954 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
11:01:09.0592 0x0954 EventSystem - ok
11:01:09.0659 0x0954 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
11:01:09.0840 0x0954 exfat - ok
11:01:09.0918 0x0954 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:01:09.0933 0x0954 fastfat - ok
11:01:10.0111 0x0954 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
11:01:10.0154 0x0954 Fax - ok
11:01:10.0242 0x0954 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:01:10.0256 0x0954 fdc - ok
11:01:10.0330 0x0954 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
11:01:10.0348 0x0954 fdPHost - ok
11:01:10.0400 0x0954 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
11:01:10.0423 0x0954 FDResPub - ok
11:01:10.0480 0x0954 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:01:10.0482 0x0954 FileInfo - ok
11:01:10.0530 0x0954 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:01:10.0554 0x0954 Filetrace - ok
11:01:10.0639 0x0954 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:01:10.0650 0x0954 flpydisk - ok
11:01:10.0751 0x0954 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:01:10.0767 0x0954 FltMgr - ok
11:01:11.0079 0x0954 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
11:01:12.0263 0x0954 FontCache - ok
11:01:12.0463 0x0954 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:01:12.0517 0x0954 FontCache3.0.0.0 - ok
11:01:12.0569 0x0954 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:01:12.0612 0x0954 FsDepends - ok
11:01:12.0698 0x0954 [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
11:01:12.0731 0x0954 FsUsbExDisk - ok
11:01:12.0864 0x0954 [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
11:01:12.0900 0x0954 FsUsbExService - ok
11:01:12.0966 0x0954 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:01:13.0191 0x0954 Fs_Rec - ok
11:01:13.0324 0x0954 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:01:13.0347 0x0954 fvevol - ok
11:01:13.0449 0x0954 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:01:13.0490 0x0954 gagp30kx - ok
11:01:14.0172 0x0954 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
11:01:14.0272 0x0954 GeekBuddyRSP - ok
11:01:14.0713 0x0954 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
11:01:15.0493 0x0954 gpsvc - ok
11:01:15.0759 0x0954 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:01:15.0762 0x0954 gupdate - ok
11:01:15.0816 0x0954 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:01:15.0819 0x0954 gupdatem - ok
11:01:16.0024 0x0954 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:01:16.0121 0x0954 gusvc - ok
11:01:16.0193 0x0954 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:01:16.0200 0x0954 hcw85cir - ok
11:01:16.0371 0x0954 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:01:16.0686 0x0954 HdAudAddService - ok
11:01:16.0801 0x0954 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:01:16.0819 0x0954 HDAudBus - ok
11:01:16.0901 0x0954 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:01:16.0955 0x0954 HidBatt - ok
11:01:16.0993 0x0954 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:01:17.0035 0x0954 HidBth - ok
11:01:17.0088 0x0954 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:01:17.0133 0x0954 HidIr - ok
11:01:17.0204 0x0954 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
11:01:17.0220 0x0954 hidserv - ok
11:01:17.0355 0x0954 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:01:17.0514 0x0954 HidUsb - ok
11:01:17.0608 0x0954 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
11:01:17.0639 0x0954 hkmsvc - ok
11:01:17.0743 0x0954 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:01:17.0776 0x0954 HomeGroupListener - ok
11:01:17.0872 0x0954 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:01:17.0904 0x0954 HomeGroupProvider - ok
11:01:18.0030 0x0954 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:01:18.0084 0x0954 HpSAMD - ok
11:01:18.0265 0x0954 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:01:18.0277 0x0954 HTTP - ok
11:01:18.0361 0x0954 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:01:18.0362 0x0954 hwpolicy - ok
11:01:18.0465 0x0954 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:01:18.0545 0x0954 i8042prt - ok
11:01:18.0748 0x0954 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:01:19.0310 0x0954 iaStorV - ok
11:01:19.0722 0x0954 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:01:20.0990 0x0954 idsvc - ok
11:01:21.0016 0x0954 IEEtwCollectorService - ok
11:01:21.0094 0x0954 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:01:21.0107 0x0954 iirsp - ok
11:01:21.0301 0x0954 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
11:01:21.0344 0x0954 IKEEXT - ok
11:01:21.0438 0x0954 [ A97DCC4B06710F36B30BC36FF1F96C06, D573FF53705C53A23CC7F356B2FC02D4FC65C962C3AD0D0B6B26434AEC619A0B ] inspect C:\Windows\system32\DRIVERS\inspect.sys
11:01:21.0596 0x0954 inspect - ok
11:01:22.0264 0x0954 [ 816EEF1A714ABF9A633F478EFAC8F24C, 362492F5922781CE1AD6EB3DC8415BBEC736A5046BF6D9E82C69BADDE86048B8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:01:23.0739 0x0954 IntcAzAudAddService - ok
11:01:23.0794 0x0954 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
11:01:23.0804 0x0954 intelide - ok
11:01:23.0870 0x0954 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:01:23.0880 0x0954 intelppm - ok
11:01:23.0908 0x0954 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:01:23.0933 0x0954 IPBusEnum - ok
11:01:23.0949 0x0954 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:01:23.0969 0x0954 IpFilterDriver - ok
11:01:24.0022 0x0954 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:01:24.0042 0x0954 iphlpsvc - ok
11:01:24.0086 0x0954 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:01:24.0216 0x0954 IPMIDRV - ok
11:01:24.0253 0x0954 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:01:24.0259 0x0954 IPNAT - ok
11:01:24.0279 0x0954 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:01:24.0283 0x0954 IRENUM - ok
11:01:24.0316 0x0954 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:01:24.0330 0x0954 isapnp - ok
11:01:24.0373 0x0954 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:01:24.0574 0x0954 iScsiPrt - ok
11:01:24.0621 0x0954 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:01:24.0629 0x0954 kbdclass - ok
11:01:24.0646 0x0954 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:01:24.0809 0x0954 kbdhid - ok
11:01:24.0819 0x0954 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe
11:01:24.0822 0x0954 KeyIso - ok
11:01:24.0937 0x0954 [ 00060003E6161944A9963FA9F24102BC, 9FB85A6542F8B17504A40798727266C5F618B09D74963747F06EAF80AE13ECDE ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
11:01:24.0951 0x0954 Kodak AiO Network Discovery Service - ok
11:01:25.0046 0x0954 [ 60301F8FDF519FFEC307A686209C33BE, B9A31478707B518967A6200813DCBD4DE03824FBFAB6E35D4FA4DA783FD6305A ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
11:01:25.0083 0x0954 Kodak AiO Status Monitor Service - ok
11:01:25.0122 0x0954 [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:01:25.0125 0x0954 KSecDD - ok
11:01:25.0165 0x0954 [ 1E1845606C5A4579F7F3D95796CC1ED1, 26A478A0B5417CBC880A7F2D977AAC5FBF40EC4296426B757D6ACCBBC09486CC ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:01:25.0170 0x0954 KSecPkg - ok
11:01:25.0206 0x0954 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:01:25.0226 0x0954 KtmRm - ok
11:01:25.0263 0x0954 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:01:25.0272 0x0954 LanmanServer - ok
11:01:25.0312 0x0954 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:01:25.0319 0x0954 LanmanWorkstation - ok
11:01:25.0352 0x0954 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:01:25.0356 0x0954 lltdio - ok
11:01:25.0387 0x0954 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:01:25.0402 0x0954 lltdsvc - ok
11:01:25.0416 0x0954 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:01:25.0423 0x0954 lmhosts - ok
11:01:25.0447 0x0954 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:01:25.0453 0x0954 LSI_FC - ok
11:01:25.0464 0x0954 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:01:25.0470 0x0954 LSI_SAS - ok
11:01:25.0486 0x0954 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:01:25.0491 0x0954 LSI_SAS2 - ok
11:01:25.0506 0x0954 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:01:25.0514 0x0954 LSI_SCSI - ok
11:01:25.0524 0x0954 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
11:01:25.0527 0x0954 luafv - ok
11:01:25.0570 0x0954 [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:01:25.0571 0x0954 MBAMProtector - ok
11:01:25.0710 0x0954 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
11:01:25.0791 0x0954 MBAMScheduler - ok
11:01:25.0848 0x0954 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
11:01:25.0870 0x0954 MBAMService - ok
11:01:25.0963 0x0954 [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:01:25.0968 0x0954 MBAMSwissArmy - ok
11:01:26.0004 0x0954 [ 312CD3307F600E7CD340B79B3DCB3A01, 861A6DFC53C69743129DAAFE73DECDE8D842475503E8D713E7CE5D22AC8D1370 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:01:26.0006 0x0954 MBAMWebAccessControl - ok
11:01:26.0039 0x0954 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:01:26.0163 0x0954 Mcx2Svc - ok
11:01:26.0185 0x0954 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:01:26.0206 0x0954 megasas - ok
11:01:26.0242 0x0954 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:01:26.0271 0x0954 MegaSR - ok
11:01:26.0302 0x0954 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
11:01:26.0305 0x0954 MMCSS - ok
11:01:26.0312 0x0954 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
11:01:26.0354 0x0954 Modem - ok
11:01:26.0372 0x0954 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:01:26.0373 0x0954 monitor - ok
11:01:26.0415 0x0954 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:01:26.0507 0x0954 mouclass - ok
11:01:26.0525 0x0954 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:01:26.0573 0x0954 mouhid - ok
11:01:26.0592 0x0954 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:01:26.0595 0x0954 mountmgr - ok
11:01:26.0653 0x0954 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:01:26.0929 0x0954 MozillaMaintenance - ok
11:01:26.0972 0x0954 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
11:01:27.0108 0x0954 mpio - ok
11:01:27.0144 0x0954 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:01:27.0184 0x0954 mpsdrv - ok
11:01:27.0245 0x0954 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:01:27.0264 0x0954 MpsSvc - ok
11:01:27.0294 0x0954 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:01:27.0472 0x0954 MRxDAV - ok
11:01:27.0519 0x0954 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:01:27.0523 0x0954 mrxsmb - ok
11:01:27.0538 0x0954 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:01:27.0547 0x0954 mrxsmb10 - ok
11:01:27.0561 0x0954 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:01:27.0564 0x0954 mrxsmb20 - ok
11:01:27.0591 0x0954 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
11:01:27.0704 0x0954 msahci - ok
11:01:27.0750 0x0954 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:01:27.0909 0x0954 msdsm - ok
11:01:27.0961 0x0954 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
11:01:27.0975 0x0954 MSDTC - ok
11:01:28.0026 0x0954 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:01:28.0027 0x0954 Msfs - ok
11:01:28.0039 0x0954 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:01:28.0042 0x0954 mshidkmdf - ok
11:01:28.0069 0x0954 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:01:28.0071 0x0954 msisadrv - ok
11:01:28.0114 0x0954 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:01:28.0127 0x0954 MSiSCSI - ok
11:01:28.0132 0x0954 msiserver - ok
11:01:28.0155 0x0954 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:01:28.0158 0x0954 MSKSSRV - ok
11:01:28.0176 0x0954 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:01:28.0179 0x0954 MSPCLOCK - ok
11:01:28.0198 0x0954 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:01:28.0201 0x0954 MSPQM - ok
11:01:28.0222 0x0954 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:01:28.0227 0x0954 MsRPC - ok
11:01:28.0261 0x0954 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:01:28.0263 0x0954 mssmbios - ok
11:01:28.0281 0x0954 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:01:28.0285 0x0954 MSTEE - ok
11:01:28.0300 0x0954 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:01:28.0303 0x0954 MTConfig - ok
11:01:28.0321 0x0954 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
11:01:28.0323 0x0954 Mup - ok
11:01:28.0377 0x0954 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
11:01:28.0390 0x0954 napagent - ok
11:01:28.0437 0x0954 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:01:28.0456 0x0954 NativeWifiP - ok
11:01:28.0519 0x0954 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:01:28.0554 0x0954 NDIS - ok
11:01:28.0595 0x0954 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:01:28.0598 0x0954 NdisCap - ok
11:01:28.0617 0x0954 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:01:28.0627 0x0954 NdisTapi - ok
11:01:28.0664 0x0954 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:01:28.0797 0x0954 Ndisuio - ok
11:01:28.0826 0x0954 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:01:28.0990 0x0954 NdisWan - ok
11:01:29.0019 0x0954 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:01:29.0148 0x0954 NDProxy - ok
11:01:29.0186 0x0954 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:01:29.0188 0x0954 NetBIOS - ok
11:01:29.0230 0x0954 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:01:29.0234 0x0954 NetBT - ok
11:01:29.0251 0x0954 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe
11:01:29.0253 0x0954 Netlogon - ok
11:01:29.0290 0x0954 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
11:01:29.0307 0x0954 Netman - ok
11:01:29.0347 0x0954 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:29.0494 0x0954 NetMsmqActivator - ok
11:01:29.0505 0x0954 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:29.0509 0x0954 NetPipeActivator - ok
11:01:29.0539 0x0954 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
11:01:29.0572 0x0954 netprofm - ok
11:01:29.0605 0x0954 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:29.0609 0x0954 NetTcpActivator - ok
11:01:29.0616 0x0954 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:29.0620 0x0954 NetTcpPortSharing - ok
11:01:29.0658 0x0954 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:01:29.0662 0x0954 nfrd960 - ok
11:01:29.0700 0x0954 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:01:29.0710 0x0954 NlaSvc - ok
11:01:29.0719 0x0954 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:01:29.0721 0x0954 Npfs - ok
11:01:29.0757 0x0954 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
11:01:29.0762 0x0954 nsi - ok
11:01:29.0782 0x0954 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:01:29.0783 0x0954 nsiproxy - ok
11:01:29.0856 0x0954 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:01:29.0907 0x0954 Ntfs - ok
11:01:29.0925 0x0954 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
11:01:29.0927 0x0954 Null - ok
11:01:30.0354 0x0954 [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:01:30.0587 0x0954 nvlddmkm - ok
11:01:30.0730 0x0954 [ 1D3878E5722F0AB3C22D04E88AC4AC55, F36048FA1CDDA5065AD1DEF1F08A241D1859A1BC199B073DCD1C355257A97D7C ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
11:01:30.0782 0x0954 NvNetworkService - ok
11:01:30.0821 0x0954 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:01:30.0969 0x0954 nvraid - ok
11:01:30.0987 0x0954 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:01:31.0149 0x0954 nvstor - ok
