[mrpooh3]

Hi,My PC appears to me to be clean but I ocassionally run malwarebytes jrt and lately I ran it and it picks up something that it fails to delete but I don't know what it is....any help appreciated.

 

here is the report from jrt.exe:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.3.5 (07.07.2015:2)
OS: Windows 7 Professional x64
Ran by Allybally on 07/07/2015 at 23:30:54.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Failed to delete: [File] C:\Windows\syswow64\wscm64.dll



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\Google





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/07/2015 at 23:34:28.86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

[Advertisements]

Hello and welcome to Geeks To Go! My nickname is Pystryker , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

• If you are receiving help for this issue at another forum, please let me know so I can close this thread.
• Please download to and run all requested tools from your Desktop.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
• At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
• If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
• This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
• It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
• If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
• If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
• Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
• Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
• Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we?

 

Hi,My PC appears to me to be clean but I ocassionally run malwarebytes jrt and lately I ran it and it picks up something that it fails to delete but I don't know what it is....any help appreciated.

Hello, let's get a look at your system and see if there's anything going on.


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Place a check in the box marked Addition.txt
  
  
• Press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

[pystryker]

Hello and welcome to Geeks To Go! My nickname is Pystryker , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you

• If you are receiving help for this issue at another forum, please let me know so I can close this thread.
• Please download to and run all requested tools from your Desktop.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
• At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
• If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
• This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
• It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
• If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
• If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
• Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
• Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
• Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.

Now, let's get started, shall we?

 

Hi,My PC appears to me to be clean but I ocassionally run malwarebytes jrt and lately I ran it and it picks up something that it fails to delete but I don't know what it is....any help appreciated.

Hello, let's get a look at your system and see if there's anything going on.


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Place a check in the box marked Addition.txt
  
  
• Press the Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

[mrpooh3]

Hi Pystryker,

here is my frst logs:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by Allybally (administrator) on ALLYBALLY-PC on 11-07-2015 21:42:37
Running from C:\Users\Allybally\Desktop
Loaded Profiles: Allybally (Available Profiles: Allybally)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Windows\SysWOW64\srvany.exe
(O2Micro.) C:\Windows\SysWOW64\SDIOAssist.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(http://www.ruby-lang.org/) C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\bin\rubyw.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Reflection Software Solutions Pvt. Ltd.) C:\Program Files (x86)\CraveWorldClock\CWClock.exe
(Mixesoft Project) C:\Users\Allybally\AppData\Local\Mixesoft\AppNHost\appnhost.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Spotify Ltd) C:\Users\Allybally\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\bin\rubyw.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\wmi64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [6492672 2011-01-18] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1282008 2015-02-28] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\Run: [Crave World Clock] => C:\Program Files (x86)\CraveWorldClock\CWClock.exe [4329192 2014-11-09] (Reflection Software Solutions Pvt. Ltd.)
HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\Run: [appnhost] => C:\Users\Allybally\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\Run: [Spotify Web Helper] => C:\Users\Allybally\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-16] (Spotify Ltd)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3103894336-656722716-3778693516-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-3103894336-656722716-3778693516-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-01] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-01] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
Handler: WSWSVCUchrome - No CLSID Value
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{45C54571-D85A-4623-AA26-0A529597C106}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{4FAD884C-95FC-415A-A10F-88F83AB324C9}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{5852F12A-5BFD-40FB-8698-BE20B77C05EA}: [DhcpNameServer] 194.168.4.100 194.168.8.100