11:01:31.0749 0x0954 [ 4A5826E5CC2DA7DC33CB4FB8EA285508, 0270EEC5026B02A26ABFA5CC0FF62371277FA0BCB4492F1F7D567B749236E1D6 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
11:01:32.0251 0x0954 NvStreamSvc - ok
11:01:32.0325 0x0954 [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc C:\Windows\system32\nvvsvc.exe
11:01:32.0359 0x0954 nvsvc - ok
11:01:32.0403 0x0954 [ F9D6D29A55C289B8AF0858C267BE7126, 5EAC86DFC3F288994DF93FD8BECE910D8953EAFDB0ACE28D70FA866345BF4764 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
11:01:32.0549 0x0954 nvvad_WaveExtensible - ok
11:01:32.0574 0x0954 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:01:32.0580 0x0954 nv_agp - ok
11:01:32.0606 0x0954 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:01:32.0611 0x0954 ohci1394 - ok
11:01:32.0644 0x0954 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:01:32.0655 0x0954 p2pimsvc - ok
11:01:32.0712 0x0954 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
11:01:32.0739 0x0954 p2psvc - ok
11:01:32.0779 0x0954 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:01:32.0785 0x0954 Parport - ok
11:01:32.0815 0x0954 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:01:32.0818 0x0954 partmgr - ok
11:01:32.0831 0x0954 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:01:32.0834 0x0954 Parvdm - ok
11:01:32.0870 0x0954 [ 3A55D53687F16D9EF5BF307BBFEFCD9C, F1BB1B43442B151686500768C43A4D20CAA47427E78386953A42DDB42D9DDF0C ] PcaSvc C:\Windows\System32\pcasvc.dll
11:01:32.0878 0x0954 PcaSvc - ok
11:01:32.0914 0x0954 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
11:01:32.0922 0x0954 pci - ok
11:01:32.0945 0x0954 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
11:01:32.0946 0x0954 pciide - ok
11:01:32.0964 0x0954 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:01:32.0973 0x0954 pcmcia - ok
11:01:32.0987 0x0954 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
11:01:32.0988 0x0954 pcw - ok
11:01:33.0040 0x0954 [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:01:33.0259 0x0954 PEAUTH - ok
11:01:33.0352 0x0954 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
11:01:33.0570 0x0954 pla - ok
11:01:33.0632 0x0954 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:01:33.0649 0x0954 PlugPlay - ok
11:01:33.0677 0x0954 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:01:33.0683 0x0954 PNRPAutoReg - ok
11:01:33.0710 0x0954 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:01:33.0719 0x0954 PNRPsvc - ok
11:01:33.0763 0x0954 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:01:33.0903 0x0954 PolicyAgent - ok
11:01:33.0940 0x0954 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
11:01:33.0947 0x0954 Power - ok
11:01:33.0997 0x0954 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:01:34.0003 0x0954 PptpMiniport - ok
11:01:34.0020 0x0954 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:01:34.0024 0x0954 Processor - ok
11:01:34.0061 0x0954 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
11:01:34.0069 0x0954 ProfSvc - ok
11:01:34.0083 0x0954 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:01:34.0085 0x0954 ProtectedStorage - ok
11:01:34.0111 0x0954 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:01:34.0114 0x0954 Psched - ok
11:01:34.0188 0x0954 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:01:34.0266 0x0954 ql2300 - ok
11:01:34.0282 0x0954 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:01:34.0289 0x0954 ql40xx - ok
11:01:34.0320 0x0954 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
11:01:34.0332 0x0954 QWAVE - ok
11:01:34.0353 0x0954 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:01:34.0356 0x0954 QWAVEdrv - ok
11:01:34.0373 0x0954 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:01:34.0376 0x0954 RasAcd - ok
11:01:34.0413 0x0954 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:01:34.0417 0x0954 RasAgileVpn - ok
11:01:34.0434 0x0954 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
11:01:34.0443 0x0954 RasAuto - ok
11:01:34.0458 0x0954 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:01:34.0463 0x0954 Rasl2tp - ok
11:01:34.0498 0x0954 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
11:01:34.0672 0x0954 RasMan - ok
11:01:34.0690 0x0954 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:01:34.0695 0x0954 RasPppoe - ok
11:01:34.0721 0x0954 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:01:34.0726 0x0954 RasSstp - ok
11:01:34.0766 0x0954 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:01:34.0773 0x0954 rdbss - ok
11:01:34.0792 0x0954 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:01:34.0795 0x0954 rdpbus - ok
11:01:34.0816 0x0954 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:01:34.0817 0x0954 RDPCDD - ok
11:01:34.0847 0x0954 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:01:34.0847 0x0954 RDPENCDD - ok
11:01:34.0856 0x0954 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:01:34.0857 0x0954 RDPREFMP - ok
11:01:34.0931 0x0954 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:01:35.0066 0x0954 RdpVideoMiniport - ok
11:01:35.0098 0x0954 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:01:35.0238 0x0954 RDPWD - ok
11:01:35.0284 0x0954 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:01:35.0290 0x0954 rdyboost - ok
11:01:35.0322 0x0954 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:01:35.0331 0x0954 RemoteAccess - ok
11:01:35.0362 0x0954 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:01:35.0371 0x0954 RemoteRegistry - ok
11:01:35.0387 0x0954 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:01:35.0403 0x0954 RpcEptMapper - ok
11:01:35.0419 0x0954 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
11:01:35.0424 0x0954 RpcLocator - ok
11:01:35.0454 0x0954 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
11:01:35.0466 0x0954 RpcSs - ok
11:01:35.0497 0x0954 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:01:35.0502 0x0954 rspndr - ok
11:01:35.0565 0x0954 [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
11:01:35.0772 0x0954 RTL8167 - ok
11:01:35.0790 0x0954 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe
11:01:35.0793 0x0954 SamSs - ok
11:01:35.0842 0x0954 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:01:35.0964 0x0954 sbp2port - ok
11:01:36.0006 0x0954 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:01:36.0016 0x0954 SCardSvr - ok
11:01:36.0037 0x0954 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:01:36.0154 0x0954 scfilter - ok
11:01:36.0220 0x0954 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
11:01:36.0430 0x0954 Schedule - ok
11:01:36.0457 0x0954 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:01:36.0460 0x0954 SCPolicySvc - ok
11:01:36.0493 0x0954 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:01:36.0618 0x0954 SDRSVC - ok
11:01:36.0655 0x0954 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:01:36.0658 0x0954 secdrv - ok
11:01:36.0685 0x0954 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
11:01:36.0690 0x0954 seclogon - ok
11:01:36.0708 0x0954 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
11:01:36.0713 0x0954 SENS - ok
11:01:36.0734 0x0954 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:01:36.0740 0x0954 SensrSvc - ok
11:01:36.0746 0x0954 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:01:36.0750 0x0954 Serenum - ok
11:01:36.0781 0x0954 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:01:36.0787 0x0954 Serial - ok
11:01:36.0816 0x0954 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:01:36.0820 0x0954 sermouse - ok
11:01:36.0857 0x0954 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
11:01:36.0863 0x0954 SessionEnv - ok
11:01:36.0890 0x0954 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:01:36.0893 0x0954 sffdisk - ok
11:01:36.0927 0x0954 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:01:36.0931 0x0954 sffp_mmc - ok
11:01:36.0955 0x0954 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:01:37.0084 0x0954 sffp_sd - ok
11:01:37.0106 0x0954 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:01:37.0109 0x0954 sfloppy - ok
11:01:37.0157 0x0954 [ C97E0F487690FB0C7221168465982810, 0FF3811D964EAF66719F8FA499FBE2B3ECD867667CF9A87832ED17DC9B2A3375 ] sgdqjv C:\Windows\system32\drivers\bgvewhov.sys
11:01:37.0270 0x0954 sgdqjv - ok
11:01:37.0329 0x0954 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:01:37.0347 0x0954 SharedAccess - ok
11:01:37.0385 0x0954 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:01:37.0398 0x0954 ShellHWDetection - ok
11:01:37.0433 0x0954 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:01:37.0438 0x0954 sisagp - ok
11:01:37.0466 0x0954 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:01:37.0470 0x0954 SiSRaid2 - ok
11:01:37.0486 0x0954 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:01:37.0491 0x0954 SiSRaid4 - ok
11:01:37.0519 0x0954 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:01:37.0524 0x0954 Smb - ok
11:01:37.0570 0x0954 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:01:37.0576 0x0954 SNMPTRAP - ok
11:01:37.0608 0x0954 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
11:01:37.0610 0x0954 spldr - ok
11:01:37.0649 0x0954 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
11:01:37.0662 0x0954 Spooler - ok
11:01:37.0791 0x0954 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
11:01:37.0911 0x0954 sppsvc - ok
11:01:37.0949 0x0954 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:01:38.0054 0x0954 sppuinotify - ok
11:01:38.0092 0x0954 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:01:38.0102 0x0954 srv - ok
11:01:38.0120 0x0954 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:01:38.0129 0x0954 srv2 - ok
11:01:38.0142 0x0954 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:01:38.0147 0x0954 srvnet - ok
11:01:38.0183 0x0954 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:01:38.0192 0x0954 SSDPSRV - ok
11:01:38.0207 0x0954 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:01:38.0216 0x0954 SstpSvc - ok
11:01:38.0255 0x0954 [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:01:38.0402 0x0954 ssudmdm - ok
11:01:38.0461 0x0954 [ 5DA84663B5DC64AF9D5E944D809A6099, C5D427F019081BF93C08391845E7B22A9AFCE7D3A6E6F8EA1F36566F05F9843E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:01:38.0471 0x0954 Stereo Service - ok
11:01:38.0498 0x0954 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:01:38.0501 0x0954 stexstor - ok
11:01:38.0542 0x0954 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
11:01:38.0707 0x0954 StiSvc - ok
11:01:38.0731 0x0954 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
11:01:38.0735 0x0954 swenum - ok
11:01:38.0773 0x0954 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
11:01:38.0789 0x0954 swprv - ok
11:01:38.0859 0x0954 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
11:01:38.0912 0x0954 SysMain - ok
11:01:38.0949 0x0954 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:01:38.0955 0x0954 TabletInputService - ok
11:01:38.0998 0x0954 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
11:01:39.0164 0x0954 TapiSrv - ok
11:01:39.0197 0x0954 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
11:01:39.0205 0x0954 TBS - ok
11:01:39.0298 0x0954 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:01:39.0351 0x0954 Tcpip - ok
11:01:39.0423 0x0954 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:01:39.0452 0x0954 TCPIP6 - ok
11:01:39.0493 0x0954 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:01:39.0614 0x0954 tcpipreg - ok
11:01:39.0644 0x0954 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:01:39.0761 0x0954 TDPIPE - ok
11:01:39.0787 0x0954 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:01:39.0790 0x0954 TDTCP - ok
11:01:39.0817 0x0954 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:01:39.0941 0x0954 tdx - ok
11:01:39.0965 0x0954 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:01:40.0080 0x0954 TermDD - ok
11:01:40.0122 0x0954 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
11:01:40.0141 0x0954 TermService - ok
11:01:40.0182 0x0954 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
11:01:40.0187 0x0954 Themes - ok
11:01:40.0220 0x0954 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
11:01:40.0224 0x0954 THREADORDER - ok
11:01:40.0268 0x0954 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
11:01:40.0274 0x0954 TrkWks - ok
11:01:40.0327 0x0954 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:01:40.0332 0x0954 TrustedInstaller - ok
11:01:40.0363 0x0954 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:01:40.0478 0x0954 tssecsrv - ok
11:01:40.0529 0x0954 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:01:40.0649 0x0954 TsUsbFlt - ok
11:01:40.0679 0x0954 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:01:40.0815 0x0954 tunnel - ok
11:01:40.0853 0x0954 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:01:40.0857 0x0954 uagp35 - ok
11:01:40.0898 0x0954 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:01:41.0080 0x0954 udfs - ok
11:01:41.0117 0x0954 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:01:41.0125 0x0954 UI0Detect - ok
11:01:41.0170 0x0954 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:01:41.0174 0x0954 uliagpkx - ok
11:01:41.0197 0x0954 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
11:01:41.0336 0x0954 umbus - ok
11:01:41.0355 0x0954 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:01:41.0358 0x0954 UmPass - ok
11:01:41.0392 0x0954 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
11:01:41.0409 0x0954 upnphost - ok
11:01:41.0451 0x0954 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:01:41.0594 0x0954 usbaudio - ok
11:01:41.0624 0x0954 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:01:41.0745 0x0954 usbccgp - ok
11:01:41.0781 0x0954 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:01:41.0897 0x0954 usbcir - ok
11:01:41.0933 0x0954 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:01:42.0066 0x0954 usbehci - ok
11:01:42.0112 0x0954 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:01:42.0307 0x0954 usbhub - ok
11:01:42.0328 0x0954 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:01:42.0432 0x0954 usbohci - ok
11:01:42.0466 0x0954 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:01:42.0470 0x0954 usbprint - ok
11:01:42.0509 0x0954 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:01:42.0640 0x0954 usbscan - ok
11:01:42.0659 0x0954 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:01:42.0785 0x0954 USBSTOR - ok
11:01:42.0809 0x0954 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:01:42.0909 0x0954 usbuhci - ok
11:01:42.0940 0x0954 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
11:01:42.0945 0x0954 UxSms - ok
11:01:42.0953 0x0954 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe
11:01:42.0956 0x0954 VaultSvc - ok
11:01:42.0992 0x0954 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:01:42.0994 0x0954 vdrvroot - ok
11:01:43.0040 0x0954 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
11:01:43.0216 0x0954 vds - ok
11:01:43.0257 0x0954 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:01:43.0261 0x0954 vga - ok
11:01:43.0285 0x0954 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:01:43.0288 0x0954 VgaSave - ok
11:01:43.0306 0x0954 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:01:43.0483 0x0954 vhdmp - ok
11:01:43.0508 0x0954 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:01:43.0512 0x0954 viaagp - ok
11:01:43.0543 0x0954 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:01:43.0553 0x0954 ViaC7 - ok
11:01:43.0584 0x0954 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
11:01:43.0587 0x0954 viaide - ok
11:01:43.0611 0x0954 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:01:43.0613 0x0954 volmgr - ok
11:01:43.0639 0x0954 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:01:43.0679 0x0954 volmgrx - ok
11:01:43.0720 0x0954 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:01:43.0728 0x0954 volsnap - ok
11:01:43.0737 0x0bc0 Object required for P2P: [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio
11:01:43.0761 0x0954 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:01:43.0769 0x0954 vsmraid - ok
11:01:43.0843 0x0954 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
11:01:44.0064 0x0954 VSS - ok
11:01:44.0085 0x0954 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:01:44.0089 0x0954 vwifibus - ok
11:01:44.0127 0x0954 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
11:01:44.0140 0x0954 W32Time - ok
11:01:44.0163 0x0954 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:01:44.0166 0x0954 WacomPen - ok
11:01:44.0206 0x0954 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:01:44.0344 0x0954 WANARP - ok
11:01:44.0356 0x0954 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:01:44.0358 0x0954 Wanarpv6 - ok
11:01:44.0434 0x0954 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:01:44.0650 0x0954 WatAdminSvc - ok
11:01:44.0712 0x0954 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
11:01:44.0938 0x0954 wbengine - ok
11:01:44.0970 0x0954 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:01:44.0981 0x0954 WbioSrvc - ok
11:01:45.0020 0x0954 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:01:45.0172 0x0954 wcncsvc - ok
11:01:45.0199 0x0954 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:01:45.0206 0x0954 WcsPlugInService - ok
11:01:45.0228 0x0954 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:01:45.0232 0x0954 Wd - ok
11:01:45.0276 0x0954 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:01:45.0292 0x0954 Wdf01000 - ok
11:01:45.0305 0x0954 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:01:45.0311 0x0954 WdiServiceHost - ok
11:01:45.0319 0x0954 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:01:45.0324 0x0954 WdiSystemHost - ok
11:01:45.0354 0x0954 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
11:01:45.0519 0x0954 WebClient - ok
11:01:45.0558 0x0954 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:01:45.0600 0x0954 Wecsvc - ok
11:01:45.0612 0x0954 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:01:45.0617 0x0954 wercplsupport - ok
11:01:45.0653 0x0954 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
11:01:45.0659 0x0954 WerSvc - ok
11:01:45.0692 0x0954 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:01:45.0695 0x0954 WfpLwf - ok
11:01:45.0709 0x0954 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:01:45.0713 0x0954 WIMMount - ok
11:01:45.0782 0x0954 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:01:45.0973 0x0954 WinDefend - ok
11:01:45.0993 0x0954 WinHttpAutoProxySvc - ok
11:01:46.0058 0x0954 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:01:46.0068 0x0954 Winmgmt - ok
11:01:46.0136 0x0954 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
11:01:46.0187 0x0954 WinRM - ok
11:01:46.0221 0x0954 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:01:46.0344 0x0954 WinUsb - ok
11:01:46.0399 0x0954 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:01:46.0452 0x0954 Wlansvc - ok
11:01:46.0485 0x0954 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:01:46.0489 0x0954 WmiAcpi - ok
11:01:46.0521 0x0954 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:01:46.0531 0x0954 wmiApSrv - ok
11:01:46.0633 0x0954 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:01:46.0684 0x0954 WMPNetworkSvc - ok
11:01:46.0700 0x0954 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:01:46.0706 0x0954 WPCSvc - ok
11:01:46.0731 0x0954 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:01:46.0878 0x0954 WPDBusEnum - ok
11:01:46.0893 0x0954 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:01:46.0896 0x0954 ws2ifsl - ok
11:01:46.0920 0x0954 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
11:01:46.0926 0x0954 wscsvc - ok
11:01:46.0932 0x0954 WSearch - ok
11:01:47.0039 0x0954 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
11:01:47.0115 0x0954 wuauserv - ok
11:01:47.0150 0x0954 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:01:47.0272 0x0954 WudfPf - ok
11:01:47.0308 0x0954 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:01:47.0475 0x0954 WUDFRd - ok
11:01:47.0609 0x0954 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:01:47.0615 0x0954 wudfsvc - ok
11:01:47.0648 0x0954 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
11:01:47.0811 0x0954 WwanSvc - ok
11:01:47.0819 0x0954 ================ Scan global ===============================
11:01:47.0850 0x0954 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
11:01:47.0888 0x0954 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:01:47.0906 0x0954 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:01:47.0941 0x0954 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:01:47.0978 0x0954 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
11:01:47.0995 0x0954 [ Global ] - ok
11:01:47.0996 0x0954 ================ Scan MBR ==================================
11:01:48.0006 0x0954 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:01:48.0187 0x0954 \Device\Harddisk0\DR0 - ok
11:01:48.0187 0x0954 ================ Scan VBR ==================================
11:01:48.0190 0x0954 [ E6568295D6FF1B2780AAE9387D776FF5 ] \Device\Harddisk0\DR0\Partition1
11:01:48.0192 0x0954 \Device\Harddisk0\DR0\Partition1 - ok
11:01:48.0195 0x0954 [ 57ECB04DD5A9F3ED683EBFA6FAFD12BB ] \Device\Harddisk0\DR0\Partition2
11:01:48.0222 0x0954 \Device\Harddisk0\DR0\Partition2 - ok
11:01:48.0223 0x0954 ================ Scan generic autorun ======================
11:01:48.0686 0x0954 [ D70D4FE47BCBE1EF9170F110A19BEC34, 3BC9313F3A188CA61A05C958EFB519EA1E82F051A4C44BB82FD3A6CD42BE38AB ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
11:01:49.0237 0x0954 RtHDVCpl - ok
11:01:49.0345 0x0954 [ 1E7FF436A5395FE57AB5FC662FC3767F, 3C2A961BD05DB1C3398753644E1E8C483BE2E3FC2758312D628E05FF17E97E8C ] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
11:01:49.0366 0x0954 Nvtmru - ok
11:01:49.0405 0x0954 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\system32\rundll32.exe
11:01:49.0410 0x0954 ShadowPlay - ok
11:01:49.0463 0x0954 [ 6ED26E255607F4BA8812E62E496C35ED, 79FEA2ECE218341D122808504CA18FA0B0EA3366B99A8AD042666ECDA08AD5C9 ] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
11:01:49.0470 0x0954 KiesTrayAgent - ok
11:01:49.0591 0x0954 [ B644A9A9A8ADDEC20E7956373130AC2D, 890F75F912BE29A62B4AF35680E12CA8F13800025EDCF8B1D9DF7662BBF28DBA ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
11:01:49.0673 0x0954 NvBackend - ok
11:01:49.0681 0x0954 Conime - ok
11:01:49.0834 0x0954 [ 0BA95C4CD5C908CEDAD87036126E3AB1, AFABCB336EF36B928F5573785F9910EE16B4563C44CEE0662EA58F8E60F9E020 ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
11:01:49.0915 0x0954 EKStatusMonitor - ok
11:01:49.0991 0x0954 [ F7DD2D785280DB73DC9060F80361BEFB, 7AF1114FFA46290DC77CC5D562034287A0E617BD4747F58E65CDF70244C402CB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:01:49.0994 0x0954 APSDaemon - ok
11:01:49.0995 0x0954 ComodoFSChrome - ok
11:01:50.0099 0x0954 [ A3022CDC851A1EF359C8C2364B3DBB02, 1DA909F143CF9754DAC7715C65B5F706103F6E7E2CCDFB34EA4B5CCE9C53178D ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
11:01:50.0153 0x0954 COMODO Internet Security - ok
11:01:50.0271 0x0954 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
11:01:50.0353 0x0954 tvncontrol - ok
11:01:50.0436 0x0954 [ 7BDA05509585396989E523BEDE832E9B, 27590FF2A468F977FC834FF30AA7C39C9062173A6B4B14671D1FFB84DCF2042F ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
11:01:50.0556 0x0954 Malwarebytes Anti-Malware (cleanup) - ok
11:01:50.0732 0x0954 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:01:50.0790 0x0954 Sidebar - ok
11:01:50.0833 0x0954 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:01:50.0842 0x0954 mctadmin - ok
11:01:50.0890 0x0954 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:01:50.0940 0x0954 Sidebar - ok
11:01:50.0950 0x0954 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:01:50.0954 0x0954 mctadmin - ok
11:01:51.0011 0x0954 [ 81A15A5C41AC28A83794FD978630B78F, 5C1B57C96AE49E2BFCAA61F3CD82791CBDFD98EC4088CFBE4EF0B0993AAAB8BB ] C:\Program Files\Comodo\Dragon\dragon.exe
11:01:51.0026 0x0954 GoogleChromeAutoLaunch_A4AAD752A94AD0D07B3FA88181A919F9 - ok
11:01:51.0151 0x0954 [ 7C0AA66E6352337EF923BA8B3AEB099D, C5498B7CBB6D8359BBFFBF998CF903626780D494B6AB88FC5951A7DE576DA3F6 ] C:\Users\Lonnie\AppData\Roaming\mjusbsp\cdloader2.exe
11:01:51.0311 0x0954 cdloader - ok
11:01:51.0406 0x0954 [ 749E4BF1FA6DB8C3F9C2B7F29A544F95, 3A1A599B60A78CB2BAA782AEE22DCE4B6FC59907733A5D204C46A8C6A120BAFC ] C:\Program Files\Google\Chrome\Application\chrome.exe
11:01:51.0424 0x0954 GoogleChromeAutoLaunch_5090660AF80758FEEBA1A8C0C9DF7D80 - ok
11:01:51.0426 0x0954 Waiting for KSN requests completion. In queue: 266
11:01:52.0427 0x0954 Waiting for KSN requests completion. In queue: 266
11:01:53.0427 0x0954 Waiting for KSN requests completion. In queue: 266
11:01:54.0427 0x0954 Waiting for KSN requests completion. In queue: 266
11:01:55.0427 0x0954 Waiting for KSN requests completion. In queue: 266
11:01:56.0427 0x0954 Waiting for KSN requests completion. In queue: 266
11:01:57.0427 0x0954 Waiting for KSN requests completion. In queue: 266
11:01:57.0459 0x0bc0 Object send P2P result: true
11:01:58.0688 0x0954 AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.1.0.4426 ), 0x61000 ( enabled : updated )
11:01:58.0703 0x0954 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.1.0.4426 ), 0x61010 ( enabled )
11:02:01.0200 0x0954 ============================================================
11:02:01.0200 0x0954 Scan finished
11:02:01.0200 0x0954 ============================================================
11:02:01.0211 0x15c4 Detected object count: 0
11:02:01.0211 0x15c4 Actual detected object count: 0
11:04:11.0497 0x034c ============================================================
11:04:11.0497 0x034c Scan started
11:04:11.0497 0x034c Mode: Manual; SigCheck; TDLFS;
11:04:11.0497 0x034c ============================================================
11:04:11.0498 0x034c KSN ping started
11:04:24.0955 0x034c KSN ping finished: true
11:04:25.0770 0x034c ================ Scan system memory ========================
11:04:25.0770 0x034c System memory - ok
11:04:25.0771 0x034c ================ Scan services =============================
11:04:25.0907 0x034c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:04:26.0308 0x034c 1394ohci - ok
11:04:26.0340 0x034c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:04:26.0363 0x034c ACPI - ok
11:04:26.0381 0x034c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:04:26.0435 0x034c AcpiPmi - ok
11:04:26.0513 0x034c [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:04:26.0529 0x034c AdobeARMservice - ok
11:04:26.0562 0x034c [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:04:26.0581 0x034c AdobeFlashPlayerUpdateSvc - ok
11:04:26.0621 0x034c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:04:26.0647 0x034c adp94xx - ok
11:04:26.0671 0x034c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:04:26.0694 0x034c adpahci - ok
11:04:26.0718 0x034c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:04:26.0736 0x034c adpu320 - ok
11:04:26.0764 0x034c [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:04:26.0818 0x034c AeLookupSvc - ok
11:04:26.0862 0x034c [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
11:04:26.0903 0x034c AFD - ok
11:04:26.0926 0x034c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
11:04:26.0942 0x034c agp440 - ok
11:04:26.0974 0x034c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:04:26.0992 0x034c aic78xx - ok
11:04:27.0035 0x034c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
11:04:27.0072 0x034c ALG - ok
11:04:27.0089 0x034c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
11:04:27.0104 0x034c aliide - ok
11:04:27.0164 0x034c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:04:27.0189 0x034c amdagp - ok
11:04:27.0235 0x034c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
11:04:27.0250 0x034c amdide - ok
11:04:27.0268 0x034c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:04:27.0348 0x034c AmdK8 - ok
11:04:27.0432 0x034c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:04:27.0570 0x034c AmdPPM - ok
11:04:27.0638 0x034c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:04:27.0656 0x034c amdsata - ok
11:04:27.0700 0x034c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:04:27.0719 0x034c amdsbs - ok
11:04:27.0735 0x034c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:04:27.0752 0x034c amdxata - ok
11:04:27.0804 0x034c [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID C:\Windows\system32\drivers\appid.sys
11:04:27.0926 0x034c AppID - ok
11:04:27.0954 0x034c [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:04:28.0012 0x034c AppIDSvc - ok
11:04:28.0048 0x034c [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
11:04:28.0088 0x034c Appinfo - ok
11:04:28.0118 0x034c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:04:28.0134 0x034c arc - ok
11:04:28.0146 0x034c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:04:28.0167 0x034c arcsas - ok
11:04:28.0248 0x034c [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:04:28.0267 0x034c aspnet_state - ok
11:04:28.0276 0x034c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:04:28.0371 0x034c AsyncMac - ok
11:04:28.0397 0x034c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
11:04:28.0412 0x034c atapi - ok
11:04:28.0455 0x034c [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:04:28.0497 0x034c AudioEndpointBuilder - ok
11:04:28.0530 0x034c [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:04:28.0559 0x034c Audiosrv - ok
11:04:28.0590 0x034c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:04:28.0627 0x034c AxInstSV - ok
11:04:28.0673 0x034c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:04:28.0725 0x034c b06bdrv - ok
11:04:28.0750 0x034c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:04:28.0792 0x034c b57nd60x - ok
11:04:28.0813 0x034c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
11:04:28.0845 0x034c BDESVC - ok
11:04:28.0862 0x034c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
11:04:28.0904 0x034c Beep - ok
11:04:28.0957 0x034c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
11:04:28.0996 0x034c BFE - ok
11:04:29.0038 0x034c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
11:04:29.0175 0x034c BITS - ok
11:04:29.0212 0x034c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:04:29.0229 0x034c blbdrive - ok
11:04:29.0258 0x034c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:04:29.0354 0x034c bowser - ok
11:04:29.0370 0x034c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:04:29.0425 0x034c BrFiltLo - ok
11:04:29.0438 0x034c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:04:29.0466 0x034c BrFiltUp - ok
11:04:29.0500 0x034c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
11:04:29.0534 0x034c Browser - ok
11:04:29.0601 0x034c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:04:29.0637 0x034c Brserid - ok
11:04:29.0665 0x034c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:04:29.0710 0x034c BrSerWdm - ok
11:04:29.0730 0x034c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:04:29.0764 0x034c BrUsbMdm - ok