FireFox:
========
FF ProfilePath: C:\Users\Allybally\AppData\Roaming\Mozilla\Firefox\Profiles\nlrsds6f.default-1430521275239
FF Homepage: https://uk.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected] [2015-04-13] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected] [2015-04-13] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected] [2015-04-13] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40620.0\npctrl.dll [2015-06-19] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Extension: YouTube™ HD Plus - C:\Users\Allybally\AppData\Roaming\Mozilla\Firefox\Profiles\nlrsds6f.default-1430521275239\Extensions\[email protected] [2015-05-02]
FF Extension: Adblock Plus - C:\Users\Allybally\AppData\Roaming\Mozilla\Firefox\Profiles\nlrsds6f.default-1430521275239\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected] [2015-04-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected] [2015-04-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\[email protected] [2015-04-13]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.googl...jjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.googl...jjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-04-21] (Adobe Systems) [File not signed]
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-22] (Kaspersky Lab ZAO)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MpsSvc; . [0 2015-07-11] () <==== ATTENTION (zero byte File/Folder)
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
R2 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5839872 2011-01-18] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-22] (Kaspersky Lab UK Ltd)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-06-22] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-06-22] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-06-29] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [850608 2015-06-22] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-06-22] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-06-22] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-06-22] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-22] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-22] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-06-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-06-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-05-03] (BitDefender S.R.L.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Users\Allybally\Documents\Tools\bin\cleanhlp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 21:42 - 2015-07-11 21:43 - 00015722 _____ C:\Users\Allybally\Desktop\FRST.txt
2015-07-11 21:42 - 2015-07-11 21:42 - 00000000 ____D C:\FRST
2015-07-11 21:11 - 2015-07-11 21:11 - 02130944 _____ (Farbar) C:\Users\Allybally\Desktop\FRST64.exe
2015-07-11 12:23 - 2015-07-11 12:31 - 00000000 ____D C:\Users\Allybally\Downloads\Jurassic.World.2015.720p.HC.HDRip.X264.AC3-EVO
2015-07-11 12:22 - 2015-07-11 12:22 - 00210705 _____ C:\Users\Allybally\Downloads\Jurassic.World.2015.720p.HC.HDRip.X264.AC3-EVO.1.torrent
2015-07-11 08:31 - 2015-07-11 20:02 - 00000168 _____ C:\Windows\setupact.log
2015-07-11 08:31 - 2015-07-11 08:31 - 00000000 _____ C:\Windows\setuperr.log
2015-07-09 03:08 - 2015-07-09 03:08 - 00000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-07-09 03:08 - 2015-07-09 03:08 - 00000000 ____D C:\Users\Allybally\AppData\Roaming\WinRAR
2015-07-09 03:08 - 2015-07-09 03:08 - 00000000 ____D C:\Users\Allybally\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-09 03:08 - 2015-07-09 03:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-09 03:06 - 2015-07-09 03:08 - 00000000 ____D C:\Program Files\WinRAR
2015-07-07 23:38 - 2015-07-11 20:06 - 00203331 _____ C:\Windows\WindowsUpdate.log
2015-07-07 23:34 - 2015-07-07 23:34 - 00000724 _____ C:\Users\Allybally\Desktop\JRT.txt
2015-07-06 03:04 - 2015-07-06 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-07-06 03:03 - 2015-07-06 03:04 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2015-07-06 03:02 - 2015-07-06 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-06 03:02 - 2015-07-06 03:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-06 02:54 - 2015-07-08 02:31 - 00000000 ____D C:\Program Files\Google
2015-07-06 02:54 - 2015-07-06 02:54 - 00002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-06 02:54 - 2015-07-06 02:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-06 02:54 - 2015-07-06 02:54 - 00000000 ____D C:\Program Files\CCleaner
2015-07-06 02:53 - 2015-07-06 03:01 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-06 02:53 - 2015-07-06 03:00 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-05 06:26 - 2015-07-05 18:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-25 08:50 - 2015-06-25 08:50 - 00000052 _____ C:\Users\Allybally\Documents\scrot.txt
2015-06-21 12:31 - 2015-07-11 21:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-21 12:31 - 2015-07-09 04:11 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-15 16:24 - 2015-05-09 04:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-15 16:24 - 2015-05-09 04:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-15 16:24 - 2015-05-09 04:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-15 16:24 - 2015-05-09 04:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-15 16:24 - 2015-05-09 04:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-15 16:24 - 2015-05-09 04:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-15 16:24 - 2015-05-09 04:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-15 16:24 - 2015-05-09 04:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-15 16:24 - 2015-05-09 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-15 16:24 - 2015-05-09 04:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-15 16:24 - 2015-05-09 04:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-15 16:24 - 2015-05-09 04:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-15 16:24 - 2015-05-09 04:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-15 16:24 - 2015-05-09 04:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-15 16:24 - 2015-05-09 04:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-15 16:24 - 2015-05-09 04:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-15 12:22 - 2015-06-15 12:22 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-06-14 20:41 - 2015-06-14 20:41 - 00000000 ____D C:\Users\Allybally\AppData\Roaming\Serif
2015-06-14 19:39 - 2015-06-14 19:52 - 00000000 ____D C:\Program Files\paint.net
2015-06-14 19:38 - 2015-06-14 19:38 - 00000000 ____D C:\Users\Allybally\AppData\Local\paint.net