11:04:29.0780 0x034c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:04:29.0813 0x034c BrUsbSer - ok
11:04:29.0832 0x034c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:04:29.0869 0x034c BTHMODEM - ok
11:04:29.0899 0x034c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
11:04:29.0949 0x034c bthserv - ok
11:04:29.0966 0x034c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:04:30.0016 0x034c cdfs - ok
11:04:30.0048 0x034c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:04:30.0082 0x034c cdrom - ok
11:04:30.0109 0x034c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
11:04:30.0154 0x034c CertPropSvc - ok
11:04:30.0177 0x034c [ 34B4DB818E86C2822C2AF43108D660F1, 516831FF244C7D3018331D181278B81348A2160388BFB8DD215EEBEB2D947ED0 ] CFRMD C:\Windows\system32\DRIVERS\CFRMD.sys
11:04:30.0257 0x034c CFRMD - ok
11:04:30.0276 0x034c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:04:30.0307 0x034c circlass - ok
11:04:30.0363 0x034c [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
11:04:30.0387 0x034c CLFS - ok
11:04:30.0479 0x034c [ E7FEED85EBA61455717A421E55217428, 26B1129601A49BB40B8A01BB8B3F1002F05C6189DDBD44DA889CA7C5B76CDCB3 ] CLPSLauncher C:\Program Files\Common Files\COMODO\launcher_service.exe
11:04:30.0496 0x034c CLPSLauncher - ok
11:04:30.0584 0x034c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:04:30.0601 0x034c clr_optimization_v2.0.50727_32 - ok
11:04:30.0623 0x034c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:04:30.0644 0x034c clr_optimization_v4.0.30319_32 - ok
11:04:30.0672 0x034c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:04:30.0706 0x034c CmBatt - ok
11:04:31.0034 0x034c [ 29CCF16C6212B7F0DCEA5F31DDE6319B, 1B52A384B55317032A8CAB28EAC6C79DA7B73FFBDE709F3E0127D6EB10306558 ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
11:04:31.0215 0x034c CmdAgent - ok
11:04:31.0254 0x034c [ 37767F0E536876355DD56F91D6FB7F59, 47336E261D5C08A2005FFAE2431DDAF06AA7A8544A3AEB56F9FA307DFD8C117C ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
11:04:31.0265 0x034c cmderd - ok
11:04:31.0311 0x034c [ 078D669C2F99BF8813298F28EB3C5074, 95AC509BBDFA06F255ADECB0E4ECD5A86B83F86D0150A6F7EFC2604B3D10BE2D ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
11:04:31.0339 0x034c cmdGuard - ok
11:04:31.0367 0x034c [ 4329475728F8D4C9A3A7F3B0ACA6C5C6, F2931D0E004B2799A6D5E359F4DA143FE7B8899D6DF383F5774C7426C4650D5C ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
11:04:31.0379 0x034c cmdHlp - ok
11:04:31.0405 0x034c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:04:31.0425 0x034c cmdide - ok
11:04:31.0748 0x034c [ CB3F27922714BB15FA78D0B096587B93, 85F626A33449E1F5B51889BE97FAF9200B76AF7BD247B7E85A634F23936F934C ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
11:04:31.0811 0x034c cmdvirth - ok
11:04:31.0912 0x034c [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
11:04:31.0946 0x034c CNG - ok
11:04:31.0992 0x034c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:04:32.0008 0x034c Compbatt - ok
11:04:32.0038 0x034c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:04:32.0063 0x034c CompositeBus - ok
11:04:32.0066 0x034c COMSysApp - ok
11:04:32.0078 0x034c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:04:32.0093 0x034c crcdisk - ok
11:04:32.0124 0x034c [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:04:32.0215 0x034c CryptSvc - ok
11:04:32.0262 0x034c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
11:04:32.0330 0x034c DcomLaunch - ok
11:04:32.0397 0x034c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
11:04:32.0461 0x034c defragsvc - ok
11:04:32.0496 0x034c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:04:32.0583 0x034c DfsC - ok
11:04:32.0614 0x034c [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:04:32.0633 0x034c dg_ssudbus - ok
11:04:32.0674 0x034c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:04:32.0706 0x034c Dhcp - ok
11:04:32.0745 0x034c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
11:04:32.0795 0x034c discache - ok
11:04:32.0824 0x034c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:04:32.0841 0x034c Disk - ok
11:04:32.0915 0x034c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:04:32.0953 0x034c Dnscache - ok
11:04:33.0163 0x034c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
11:04:33.0220 0x034c dot3svc - ok
11:04:33.0269 0x034c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
11:04:33.0318 0x034c DPS - ok
11:04:33.0461 0x034c [ E4A0D0C8F17073BE392F062DD1F6B50E, 26CF71517C09B24B6F6AB5AC902FF0D1426351BCCD6AB571510C83D0F6E32FE6 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
11:04:33.0554 0x034c DragonUpdater - ok
11:04:33.0598 0x034c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:04:33.0685 0x034c drmkaud - ok
11:04:33.0870 0x034c [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:04:33.0906 0x034c DXGKrnl - ok
11:04:33.0950 0x034c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
11:04:34.0000 0x034c EapHost - ok
11:04:34.0191 0x034c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:04:34.0305 0x034c ebdrv - ok
11:04:34.0339 0x034c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe
11:04:34.0357 0x034c EFS - ok
11:04:34.0431 0x034c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:04:34.0463 0x034c ehRecvr - ok
11:04:34.0492 0x034c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
11:04:34.0524 0x034c ehSched - ok
11:04:34.0568 0x034c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:04:34.0595 0x034c elxstor - ok
11:04:34.0619 0x034c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:04:34.0636 0x034c ErrDev - ok
11:04:34.0671 0x034c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
11:04:34.0741 0x034c EventSystem - ok
11:04:34.0769 0x034c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
11:04:34.0840 0x034c exfat - ok
11:04:34.0864 0x034c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:04:34.0919 0x034c fastfat - ok
11:04:34.0966 0x034c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
11:04:34.0996 0x034c Fax - ok
11:04:35.0022 0x034c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:04:35.0038 0x034c fdc - ok
11:04:35.0060 0x034c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
11:04:35.0106 0x034c fdPHost - ok
11:04:35.0122 0x034c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
11:04:35.0174 0x034c FDResPub - ok
11:04:35.0194 0x034c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:04:35.0210 0x034c FileInfo - ok
11:04:35.0215 0x034c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:04:35.0259 0x034c Filetrace - ok
11:04:35.0264 0x034c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:04:35.0280 0x034c flpydisk - ok
11:04:35.0305 0x034c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:04:35.0325 0x034c FltMgr - ok
11:04:35.0375 0x034c [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
11:04:35.0434 0x034c FontCache - ok
11:04:35.0486 0x034c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:04:35.0501 0x034c FontCache3.0.0.0 - ok
11:04:35.0516 0x034c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:04:35.0532 0x034c FsDepends - ok
11:04:35.0559 0x034c [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
11:04:35.0577 0x034c FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
11:04:35.0577 0x034c Detect skipped due to KSN trusted
11:04:35.0577 0x034c FsUsbExDisk - ok
11:04:35.0611 0x034c [ 0796C1E47ADB9825269E64B9DAB4E741, A9E476278428824FAE8B63B2B2CAC683EABD28E5B514925F6379593CB6CAB968 ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
11:04:35.0637 0x034c FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
11:04:35.0637 0x034c Detect skipped due to KSN trusted
11:04:35.0637 0x034c FsUsbExService - ok
11:04:35.0671 0x034c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:04:35.0687 0x034c Fs_Rec - ok
11:04:35.0720 0x034c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:04:35.0745 0x034c fvevol - ok
11:04:35.0771 0x034c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:04:35.0789 0x034c gagp30kx - ok
11:04:35.0892 0x034c [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
11:04:36.0002 0x034c GeekBuddyRSP - ok
11:04:36.0052 0x034c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
11:04:36.0111 0x034c gpsvc - ok
11:04:36.0165 0x034c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:04:36.0180 0x034c gupdate - ok
11:04:36.0190 0x034c [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:04:36.0204 0x034c gupdatem - ok
11:04:36.0229 0x034c [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:04:36.0247 0x034c gusvc - ok
11:04:36.0266 0x034c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:04:36.0301 0x034c hcw85cir - ok
11:04:36.0343 0x034c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:04:36.0398 0x034c HdAudAddService - ok
11:04:36.0441 0x034c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:04:36.0473 0x034c HDAudBus - ok
11:04:36.0491 0x034c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:04:36.0524 0x034c HidBatt - ok
11:04:36.0541 0x034c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:04:36.0563 0x034c HidBth - ok
11:04:36.0586 0x034c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:04:36.0606 0x034c HidIr - ok
11:04:36.0635 0x034c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
11:04:36.0669 0x034c hidserv - ok
11:04:36.0695 0x034c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:04:36.0751 0x034c HidUsb - ok
11:04:36.0782 0x034c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
11:04:36.0815 0x034c hkmsvc - ok
11:04:36.0841 0x034c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:04:36.0877 0x034c HomeGroupListener - ok
11:04:36.0912 0x034c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:04:36.0958 0x034c HomeGroupProvider - ok
11:04:36.0987 0x034c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:04:37.0005 0x034c HpSAMD - ok
11:04:37.0047 0x034c [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:04:37.0103 0x034c HTTP - ok
11:04:37.0135 0x034c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:04:37.0151 0x034c hwpolicy - ok
11:04:37.0180 0x034c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:04:37.0199 0x034c i8042prt - ok
11:04:37.0222 0x034c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:04:37.0248 0x034c iaStorV - ok
11:04:37.0312 0x034c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:04:37.0366 0x034c idsvc - ok
11:04:37.0372 0x034c IEEtwCollectorService - ok
11:04:37.0394 0x034c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:04:37.0410 0x034c iirsp - ok
11:04:37.0459 0x034c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
11:04:37.0532 0x034c IKEEXT - ok
11:04:37.0597 0x034c [ A97DCC4B06710F36B30BC36FF1F96C06, D573FF53705C53A23CC7F356B2FC02D4FC65C962C3AD0D0B6B26434AEC619A0B ] inspect C:\Windows\system32\DRIVERS\inspect.sys
11:04:37.0616 0x034c inspect - ok
11:04:37.0774 0x034c [ 816EEF1A714ABF9A633F478EFAC8F24C, 362492F5922781CE1AD6EB3DC8415BBEC736A5046BF6D9E82C69BADDE86048B8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:04:37.0910 0x034c IntcAzAudAddService - ok
11:04:37.0945 0x034c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
11:04:37.0960 0x034c intelide - ok
11:04:37.0971 0x034c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:04:38.0000 0x034c intelppm - ok
11:04:38.0025 0x034c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:04:38.0074 0x034c IPBusEnum - ok
11:04:38.0079 0x034c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:04:38.0114 0x034c IpFilterDriver - ok
11:04:38.0163 0x034c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:04:38.0236 0x034c iphlpsvc - ok
11:04:38.0270 0x034c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:04:38.0306 0x034c IPMIDRV - ok
11:04:38.0336 0x034c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:04:38.0387 0x034c IPNAT - ok
11:04:38.0405 0x034c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:04:38.0426 0x034c IRENUM - ok
11:04:38.0450 0x034c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:04:38.0467 0x034c isapnp - ok
11:04:38.0491 0x034c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:04:38.0514 0x034c iScsiPrt - ok
11:04:38.0538 0x034c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:04:38.0555 0x034c kbdclass - ok
11:04:38.0580 0x034c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:04:38.0598 0x034c kbdhid - ok
11:04:38.0612 0x034c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe
11:04:38.0630 0x034c KeyIso - ok
11:04:38.0708 0x034c [ 00060003E6161944A9963FA9F24102BC, 9FB85A6542F8B17504A40798727266C5F618B09D74963747F06EAF80AE13ECDE ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
11:04:38.0730 0x034c Kodak AiO Network Discovery Service - ok
11:04:38.0801 0x034c [ 60301F8FDF519FFEC307A686209C33BE, B9A31478707B518967A6200813DCBD4DE03824FBFAB6E35D4FA4DA783FD6305A ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
11:04:38.0834 0x034c Kodak AiO Status Monitor Service - ok
11:04:38.0865 0x034c [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:04:38.0882 0x034c KSecDD - ok
11:04:38.0914 0x034c [ 1E1845606C5A4579F7F3D95796CC1ED1, 26A478A0B5417CBC880A7F2D977AAC5FBF40EC4296426B757D6ACCBBC09486CC ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:04:38.0934 0x034c KSecPkg - ok
11:04:38.0973 0x034c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:04:39.0036 0x034c KtmRm - ok
11:04:39.0064 0x034c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:04:39.0120 0x034c LanmanServer - ok
11:04:39.0147 0x034c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:04:39.0184 0x034c LanmanWorkstation - ok
11:04:39.0211 0x034c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:04:39.0258 0x034c lltdio - ok
11:04:39.0258 0x034c Object required for P2P: [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio
11:04:41.0940 0x034c Object send P2P result: true
11:04:41.0970 0x034c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:04:42.0023 0x034c lltdsvc - ok
11:04:42.0041 0x034c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:04:42.0072 0x034c lmhosts - ok
11:04:42.0096 0x034c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:04:42.0114 0x034c LSI_FC - ok
11:04:42.0149 0x034c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:04:42.0168 0x034c LSI_SAS - ok
11:04:42.0177 0x034c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:04:42.0193 0x034c LSI_SAS2 - ok
11:04:42.0206 0x034c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:04:42.0224 0x034c LSI_SCSI - ok
11:04:42.0240 0x034c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
11:04:42.0284 0x034c luafv - ok
11:04:42.0311 0x034c [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:04:42.0325 0x034c MBAMProtector - ok
11:04:42.0440 0x034c [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
11:04:42.0503 0x034c MBAMScheduler - ok
11:04:42.0549 0x034c [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
11:04:42.0586 0x034c MBAMService - ok
11:04:42.0614 0x034c [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:04:42.0629 0x034c MBAMSwissArmy - ok
11:04:42.0644 0x034c [ 312CD3307F600E7CD340B79B3DCB3A01, 861A6DFC53C69743129DAAFE73DECDE8D842475503E8D713E7CE5D22AC8D1370 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:04:42.0657 0x034c MBAMWebAccessControl - ok
11:04:42.0682 0x034c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:04:42.0760 0x034c Mcx2Svc - ok
11:04:42.0794 0x034c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:04:42.0833 0x034c megasas - ok
11:04:42.0925 0x034c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:04:42.0948 0x034c MegaSR - ok
11:04:42.0976 0x034c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
11:04:43.0010 0x034c MMCSS - ok
11:04:43.0045 0x034c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
11:04:43.0077 0x034c Modem - ok
11:04:43.0082 0x034c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:04:43.0112 0x034c monitor - ok
11:04:43.0141 0x034c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:04:43.0164 0x034c mouclass - ok
11:04:43.0169 0x034c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:04:43.0201 0x034c mouhid - ok
11:04:43.0218 0x034c [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:04:43.0236 0x034c mountmgr - ok
11:04:43.0270 0x034c [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:04:43.0288 0x034c MozillaMaintenance - ok
11:04:43.0323 0x034c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
11:04:43.0342 0x034c mpio - ok
11:04:43.0370 0x034c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:04:43.0414 0x034c mpsdrv - ok
11:04:43.0455 0x034c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:04:43.0501 0x034c MpsSvc - ok
11:04:43.0528 0x034c [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:04:43.0549 0x034c MRxDAV - ok
11:04:43.0586 0x034c [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:04:43.0632 0x034c mrxsmb - ok
11:04:43.0648 0x034c [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:04:43.0671 0x034c mrxsmb10 - ok
11:04:43.0695 0x034c [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:04:43.0726 0x034c mrxsmb20 - ok
11:04:43.0750 0x034c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
11:04:43.0766 0x034c msahci - ok
11:04:43.0801 0x034c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:04:43.0825 0x034c msdsm - ok
11:04:43.0859 0x034c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
11:04:43.0894 0x034c MSDTC - ok
11:04:43.0927 0x034c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:04:43.0969 0x034c Msfs - ok
11:04:43.0982 0x034c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:04:44.0028 0x034c mshidkmdf - ok
11:04:44.0062 0x034c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:04:44.0077 0x034c msisadrv - ok
11:04:44.0107 0x034c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:04:44.0141 0x034c MSiSCSI - ok
11:04:44.0147 0x034c msiserver - ok
11:04:44.0164 0x034c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:04:44.0228 0x034c MSKSSRV - ok
11:04:44.0252 0x034c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:04:44.0301 0x034c MSPCLOCK - ok
11:04:44.0349 0x034c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:04:44.0397 0x034c MSPQM - ok
11:04:44.0432 0x034c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:04:44.0452 0x034c MsRPC - ok
11:04:44.0487 0x034c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:04:44.0503 0x034c mssmbios - ok
11:04:44.0507 0x034c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:04:44.0555 0x034c MSTEE - ok
11:04:44.0575 0x034c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:04:44.0605 0x034c MTConfig - ok
11:04:44.0622 0x034c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
11:04:44.0639 0x034c Mup - ok
11:04:44.0678 0x034c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
11:04:44.0738 0x034c napagent - ok
11:04:44.0779 0x034c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:04:44.0824 0x034c NativeWifiP - ok
11:04:44.0878 0x034c [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:04:44.0930 0x034c NDIS - ok
11:04:44.0946 0x034c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:04:44.0978 0x034c NdisCap - ok
11:04:44.0993 0x034c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:04:45.0023 0x034c NdisTapi - ok
11:04:45.0048 0x034c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:04:45.0078 0x034c Ndisuio - ok
11:04:45.0111 0x034c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:04:45.0162 0x034c NdisWan - ok
11:04:45.0187 0x034c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:04:45.0233 0x034c NDProxy - ok
11:04:45.0262 0x034c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:04:45.0306 0x034c NetBIOS - ok
11:04:45.0339 0x034c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:04:45.0375 0x034c NetBT - ok
11:04:45.0402 0x034c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe
11:04:45.0419 0x034c Netlogon - ok
11:04:45.0457 0x034c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
11:04:45.0500 0x034c Netman - ok
11:04:45.0531 0x034c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:04:45.0553 0x034c NetMsmqActivator - ok
11:04:45.0564 0x034c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:04:45.0585 0x034c NetPipeActivator - ok
11:04:45.0615 0x034c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
11:04:45.0682 0x034c netprofm - ok
11:04:45.0706 0x034c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:04:45.0727 0x034c NetTcpActivator - ok
11:04:45.0739 0x034c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:04:45.0760 0x034c NetTcpPortSharing - ok
11:04:45.0783 0x034c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:04:45.0800 0x034c nfrd960 - ok
11:04:45.0834 0x034c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:04:45.0860 0x034c NlaSvc - ok
11:04:45.0870 0x034c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:04:45.0903 0x034c Npfs - ok
11:04:45.0933 0x034c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
11:04:45.0967 0x034c nsi - ok
11:04:45.0983 0x034c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:04:46.0023 0x034c nsiproxy - ok
11:04:46.0101 0x034c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:04:46.0180 0x034c Ntfs - ok
11:04:46.0200 0x034c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
11:04:46.0233 0x034c Null - ok
11:04:46.0654 0x034c [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:04:47.0134 0x034c nvlddmkm - ok
11:04:47.0263 0x034c [ 1D3878E5722F0AB3C22D04E88AC4AC55, F36048FA1CDDA5065AD1DEF1F08A241D1859A1BC199B073DCD1C355257A97D7C ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
11:04:47.0335 0x034c NvNetworkService - ok
11:04:47.0370 0x034c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:04:47.0390 0x034c nvraid - ok
11:04:47.0411 0x034c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:04:47.0431 0x034c nvstor - ok
11:04:47.0999 0x034c [ 4A5826E5CC2DA7DC33CB4FB8EA285508, 0270EEC5026B02A26ABFA5CC0FF62371277FA0BCB4492F1F7D567B749236E1D6 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
11:04:48.0444 0x034c NvStreamSvc - ok
11:04:48.0575 0x034c [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc C:\Windows\system32\nvvsvc.exe
11:04:48.0633 0x034c nvsvc - ok
11:04:48.0686 0x034c [ F9D6D29A55C289B8AF0858C267BE7126, 5EAC86DFC3F288994DF93FD8BECE910D8953EAFDB0ACE28D70FA866345BF4764 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
11:04:48.0700 0x034c nvvad_WaveExtensible - ok
11:04:48.0724 0x034c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:04:48.0742 0x034c nv_agp - ok
11:04:48.0772 0x034c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:04:48.0803 0x034c ohci1394 - ok
11:04:48.0836 0x034c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:04:48.0869 0x034c p2pimsvc - ok
11:04:48.0895 0x034c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
11:04:48.0944 0x034c p2psvc - ok
11:04:48.0979 0x034c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:04:48.0999 0x034c Parport - ok
11:04:49.0032 0x034c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:04:49.0048 0x034c partmgr - ok
11:04:49.0064 0x034c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:04:49.0081 0x034c Parvdm - ok
11:04:49.0112 0x034c [ 3A55D53687F16D9EF5BF307BBFEFCD9C, F1BB1B43442B151686500768C43A4D20CAA47427E78386953A42DDB42D9DDF0C ] PcaSvc C:\Windows\System32\pcasvc.dll
11:04:49.0135 0x034c PcaSvc - ok
11:04:49.0172 0x034c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
11:04:49.0192 0x034c pci - ok
11:04:49.0220 0x034c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
11:04:49.0237 0x034c pciide - ok
11:04:49.0256 0x034c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:04:49.0281 0x034c pcmcia - ok
11:04:49.0295 0x034c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
11:04:49.0312 0x034c pcw - ok
11:04:49.0356 0x034c [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:04:49.0418 0x034c PEAUTH - ok
11:04:49.0511 0x034c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
11:04:49.0616 0x034c pla - ok
11:04:49.0656 0x034c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:04:49.0702 0x034c PlugPlay - ok
11:04:49.0727 0x034c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:04:49.0759 0x034c PNRPAutoReg - ok
11:04:49.0785 0x034c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:04:49.0813 0x034c PNRPsvc - ok
11:04:49.0846 0x034c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:04:49.0895 0x034c PolicyAgent - ok
11:04:49.0917 0x034c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
11:04:49.0954 0x034c Power - ok
11:04:49.0989 0x034c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:04:50.0024 0x034c PptpMiniport - ok
11:04:50.0045 0x034c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:04:50.0075 0x034c Processor - ok
11:04:50.0102 0x034c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
11:04:50.0140 0x034c ProfSvc - ok
11:04:50.0158 0x034c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:04:50.0175 0x034c ProtectedStorage - ok
11:04:50.0186 0x034c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:04:50.0238 0x034c Psched - ok
11:04:50.0304 0x034c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:04:50.0373 0x034c ql2300 - ok
11:04:50.0391 0x034c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:04:50.0410 0x034c ql40xx - ok
11:04:50.0444 0x034c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
11:04:50.0494 0x034c QWAVE - ok
11:04:50.0511 0x034c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:04:50.0541 0x034c QWAVEdrv - ok
11:04:50.0556 0x034c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:04:50.0603 0x034c RasAcd - ok
11:04:50.0621 0x034c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:04:50.0666 0x034c RasAgileVpn - ok
11:04:50.0684 0x034c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
11:04:50.0721 0x034c RasAuto - ok
11:04:50.0733 0x034c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:04:50.0766 0x034c Rasl2tp - ok
11:04:50.0798 0x034c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
11:04:50.0845 0x034c RasMan - ok
11:04:50.0865 0x034c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:04:50.0912 0x034c RasPppoe - ok
11:04:50.0932 0x034c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:04:50.0978 0x034c RasSstp - ok
11:04:51.0016 0x034c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:04:51.0078 0x034c rdbss - ok
11:04:51.0100 0x034c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:04:51.0130 0x034c rdpbus - ok
11:04:51.0149 0x034c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:04:51.0179 0x034c RDPCDD - ok
11:04:51.0205 0x034c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:04:51.0243 0x034c RDPENCDD - ok
11:04:51.0250 0x034c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:04:51.0280 0x034c RDPREFMP - ok
11:04:51.0331 0x034c [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:04:51.0361 0x034c RdpVideoMiniport - ok
11:04:51.0390 0x034c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:04:51.0430 0x034c RDPWD - ok
11:04:51.0459 0x034c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:04:51.0480 0x034c rdyboost - ok
11:04:51.0522 0x034c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:04:51.0556 0x034c RemoteAccess - ok
11:04:51.0595 0x034c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:04:51.0643 0x034c RemoteRegistry - ok
11:04:51.0669 0x034c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:04:51.0719 0x034c RpcEptMapper - ok
11:04:51.0744 0x034c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
11:04:51.0762 0x034c RpcLocator - ok
11:04:51.0787 0x034c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
11:04:51.0829 0x034c RpcSs - ok
11:04:51.0855 0x034c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:04:51.0899 0x034c rspndr - ok
11:04:51.0948 0x034c [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
11:04:51.0987 0x034c RTL8167 - ok
11:04:51.0998 0x034c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe
11:04:52.0016 0x034c SamSs - ok
11:04:52.0042 0x034c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:04:52.0060 0x034c sbp2port - ok
11:04:52.0090 0x034c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:04:52.0143 0x034c SCardSvr - ok
11:04:52.0162 0x034c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:04:52.0204 0x034c scfilter - ok
11:04:52.0253 0x034c [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
11:04:52.0333 0x034c Schedule - ok
11:04:52.0366 0x034c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:04:52.0397 0x034c SCPolicySvc - ok
11:04:52.0426 0x034c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:04:52.0465 0x034c SDRSVC - ok
11:04:52.0488 0x034c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:04:52.0522 0x034c secdrv - ok
11:04:52.0543 0x034c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
11:04:52.0589 0x034c seclogon - ok
11:04:52.0608 0x034c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
11:04:52.0654 0x034c SENS - ok
11:04:52.0676 0x034c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:04:52.0705 0x034c SensrSvc - ok
11:04:52.0710 0x034c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:04:52.0727 0x034c Serenum - ok
11:04:52.0756 0x034c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:04:52.0789 0x034c Serial - ok
11:04:52.0816 0x034c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:04:52.0846 0x034c sermouse - ok
11:04:52.0881 0x034c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
11:04:52.0917 0x034c SessionEnv - ok
11:04:52.0940 0x034c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:04:52.0968 0x034c sffdisk - ok
11:04:52.0994 0x034c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:04:53.0028 0x034c sffp_mmc - ok
11:04:53.0047 0x034c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:04:53.0065 0x034c sffp_sd - ok
11:04:53.0089 0x034c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:04:53.0107 0x034c sfloppy - ok
11:04:53.0132 0x034c [ C97E0F487690FB0C7221168465982810, 0FF3811D964EAF66719F8FA499FBE2B3ECD867667CF9A87832ED17DC9B2A3375 ] sgdqjv C:\Windows\system32\drivers\bgvewhov.sys
11:04:53.0148 0x034c sgdqjv - ok
11:04:53.0187 0x034c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:04:53.0246 0x034c SharedAccess - ok
11:04:53.0285 0x034c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:04:53.0345 0x034c ShellHWDetection - ok
11:04:53.0375 0x034c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:04:53.0391 0x034c sisagp - ok
11:04:53.0416 0x034c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:04:53.0433 0x034c SiSRaid2 - ok
11:04:53.0452 0x034c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:04:53.0470 0x034c SiSRaid4 - ok
11:04:53.0486 0x034c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:04:53.0534 0x034c Smb - ok
11:04:53.0562 0x034c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:04:53.0591 0x034c SNMPTRAP - ok
11:04:53.0608 0x034c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
11:04:53.0624 0x034c spldr - ok
11:04:53.0666 0x034c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
11:04:53.0712 0x034c Spooler - ok
11:04:53.0841 0x034c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
11:04:53.0960 0x034c sppsvc - ok
11:04:53.0999 0x034c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:04:54.0033 0x034c sppuinotify - ok
11:04:54.0075 0x034c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:04:54.0113 0x034c srv - ok
11:04:54.0136 0x034c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:04:54.0185 0x034c srv2 - ok
11:04:54.0209 0x034c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:04:54.0229 0x034c srvnet - ok
11:04:54.0258 0x034c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:04:54.0311 0x034c SSDPSRV - ok
11:04:54.0332 0x034c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:04:54.0367 0x034c SstpSvc - ok
11:04:54.0397 0x034c [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:04:54.0416 0x034c ssudmdm - ok
11:04:54.0470 0x034c [ 5DA84663B5DC64AF9D5E944D809A6099, C5D427F019081BF93C08391845E7B22A9AFCE7D3A6E6F8EA1F36566F05F9843E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:04:54.0495 0x034c Stereo Service - ok
11:04:54.0523 0x034c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:04:54.0541 0x034c stexstor - ok
11:04:54.0583 0x034c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
11:04:54.0641 0x034c StiSvc - ok
11:04:54.0665 0x034c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
11:04:54.0680 0x034c swenum - ok
11:04:54.0715 0x034c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
11:04:54.0757 0x034c swprv - ok
11:04:54.0826 0x034c [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
11:04:54.0903 0x034c SysMain - ok
11:04:54.0933 0x034c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:04:54.0968 0x034c TabletInputService - ok
11:04:55.0006 0x034c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
11:04:55.0053 0x034c TapiSrv - ok
11:04:55.0081 0x034c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
11:04:55.0130 0x034c TBS - ok
11:04:55.0207 0x034c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:04:55.0279 0x034c Tcpip - ok
11:04:55.0340 0x034c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:04:55.0390 0x034c TCPIP6 - ok
11:04:55.0427 0x034c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:04:55.0444 0x034c tcpipreg - ok
11:04:55.0470 0x034c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:04:55.0487 0x034c TDPIPE - ok
11:04:55.0504 0x034c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:04:55.0520 0x034c TDTCP - ok
11:04:55.0551 0x034c [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:04:55.0592 0x034c tdx - ok
11:04:55.0616 0x034c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:04:55.0632 0x034c TermDD - ok
11:04:55.0672 0x034c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
11:04:55.0716 0x034c TermService - ok
11:04:55.0749 0x034c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
11:04:55.0772 0x034c Themes - ok
11:04:55.0787 0x034c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
11:04:55.0820 0x034c THREADORDER - ok
11:04:55.0852 0x034c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
11:04:55.0888 0x034c TrkWks - ok
11:04:55.0944 0x034c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:04:55.0980 0x034c TrustedInstaller - ok
11:04:56.0005 0x034c [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:04:56.0037 0x034c tssecsrv - ok
11:04:56.0063 0x034c [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:04:56.0090 0x034c TsUsbFlt - ok
11:04:56.0121 0x034c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:04:56.0156 0x034c tunnel - ok
11:04:56.0178 0x034c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:04:56.0195 0x034c uagp35 - ok
11:04:56.0232 0x034c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:04:56.0283 0x034c udfs - ok
11:04:56.0317 0x034c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:04:56.0338 0x034c UI0Detect - ok
11:04:56.0362 0x034c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:04:56.0379 0x034c uliagpkx - ok
11:04:56.0406 0x034c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
11:04:56.0436 0x034c umbus - ok
11:04:56.0463 0x034c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:04:56.0481 0x034c UmPass - ok
11:04:56.0518 0x034c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
11:04:56.0579 0x034c upnphost - ok
11:04:56.0609 0x034c [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:04:56.0637 0x034c usbaudio - ok
11:04:56.0667 0x034c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:04:56.0685 0x034c usbccgp - ok
11:04:56.0714 0x034c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:04:56.0734 0x034c usbcir - ok
11:04:56.0758 0x034c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:04:56.0785 0x034c usbehci - ok
11:04:56.0821 0x034c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:04:56.0872 0x034c usbhub - ok
11:04:56.0887 0x034c [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:04:56.0903 0x034c usbohci - ok
11:04:56.0917 0x034c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:04:56.0936 0x034c usbprint - ok
11:04:56.0968 0x034c [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:04:56.0999 0x034c usbscan - ok
11:04:57.0010 0x034c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:04:57.0029 0x034c USBSTOR - ok
11:04:57.0043 0x034c [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:04:57.0073 0x034c usbuhci - ok
11:04:57.0099 0x034c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
11:04:57.0132 0x034c UxSms - ok
11:04:57.0146 0x034c [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe
11:04:57.0164 0x034c VaultSvc - ok
11:04:57.0193 0x034c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:04:57.0209 0x034c vdrvroot - ok
11:04:57.0249 0x034c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
11:04:57.0306 0x034c vds - ok
11:04:57.0333 0x034c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:04:57.0368 0x034c vga - ok
11:04:57.0386 0x034c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:04:57.0418 0x034c VgaSave - ok
11:04:57.0440 0x034c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:04:57.0461 0x034c vhdmp - ok
11:04:57.0475 0x034c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:04:57.0492 0x034c viaagp - ok
11:04:57.0511 0x034c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:04:57.0529 0x034c ViaC7 - ok
11:04:57.0560 0x034c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
11:04:57.0576 0x034c viaide - ok
11:04:57.0596 0x034c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:04:57.0612 0x034c volmgr - ok
11:04:57.0632 0x034c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:04:57.0657 0x034c volmgrx - ok
11:04:57.0696 0x034c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:04:57.0719 0x034c volsnap - ok
11:04:57.0736 0x034c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:04:57.0756 0x034c vsmraid - ok
11:04:57.0828 0x034c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
11:04:57.0915 0x034c VSS - ok
11:04:57.0936 0x034c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:04:57.0956 0x034c vwifibus - ok
11:04:57.0995 0x034c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
11:04:58.0039 0x034c W32Time - ok
11:04:58.0064 0x034c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:04:58.0094 0x034c WacomPen - ok
11:04:58.0124 0x034c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:04:58.0170 0x034c WANARP - ok
11:04:58.0176 0x034c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:04:58.0206 0x034c Wanarpv6 - ok
11:04:58.0277 0x034c [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:04:58.0351 0x034c WatAdminSvc - ok
11:04:58.0413 0x034c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
11:04:58.0496 0x034c wbengine - ok
11:04:58.0529 0x034c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:04:58.0557 0x034c WbioSrvc - ok
11:04:58.0596 0x034c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:04:58.0629 0x034c wcncsvc - ok
11:04:58.0650 0x034c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:04:58.0673 0x034c WcsPlugInService - ok
11:04:58.0696 0x034c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:04:58.0713 0x034c Wd - ok
11:04:58.0761 0x034c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:04:58.0805 0x034c Wdf01000 - ok
11:04:58.0823 0x034c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:04:58.0862 0x034c WdiServiceHost - ok
11:04:58.0882 0x034c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:04:58.0905 0x034c WdiSystemHost - ok
11:04:58.0996 0x034c [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
11:04:59.0037 0x034c WebClient - ok
11:04:59.0075 0x034c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:04:59.0133 0x034c Wecsvc - ok
11:04:59.0154 0x034c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:04:59.0206 0x034c wercplsupport - ok
11:04:59.0229 0x034c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
11:04:59.0291 0x034c WerSvc - ok
11:04:59.0326 0x034c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:04:59.0358 0x034c WfpLwf - ok
11:04:59.0377 0x034c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:04:59.0393 0x034c WIMMount - ok
11:04:59.0467 0x034c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:04:59.0538 0x034c WinDefend - ok
11:04:59.0552 0x034c WinHttpAutoProxySvc - ok
11:04:59.0609 0x034c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:04:59.0662 0x034c Winmgmt - ok
11:04:59.0728 0x034c [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
11:04:59.0802 0x034c WinRM - ok
11:04:59.0822 0x034c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:04:59.0841 0x034c WinUsb - ok
11:04:59.0892 0x034c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:04:59.0961 0x034c Wlansvc - ok
11:04:59.0986 0x034c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:05:00.0019 0x034c WmiAcpi - ok
11:05:00.0056 0x034c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:05:00.0078 0x034c wmiApSrv - ok
11:05:00.0169 0x034c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:05:00.0228 0x034c WMPNetworkSvc - ok
11:05:00.0260 0x034c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:05:00.0280 0x034c WPCSvc - ok
11:05:00.0309 0x034c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:05:00.0342 0x034c WPDBusEnum - ok
11:05:00.0362 0x034c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:05:00.0394 0x034c ws2ifsl - ok
11:05:00.0414 0x034c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
11:05:00.0453 0x034c wscsvc - ok
11:05:00.0458 0x034c WSearch - ok
11:05:00.0558 0x034c [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
11:05:00.0632 0x034c wuauserv - ok
11:05:00.0669 0x034c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:05:00.0699 0x034c WudfPf - ok
11:05:00.0719 0x034c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:05:00.0741 0x034c WUDFRd - ok
11:05:00.0761 0x034c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:05:00.0807 0x034c wudfsvc - ok
11:05:00.0842 0x034c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
11:05:00.0885 0x034c WwanSvc - ok
11:05:00.0892 0x034c ================ Scan global ===============================
11:05:00.0918 0x034c [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
11:05:00.0948 0x034c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:05:00.0973 0x034c [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:05:01.0001 0x034c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:05:01.0022 0x034c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
11:05:01.0030 0x034c [ Global ] - ok
11:05:01.0031 0x034c ================ Scan MBR ==================================
11:05:01.0041 0x034c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:05:01.0299 0x034c \Device\Harddisk0\DR0 - ok
11:05:01.0300 0x034c ================ Scan VBR ==================================
11:05:01.0300 0x034c [ E6568295D6FF1B2780AAE9387D776FF5 ] \Device\Harddisk0\DR0\Partition1
11:05:01.0302 0x034c \Device\Harddisk0\DR0\Partition1 - ok
11:05:01.0303 0x034c [ 57ECB04DD5A9F3ED683EBFA6FAFD12BB ] \Device\Harddisk0\DR0\Partition2
11:05:01.0340 0x034c \Device\Harddisk0\DR0\Partition2 - ok
11:05:01.0341 0x034c ================ Scan generic autorun ======================
11:05:01.0818 0x034c [ D70D4FE47BCBE1EF9170F110A19BEC34, 3BC9313F3A188CA61A05C958EFB519EA1E82F051A4C44BB82FD3A6CD42BE38AB ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
11:05:02.0161 0x034c RtHDVCpl - ok
11:05:02.0271 0x034c [ 1E7FF436A5395FE57AB5FC662FC3767F, 3C2A961BD05DB1C3398753644E1E8C483BE2E3FC2758312D628E05FF17E97E8C ] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
11:05:02.0311 0x034c Nvtmru - ok
11:05:02.0340 0x034c [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\system32\rundll32.exe
11:05:02.0374 0x034c ShadowPlay - ok
11:05:02.0431 0x034c [ 6ED26E255607F4BA8812E62E496C35ED, 79FEA2ECE218341D122808504CA18FA0B0EA3366B99A8AD042666ECDA08AD5C9 ] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
11:05:02.0467 0x034c KiesTrayAgent - ok
11:05:02.0583 0x034c [ B644A9A9A8ADDEC20E7956373130AC2D, 890F75F912BE29A62B4AF35680E12CA8F13800025EDCF8B1D9DF7662BBF28DBA ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
11:05:02.0656 0x034c NvBackend - ok
11:05:02.0664 0x034c Conime - ok
11:05:02.0818 0x034c [ 0BA95C4CD5C908CEDAD87036126E3AB1, AFABCB336EF36B928F5573785F9910EE16B4563C44CEE0662EA58F8E60F9E020 ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
11:05:02.0902 0x034c EKStatusMonitor - ok
11:05:02.0968 0x034c [ F7DD2D785280DB73DC9060F80361BEFB, 7AF1114FFA46290DC77CC5D562034287A0E617BD4747F58E65CDF70244C402CB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:05:02.0981 0x034c APSDaemon - ok
11:05:02.0982 0x034c ComodoFSChrome - ok
11:05:03.0084 0x034c [ A3022CDC851A1EF359C8C2364B3DBB02, 1DA909F143CF9754DAC7715C65B5F706103F6E7E2CCDFB34EA4B5CCE9C53178D ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
11:05:03.0128 0x034c COMODO Internet Security - ok
11:05:03.0239 0x034c [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
11:05:03.0312 0x034c tvncontrol - ok
11:05:03.0396 0x034c [ 7BDA05509585396989E523BEDE832E9B, 27590FF2A468F977FC834FF30AA7C39C9062173A6B4B14671D1FFB84DCF2042F ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
11:05:03.0409 0x034c Malwarebytes Anti-Malware (cleanup) - ok
11:05:03.0483 0x034c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:05:03.0567 0x034c Sidebar - ok
11:05:03.0592 0x034c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:05:03.0616 0x034c mctadmin - ok
11:05:03.0667 0x034c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:05:03.0738 0x034c Sidebar - ok
11:05:03.0767 0x034c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:05:03.0790 0x034c mctadmin - ok
11:05:03.0855 0x034c [ 81A15A5C41AC28A83794FD978630B78F, 5C1B57C96AE49E2BFCAA61F3CD82791CBDFD98EC4088CFBE4EF0B0993AAAB8BB ] C:\Program Files\Comodo\Dragon\dragon.exe
11:05:03.0886 0x034c GoogleChromeAutoLaunch_A4AAD752A94AD0D07B3FA88181A919F9 - ok
11:05:04.0002 0x034c [ 7C0AA66E6352337EF923BA8B3AEB099D, C5498B7CBB6D8359BBFFBF998CF903626780D494B6AB88FC5951A7DE576DA3F6 ] C:\Users\Lonnie\AppData\Roaming\mjusbsp\cdloader2.exe
11:05:04.0016 0x034c cdloader - ok
11:05:04.0116 0x034c [ 749E4BF1FA6DB8C3F9C2B7F29A544F95, 3A1A599B60A78CB2BAA782AEE22DCE4B6FC59907733A5D204C46A8C6A120BAFC ] C:\Program Files\Google\Chrome\Application\chrome.exe
11:05:04.0156 0x034c GoogleChromeAutoLaunch_5090660AF80758FEEBA1A8C0C9DF7D80 - ok
11:05:04.0166 0x034c AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.1.0.4426 ), 0x61000 ( enabled : updated )
11:05:04.0168 0x034c FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.1.0.4426 ), 0x61010 ( enabled )
11:05:06.0663 0x034c ============================================================
11:05:06.0663 0x034c Scan finished
11:05:06.0663 0x034c ============================================================
11:05:06.0665 0x15e8 Detected object count: 0
11:05:06.0665 0x15e8 Actual detected object count: 0
#52
Posted 05 February 2015 - 06:14 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Hello
Thank you for the logs. Please post the Zoek log at your convenience and we'll continue.
Thank you for the logs. Please post the Zoek log at your convenience and we'll continue.
#53
Posted 06 February 2015 - 10:08 PM
trucker
- Topic Starter
-
- Member
-
- 233 posts
Member
how long does it take to run Zoek? Its been over 24hours
#54
Posted 06 February 2015 - 10:12 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
how long does it take to run Zoek? Its been over 24hours
Go ahead and halt the scan, and restart it with the same option of autoclean selected. If it's still running in the morning, please let me know.
#55
Posted 07 February 2015 - 06:54 AM
trucker
- Topic Starter
-
- Member
-
- 233 posts
Member
Yes I have done that already.
#56
Posted 07 February 2015 - 08:05 AM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Ok, let's do this. We'll create a new restore point and then boot into Safe Mode and run the scan from there.
Step 1: Create a new Restore Point
Click on Start >>Control Panel>>System and Security>>System>>System Protection.
Then click on the Create tab and give the new restore point a name. Then the new restore point will be created.
Step 2: Boot into Safe Mode
Reboot your machine and before the Windows screen appears, repeatedly press the F8 button.
When the menu appears, choose Safe Mode. Windows will only load the drivers it needs to run.
Once loaded, run Zoek with the autoclean option.
Please post the log when the scan is complete.
Things I need to see in your next post:
Zoek Log
Step 1: Create a new Restore Point
Click on Start >>Control Panel>>System and Security>>System>>System Protection.
Then click on the Create tab and give the new restore point a name. Then the new restore point will be created.
Step 2: Boot into Safe Mode
Reboot your machine and before the Windows screen appears, repeatedly press the F8 button.
When the menu appears, choose Safe Mode. Windows will only load the drivers it needs to run.
Once loaded, run Zoek with the autoclean option.
Please post the log when the scan is complete.
Things I need to see in your next post:
Zoek Log
#57
Posted 08 February 2015 - 07:25 AM
trucker
- Topic Starter
-
- Member
-
- 233 posts
Member
Zoek.exe v5.0.0.0 Updated 29-11-2014
Tool run by Lonnie on Sun 02/08/2015 at 4:16:00.54.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Lonnie\Desktop\zoek.exe [Scan all users] [Checkboxes used]
==== System Restore Info ======================
==== Empty Folders Check ======================
C:\Program Files\AGEIA Technologies deleted successfully
C:\Users\Lonnie\AppData\Roaming\Byihqeif deleted successfully
C:\Users\Lonnie\AppData\Roaming\Echydat deleted successfully
C:\Users\Lonnie\AppData\Roaming\Leiwmiy deleted successfully
C:\Users\Lonnie\AppData\Roaming\Olgili deleted successfully
C:\Users\Lonnie\AppData\Roaming\Pyzefyxo deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02068F88-D6F2-4E62-AF51-EA548DB7B9F6} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{102710F1-4DE3-4EEB-BAE4-4110BBF530A5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10CF9E42-6924-4424-9088-9A1974D37C3} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10D07E51-3333-440F-938E-655129F17BCA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{125160E7-7D20-482B-9141-E4B615ED544B} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12F1B6C4-B1CC-4342-8DE9-3C69F880A413} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{147E0711-A538-4886-89CC-C3C1CBE2EE90} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14DF17C1-DA34-46E1-919D-DF9ECFC2DB22} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1524B287-AB0C-4A40-A51E-264F9D1A2676} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1541D164-6C6-42D4-B5BF-E5EF515F589D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15D8BF24-F9CC-4E3E-9660-2636D39722C3} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{161F7BD7-759F-4BA2-A51E-142BC058F466} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1661428A-349E-4BBE-8A62-E745AF14AE} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{167D7AD2-B94F-42A5-996F-D7B6F1111CD9} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1800DD90-854B-4247-AB39-993A2F21FF6} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1836267F-A8C8-42D0-B5B-B51CA2935FF} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18CCC9E3-AE1B-4896-9E13-7D3691282ADA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C7EB144-AC77-4AB6-9B29-3943C71C1B0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20F81FCE-E66-43BE-AC35-7E70FA698150} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23D6B0D3-BFF5-4E3D-94DB-47CBB24C34D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26AE5A66-DB53-4D23-8D9B-3AF1FBB26E2} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26EA0793-F26D-456F-A1DB-BD6353D69B5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A2EFFC1-73A-442F-8F20-89D495594DB9} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B33F3A4-685D-4366-8BB3-46ADC87A71CA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D5159CB-13E0-47B7-9D5D-C16D5694E12} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E41CC1B-6FAB-4F27-8837-EB7DFCA1433C} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EDDABD7-6793-4F14-A010-D0A69DE9D879} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FD12F94-E190-4528-8D7B-B593B190F96E} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30ACACE2-1A79-454D-9A8D-30B94C4BC918} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30B92B41-B8FD-4F47-A988-517F7242C3A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3170928E-1DC4-45C9-A65E-B18B5DE04F73} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32BA1C2D-46BF-4830-8C76-965538EA5293} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34BAACDC-1410-49F2-A96D-D8E226F2D2B0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{356FC9F6-3C16-43B2-986F-7CA583E6A4BB} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35B10BE9-4064-4172-93F5-E6AB64E0496A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39965CE2-C4CE-46C1-B979-92F1A81A2273} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3ACD9A5F-89B1-4F83-A515-3FE795886F3} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B01F8BE-25C7-425C-BB1F-33533EDCE425} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B45AC9F-B8E2-42B8-8A45-196E52477A9} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BAF2380-DD92-4A3C-8DF9-D81423EC1950} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BF6D67A-6218-48AD-9246-C0C1C396FDB6} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C4DCFB9-9B79-4D4D-82D0-E1C4A27FD9C5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D8B3EE7-8D50-4957-835E-938529BEEC7} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DD97030-5FCA-4C4E-8D83-CC941DE51164} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E2B80A1-B94E-4D16-84EC-B3E8AF66A2E2} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{401CB8B4-7D2C-490C-90C5-7FC9DFE29F0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40B0A94C-55A5-4E51-BD8D-2DA84C6888} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{411F20A2-4316-41BF-85D9-CC9DF43A4C32} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41B0CFD0-9B4B-4B0A-A5BD-F078FB19B257} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42CD9B34-B97D-4BE1-B923-1359D754F50} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42D4DE52-C94F-4B63-9E63-37D131A9A429} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{441A1E46-5164-4966-AEE8-F6C3FA18B9BA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46E32251-946C-44EA-9034-6BEBAC54791} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47E14818-6AF6-4E2F-878D-B67C1995635} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47E2DD46-E732-4627-984D-4DF47F953F0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{482B581C-A967-425C-A5C8-E6DF3673351} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AD0754F-FFD3-4857-98A4-625A9254294F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B00A6D9-F5A0-401D-84E9-E853D4AB6F6D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B5A987-475F-4346-BCBE-49BA6EA519C5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E869AB3-E1-4ADE-A89F-A1BAEF10AB55} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4EF0F82F-56B7-4B24-8FC6-5B2EBD2D245} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FD00F2D-CBE3-4B7C-A387-D55CBEA3F24} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FEEA3FC-19D2-4782-901B-7FCC14B66A5B} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50E814E8-C1A-4829-A0FD-8418AA6A373} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52A578DC-AB3-4C40-9583-8011A2A381AD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52FAD29A-2429-41E0-8284-6AE01C4EC811} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{541804EE-D236-4B3E-92CF-FCB5987D148A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5471B506-DFE8-4B8A-8934-BD3275DA01E} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54CA48E2-50B9-490A-8822-842A1877DC26} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{554BBA3D-93E2-4068-B2E7-9524E146B317} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58203F28-E5DB-4016-BC32-F953F4A3EA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{584BF1E4-BD8B-4985-8F40-E37EE1E0CE59} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58D72D9E-3EAF-4B14-BC98-9783FC362F5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{595FCD79-6583-441D-9022-593A31FB92B7} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59B8E326-4AEB-4284-879-6BC47A276E14} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A3D8B08-65BF-4FF3-9FA5-7C6B63676868} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B54D77-DC4D-4C9C-8639-FE2B52D85A0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D1194F9-807-4143-A266-60E1634E3B3} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D2C8EC4-7031-4549-8E10-BDB5D7363B32} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FDBD87D-CAB6-465B-9471-A2F312B016} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FE571A-45BC-48FC-8596-F0BE459A79F8} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6078C9DE-D546-4330-AD64-F7CFCB54CF8F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62DD32E4-EC86-4A54-ADBB-3218AE31BDA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{638DE5ED-3F80-4BA0-9437-9B746C2FC878} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{662CF088-2B65-435B-9B1C-9F212D11AA4} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66AE5B5D-591D-4400-AC19-14957DCE8487} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66EA2548-BBEB-4A7D-9EFA-90E032A8C45} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6775C069-7848-4D48-B55-7C49631864C} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67960A99-C6EC-4EC9-9EE2-123703C99C} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6827F7AA-F3ED-4C56-B13E-EFDC4398298F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{683F4F18-CDCC-482D-AAF-805F60D6A5F3} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{692E221-271A-44B6-9766-9C30639663DD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{698D99A-C165-4729-A78B-8BF76B2B2FDD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69F5EB7B-A9FB-4BE4-A88E-86CCBC5DC9D0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A310BEB-CCD3-4DE9-8499-E7D431F81CB} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B8EDAA4-E46B-426D-95DA-1E6166A4184} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D59F78D-51A8-4D8A-BAB6-3C60C1A05CDD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DE5B1F-8CBA-4F69-AF9-9A29EFCD161D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F94CF36-4508-428F-A75E-3B4B4D15462} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7057834-C67D-471D-B256-1538508E6AC2} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71949476-E895-48ED-80E5-5D4560BAAF3D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71E25B4A-40DF-48B5-A73-63C85D5C5078} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7392D49E-7CA0-4D41-8757-E1E16CA13F5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7456AED4-D4EF-4F0A-824B-53802255853D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{746AC5C7-A1D2-47EC-B3D8-3B4CE8D49BBB} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7654A251-5730-44EE-ADC2-1D90B4E482C9} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77684701-EE47-4036-AEC5-DCDE6168B09F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7812A8EB-567C-4ECD-B082-835A14AB8C6A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B17D4AC-C9F5-444D-A5C5-25ACDEDDB095} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CC1D218-D3DF-4F9C-AFDA-C491CDD57A1E} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D6326C0-28BD-4274-9A6-5123CE2E1A5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D923092-2E91-4FB1-89B6-B0A36FF5DAB0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E6E3B52-3B31-4F37-BB94-626DA5EC9E4A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7EDC0DE7-FD6C-44A4-BD2E-58628533679F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F70C17A-490A-40D5-B517-C16B4A63F77} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8037DC-DA21-43F0-BCD-D88DB2D4CF71} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82E8C207-4E67-465B-AE3A-F993A0ADC2C4} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8309C01C-9BE3-4B01-9AD0-47CCFA05F7F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86AAF8B-4761-44BF-9E9D-1B234C362F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8755DDED-1E74-4387-BED7-261F27A31C4} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{879585F1-2B52-4863-B8C9-D43C756060D4} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{896C07E2-F072-441D-A258-B8315CA8E94D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AC416E1-6ADA-46DB-94B6-F3099D3B614} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BD9D7AA-1EC3-4BA7-B289-6250AA48D83} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C0E9CF3-A698-486F-8D68-B0F5E6059CB} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E99A409-9A1-4C41-A7FD-433DB95648D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F539CCD-A4CB-43C0-AE78-67D6E9932155} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{910CB47B-AC12-450E-9AD4-C722CE3C7DB} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{917A6F74-36B8-40F7-A7F0-975B1C7F513F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{925C5133-64E8-4CF2-BE88-AE2BFFA66FFD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92EC57FD-6EEA-4DF1-B3C3-CDC17953690} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93BE76FC-D99F-4526-A42C-9B11FA8B42F4} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{952ABB85-E9E-4150-987F-5CE91A686F44} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9796BF8B-CA87-403B-A73D-688617EFE4D6} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99562B53-661-421D-B29E-9A9CF1AAA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AAF225A-FCC-41B2-A372-3A8ABBE82F9F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DFD73AA-BD49-44A3-A1A8-58FB75A87188} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FE79033-5565-4592-BA8F-679C9B72E54A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FFB225D-25E1-4AFC-93BB-1F9D5FBFA444} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A04158C7-607C-4DAA-A19D-B1CA79749DD5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1F61FB6-1145-4541-99B-AC681EB6924} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3073AC9-26BA-4B47-B31C-804DCFDAE469} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3D2EC69-2A73-4C7D-BB4C-5416D6EEE02A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A48DD52-8FF-40A6-B5FE-604FD6E4585D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A58046B0-4A83-4F71-BFF6-3E556B98C8FC} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B6DD91-D9F3-47A3-8C23-5B587F1A877D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5C2EC3B-2207-4645-8B4D-8DD8BCCC79A2} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A820EF0D-EE9B-4C7B-B75F-FF22C9C589A2} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8F2866E-25F3-4EC7-BA7C-28791E17FD75} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA155E17-D389-4DF1-BEDE-7D6C2EB28DCA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAA0718-CCA3-4F9D-9F2A-B6F4428BF71} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB39350-5364-43BE-BC84-31952E90FFE8} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABB0E661-85DB-4205-B05B-1BC686C51D1} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABF834F2-85D4-4279-9ED1-66697F3896DD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC673BFF-1339-4276-8A21-EC31E973E1A6} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC7BF63C-3A8B-4E72-8B34-413A61165FB9} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD90A068-1FD6-4011-B2DB-35D1B18B681E} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADA3AD9-ED8A-4182-B2F-BDFABB74BBCD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADAB75C8-49CE-4D4D-8D6B-A6E3516C4} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE05D60B-85C4-4F71-8BC3-14578D1C877C} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE82D2C0-3275-49B2-9048-A3DDCF2AA9B0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF6E4AD9-4143-4EF2-A493-BD3ACAE6AF} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFBB1041-FAF-46E3-92AD-7DB84811E059} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2E67C58-D1D1-4CDE-ABA4-E36426F2A3AF} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B33C0D60-DEF5-4BBB-AA6E-877E86721CD7} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B37B521-8E1-41EC-BD2-AC6273A66362} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3F93666-38D3-492D-B920-B58F9A6358F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5679E1D-C7A9-4704-AB35-58CB70DA8177} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5E95460-24F9-4442-A211-7DCB419E2578} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7955741-81BC-4EB0-94AF-13FB76A91263} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7B2CBA7-FB4D-4D49-A2AE-7972605BF315} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7C38E90-FA33-4014-8737-591BE5FD1DD8} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B991E0FE-6DFF-4780-BD49-23C3DDDE022} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9AFD840-DB9C-4DAC-A8AD-9F421C9C39BC} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9BC3A7-DDB4-4286-94EF-A5535ADD333} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9C83A3F-99E4-41D4-B770-C5C6F0DC843} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA71C938-2152-4105-833A-A5807EEEF9F0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB0C881C-10A-4221-85AE-C89C6DF87720} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBB477F4-F92F-429F-8210-961914876745} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD175A4C-D630-4726-A29-EC1F517A268} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE72469A-922-4411-8EB8-10A5B1124DAE} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEA404D0-B70D-4BB0-BF18-3268D3F3A2C5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C105483D-7118-43E2-8486-343A1F78ECED} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C20A8EDA-4EEB-4AAE-B369-4473A581633A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C29F2414-8B84-46AA-9719-36727995FBDC} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C40420AD-656E-4B7A-8AFC-7FE7EBF6C262} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6424E36-4BFB-444B-B8FA-B1D58E1969B3} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C76BD554-9405-4D58-8DE9-16931822719} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7A7F8DA-B8B0-450B-A034-A9CE7D97DAE} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C867EA19-91E9-4AA7-92BB-C01EE7816F59} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8A5122A-418A-4DB9-A8FD-14FD886BFCDF} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C999C076-11E0-4582-B580-525313F5547} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA10025A-A34D-41DB-833D-59635B464A65} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB27F683-143D-440C-86E7-1B768A264ED7} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC420FC9-6A43-4581-86E1-10A6F982F75} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCCA4656-3913-4760-B8DA-44FED2A75C94} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD41F846-E2A0-41AF-BB47-94422D2688C} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE6F84B4-3194-4475-9A40-1B19EDAFD52C} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFA48425-1F48-4B84-A8AD-A4268FFECE3C} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFC5FB3-E8F6-4AF7-A080-A8A01A9DB8FD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFF61FB8-BDEB-48D7-9289-871B97A96E96} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D00AF136-A742-4201-982C-9B7F8B8DD5DB} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D01FF920-1793-4796-98EA-E26730BC8C1} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0FD1791-7315-483D-B994-DEE285CE476A} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DFC046-6BF0-4985-B368-C9ACF16D5E2} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D329D94A-6B02-4C8E-8F41-FEBB7B72AA0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3485978-3131-473F-A6B4-30E6C62AAF1} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D528FBE7-C651-4F59-BF62-A64FDC1D6F16} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6E2C0CC-A84E-4E53-9616-709E696CFA17} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7C9A94F-2A0-4FEF-BC76-16C14C66BDE0} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D807694E-99C6-4995-A2F-A4AE404A22FE} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA236CBA-5A2B-4958-A4BF-33DDD9D130DD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA9731DB-1289-487A-BF2-3779E4735A5} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBBA881A-771-4149-835B-8A1CB13A5EBA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC241B99-285F-4876-AD2F-8D72A771A064} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD9C4EF5-A64E-42C5-8F81-882BBEA75CBB} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDEB59B9-C151-4CF3-A2A8-D04CD58588F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF16A70A-4AF9-4B32-818D-5FD91CC73C60} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF1C8C19-8228-4E49-9FA5-56C8D8A6B818} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0B4DA2C-ED60-40DF-87C9-FD478EAA563F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E13DCADF-323B-427C-8F8-2340C5339698} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3DFC2F8-6DD6-4E5C-9B12-7F712526CE6} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3F4511C-1DAB-42DC-A8EA-329657414D7} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3FD284D-73A9-4F51-B392-C7A052AC2FCF} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4200CD2-85F9-4625-AFD-E954FB15DBDD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E47AEA29-D3B9-4143-881A-DC66AFCE76A2} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E65703EA-8832-4908-A8C5-9D2264C0982} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6F452C1-246A-4D7B-B12E-80ACC297A11D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E70F4C82-A361-4E9A-8CAD-C9B6E1914AE} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E76A2881-A3-4962-BCD2-2122E417D8F7} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7A6994F-EBAA-40BA-99AA-143550C2B71D} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECE1530C-372F-4CD1-8C2A-893E5A9DD1D8} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECF089DB-CAA1-4B5C-8FF3-164D26F8E33} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED3E2210-1644-41B0-B1D0-DEAC249976C} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F01B5D56-DEDD-42CA-A425-19BA2195518E} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0817394-338F-471B-AE59-64F296C3E84} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F11A9C63-CCAE-4CA7-96B7-F728F848562E} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F13FE62B-9CC1-4A86-A1B9-8F22BF5DD663} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F19E8F19-C902-44F2-AE2D-3FB06D9C87B7} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F447C631-C9A5-44B1-93FF-8554B08759CC} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F578B47B-2E54-40D0-9575-EB94D6DBA186} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6D5CFE4-3C70-4CA6-8DA4-F69C328A03F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9757BBF-6CE3-408F-BF6A-5975F4853899} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9987166-3D6A-4C7B-9DBE-A7ED97952B1} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB19FAE0-1107-4969-BD93-38581DE0367F} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBB3263B-96C3-47E7-935D-F62B2B425FD} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD25690B-2659-4EBF-A039-86399E8D70FA} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FECCF8B7-FDF1-454A-B71A-BEA22139F133} deleted successfully
HKEY_USERS\S-1-5-21-4227807349-2635072203-767282089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF1127E8-B9CB-429B-ACBC-FB97AF338766} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Program Files\Sweet Home 3D deleted
C:\Program Files\Vuze deleted
C:\cmdinstall.exe deleted
C:\jass-2.0.0-pub.exe deleted
C:\found.000 deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Users\Default\AppData\Roaming\gacutil.exe deleted
C:\Users\Default\AppData\Roaming\PnPutil.exe deleted
"C:\Windows\Installer\2459d481.msi" deleted
"C:\Windows\Installer\31c266.msi" deleted
"C:\Users\Lonnie\AppData\Local\jkffplbl" deleted
"C:\Users\Lonnie\AppData\Local\pavttpqp" deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Lonnie\AppData\Roaming\Mozilla\Firefox\Profiles\0937xwmn.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update
E3F807ECC0EF5DEA04D67676672841E4 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
59FADC9EB6550247497C68D4BA498CC0 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
343BA8F3ABC8CE69700F37DB4A82300F - C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll - Silverlight Plug-In
0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java™ Platform SE 8 U25
238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18
A4FDD66D0DBF2CADF5B7D2F8187E24D1 - C:\Users\Lonnie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
AB3546B509E4B89096078EB2081C39C7 - C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrlui.dll - Microsoft® Silverlight
==== Chromium Look ======================
Comodo Drag&Drop Service - Lonnie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - Lonnie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
PrivDog - Lonnie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Comodo Media Downloader - Lonnie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
BeFrugal.com Add-On - Lonnie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kcdcneeneoifbeenbbnjodcflhdbaggp
Comodo Dragon Browser Light Theme - Lonnie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kglppafajjeikfgmjjegogphhkjnnmgc
Bejeweled - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm
Ancient History Encyclopedia - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle
Angry Birds - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Google Voice Search Hotword (Beta) - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Facebook - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Calculator - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\decmldkknaaemlafplkkdmmmelbdnlja
A Space Shooter for FREE - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbeobdmeddlnkokfiaijkfabecpmifa
Typing Lessons - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\heehkcnmhmdicclbnofindfmokhfnjag
Kindle Cloud Reader - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd
sixty second shooter - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnlbhjpainpnikdjnmcmiaombhhchkg
Jamstash - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccdpflnecheidefpofmlblgebobbloc
WordPress.com - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd
Coloring Pages - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhphoobahjckipglphjghghlgodanfj
Fieldrunners - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak
Chain Rxn - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkdlfmoglbdpomddljgapccmlognoaf
Search Helper: Preview Note Tag Hide etc - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\naddbmiihfcdfaeencbcmbpioghcjlje
Sidekick - Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd
==== Chromium Startpages ======================
C:\Users\Lonnie\AppData\Local\Comodo\Dragon\User Data\Default\Preferences
"homepage": "http://us.yahoo.com?fr=fpc-comodo",
==== Chromium Fix ======================
C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd deleted successfully
C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oiiaigjnkhngdbnoookogelabohpglmd_0.localstorage deleted successfully
C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oiiaigjnkhngdbnoookogelabohpglmd deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://us.yahoo.com?fr=fp-comodo"
"Search Bar"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.certif...F&st=chrome&q="
"Search Bar"="http://search.certif...F&st=chrome&q="
"Search Page"="http://search.certif...F&st=chrome&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certif...5A6E9AD8F&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certif...5A6E9AD8F&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://search.certif...F&st=chrome&q="
"Search Bar"="http://search.certif...F&st=chrome&q="
"Search Page"="http://search.certif...F&st=chrome&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/ie"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
"SearchAssistant"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Start Page"="http://go.microsoft..../?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Search Page"="http://go.microsoft..../?LinkId=54896"
"SearchAssistant"="http://ie.search.msn...t/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.co...={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/...ox&FORM=IE8SRC"
{E4BDC3BE-7181-4804-A35D-9D76ED044029} Google Url="http://www.google.co...tputEncoding?}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A3C14B8429A918B46B359CF7BE589C01 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC05100 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{48B41C3A-9A92-4B81-B653-C97FEB85C910} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A3C14B8429A918B46B359CF7BE589C01 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC05100 deleted successfully
==== Empty IE Cache ======================
C:\Users\Lonnie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Lonnie\AppData\Local\Mozilla\Firefox\Profiles\0937xwmn.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Lonnie\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\Lonnie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1631 folders=111 266225973 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lonnie\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Lonnie\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied
==== EOF on Sun 02/08/2015 at 8:21:28.97 ======================
#58
Posted 08 February 2015 - 07:30 AM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Hello
Looks good, how is the machine performing?
Looks good, how is the machine performing?
#60
Posted 08 February 2015 - 01:09 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
just fine
Alright, if there are no more issues, I'll remove my tools and provide some tips and information to help protect you in the future.Step 1: Tool Removal with Delfix and Creation of a clean restore point
- Download Delfix from here
- Ensure Remove disinfection tools is ticked
Also tick:- Create registry backup
- Purge system restore
- Click Run
You can uninstall ESET Online Scanner at this time.
I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.
Step 2: Tips, Information, and Optional Installation of Unchecky
- Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
- Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
- Be careful of the websites you visit.
- When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take your time and read each screen as you go.
Installation of Unchecky
This is a very good little program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.
Click here to be taken to Unchecky.com
Click the very large Download button.
Click Save
Once downloaded, double click the program (Vista, Win 7, and 8, right click and Run as Administrator)
Once open, click the Install button.
Then click Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked.
Step 3: Protection Against CryptoLocker
CryptoLocker is a ransomware program that was released around the beginning of September 2013 that targets all versions of Windows including Windows XP, Windows Vista, Windows 7, and Windows 8. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 72 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted.
Please download and install CryptoPrevent to lock your machine down from this infection.
Things I need to see in your next post
Delfix Log
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