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 20:40 - 2015-04-14 03:31 - 00000000 ___RD C:\Users\Allybally\Documents\ConvertXtoDVD
2015-07-11 20:39 - 2015-06-06 10:16 - 00000000 ____D C:\KMPlayer
2015-07-11 20:39 - 2015-04-14 03:26 - 00000000 ____D C:\ProgramData\VSO
2015-07-11 20:18 - 2015-04-13 00:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-11 20:10 - 2009-07-14 05:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 20:10 - 2009-07-14 05:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 20:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-11 13:24 - 2015-06-03 00:36 - 00000000 ____D C:\Users\Allybally\AppData\Roaming\uTorrent
2015-07-11 13:24 - 2015-04-14 04:39 - 00000000 ____D C:\Users\Allybally\AppData\Local\PokerStars.UK
2015-07-11 09:56 - 2015-04-14 04:38 - 00000000 ____D C:\Program Files (x86)\PokerStars.UK
2015-07-10 15:27 - 2015-04-16 08:54 - 00000000 ____D C:\Users\Allybally\AppData\Roaming\Spotify
2015-07-10 15:27 - 2015-04-16 08:54 - 00000000 ____D C:\Users\Allybally\AppData\Local\Spotify
2015-07-09 12:09 - 2015-05-16 22:08 - 00000000 ____D C:\AdwCleaner
2015-07-09 04:11 - 2015-05-19 15:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 04:11 - 2015-05-19 15:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-08 02:31 - 2015-05-03 08:42 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-08 02:28 - 2015-05-04 03:47 - 00000630 _____ C:\Windows\SysWOW64\BroomData.bit
2015-07-07 23:48 - 2015-04-13 05:47 - 00000000 ____D C:\ProgramData\TEMP
2015-07-07 23:48 - 2015-04-13 05:47 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-07-07 23:39 - 2015-04-13 01:37 - 00000000 ____D C:\Users\Allybally\AppData\Local\Google
2015-07-07 23:37 - 2015-04-14 06:21 - 00000000 ___RD C:\Users\Allybally\Documents\Tools
2015-07-07 22:32 - 2015-04-21 12:59 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-07 01:20 - 2009-07-14 05:45 - 02264904 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-06 07:50 - 2015-04-13 01:37 - 00075664 _____ C:\Users\Allybally\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-06 05:01 - 2015-04-14 06:21 - 00000000 ___RD C:\Users\Allybally\Documents\Anti-Malware
2015-07-06 04:12 - 2015-05-01 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-06 04:12 - 2015-05-01 02:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-05 18:07 - 2015-04-13 01:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-29 22:14 - 2014-10-22 21:13 - 00225976 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-06-23 19:43 - 2015-04-14 06:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 17:54 - 2015-05-20 15:37 - 00099384 _____ C:\Users\Allybally\AppData\Roaming\inst.exe
2015-06-23 17:54 - 2015-04-14 03:26 - 00082816 _____ (VSO Software) C:\Users\Allybally\AppData\Roaming\pcouffin.sys
2015-06-23 17:54 - 2015-04-14 03:26 - 00007859 _____ C:\Users\Allybally\AppData\Roaming\pcouffin.cat
2015-06-23 17:54 - 2015-04-14 03:26 - 00000055 _____ C:\Users\Allybally\AppData\Roaming\pcouffin.log
2015-06-23 17:54 - 2015-04-14 03:26 - 00000000 ____D C:\Users\Allybally\AppData\Roaming\Vso
2015-06-22 15:02 - 2014-12-13 18:21 - 00850608 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-06-22 15:02 - 2014-11-28 18:19 - 00159960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-06-22 15:02 - 2014-11-22 14:12 - 00085360 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-06-22 15:02 - 2014-11-10 17:48 - 00190648 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-06-22 15:02 - 2014-10-30 04:22 - 00040304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-06-22 15:02 - 2014-10-10 17:02 - 00039280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2015-06-22 15:02 - 2014-10-09 12:31 - 00065208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2015-06-22 15:02 - 2014-08-19 12:31 - 00064368 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-06-22 15:02 - 2014-03-31 10:47 - 00478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-06-22 15:02 - 2013-08-08 16:11 - 00039280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2015-06-22 15:02 - 2013-04-12 14:34 - 00024944 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klpd.sys
2015-06-22 15:02 - 2013-01-14 20:10 - 00247016 _____ (Kaspersky Lab UK Ltd) C:\Windows\system32\Drivers\cm_km_w.sys
2015-06-22 01:52 - 2015-06-02 23:22 - 00000000 ____D C:\Program Files\PeerBlock
2015-06-22 01:51 - 2015-04-14 10:02 - 00000000 ____D C:\Program Files (x86)\FreeTime
2015-06-21 12:32 - 2015-04-14 06:44 - 00000000 ____D C:\Users\Allybally\AppData\Local\Adobe
2015-06-20 21:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-06-18 11:44 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-18 08:41 - 2015-05-01 02:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2015-05-01 02:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-18 08:41 - 2015-04-21 12:59 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-15 16:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions

==================== Files in the root of some directories =======

2015-03-26 12:48 - 2015-03-26 12:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2015-05-20 15:37 - 2015-06-23 17:54 - 0099384 _____ () C:\Users\Allybally\AppData\Roaming\inst.exe
2015-04-14 03:26 - 2015-06-23 17:54 - 0007859 _____ () C:\Users\Allybally\AppData\Roaming\pcouffin.cat
2015-04-14 03:26 - 2015-06-23 17:54 - 0001167 _____ () C:\Users\Allybally\AppData\Roaming\pcouffin.inf
2015-04-14 03:26 - 2015-06-23 17:54 - 0000055 _____ () C:\Users\Allybally\AppData\Roaming\pcouffin.log
2015-04-14 03:26 - 2015-06-23 17:54 - 0082816 _____ (VSO Software) C:\Users\Allybally\AppData\Roaming\pcouffin.sys
2015-04-14 03:42 - 2015-04-14 03:42 - 0000038 ___SH () C:\Users\Allybally\AppData\Local\3383130714d37bd0a5e1c67.49796809
2015-05-03 02:05 - 2015-06-03 05:20 - 0092853 _____ () C:\Users\Allybally\AppData\Local\ars.cache
2015-05-03 02:05 - 2015-05-04 05:42 - 0317774 _____ () C:\Users\Allybally\AppData\Local\census.cache
2015-05-03 00:30 - 2015-05-03 00:30 - 0000036 _____ () C:\Users\Allybally\AppData\Local\housecall.guid.cache
2015-05-03 00:39 - 2015-05-03 00:39 - 0000010 _____ () C:\Users\Allybally\AppData\Local\sponge.last.runtime.cache

Some files in TEMP:
====================
C:\Users\Allybally\AppData\Local\temp\KMPAddedCode_KMP_adpageopen_Step1.exe
C:\Users\Allybally\AppData\Local\temp\KMP_3.9.1.138.exe


Some zero byte size files/folders:
==========================
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-06 07:47

==================== End of log ============================

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Allybally at 2015-07-11 21:43:26
Running from C:\Users\Allybally\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3103894336-656722716-3778693516-500 - Administrator - Disabled)
Allybally (S-1-5-21-3103894336-656722716-3778693516-1000 - Administrator - Enabled) => C:\Users\Allybally
Guest (S-1-5-21-3103894336-656722716-3778693516-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3103894336-656722716-3778693516-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
AC3File 0.7b (HKLM-x32\...\AC3File_is1) (Version: 0.7b - Alexander Vigovsky)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.34 - STMicroelectronics)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Crave World Clock Pro 1.6.4.4 (HKLM-x32\...\Crave World Clock Pro_is1) (Version:  - Reflection Software Solutions Pvt. Ltd.)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
DFX (HKLM-x32\...\DFX) (Version: 11.400.0.0 - Power Technology)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.235.13 - Dell Inc.)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.7.1108 - Gretech Corporation)
Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Image Eye v9.0 x64 (HKLM\...\Image Eye_is1) (Version:  - FMJ-Software)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.70.1205 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.138 - PandoraTV)
LibreOffice 4.4.4.3 (HKLM-x32\...\{5B6D82BB-CC1A-431E-8991-3E57855F99C5}) (Version: 4.4.4.3 - The Document Foundation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40620.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-GB)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{938A412F-78C1-4158-8590-038A1D670A57}) (Version: 3.0.07.47 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.47 - O2Micro International LTD.) Hidden
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version:  - PokerStars.uk)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.15 - VSO Software)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinX DVD Ripper Platinum 7.5.11 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.8.20150402 - Xilisoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

06-07-2015 02:56:36 Removed Microsoft Silverlight
06-07-2015 02:57:38 Removed LibreOffice 4.4.3.2
06-07-2015 03:03:04 Installed LibreOffice 4.4.4.3
08-07-2015 12:18:28 Removed Windows Media Player Firefox Plugin
08-07-2015 12:19:05 Installed Windows Media Player Firefox Plugin
09-07-2015 03:05:13 Removed 7-Zip 9.20 (x64 edition)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-05-04 02:58 - 2015-05-07 09:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18C99DD6-3D4E-4143-B648-839B528B80AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {26A024EF-7892-413D-B553-37EA56789E12} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {9012180C-53A8-4D4F-9D80-AA34860A3DB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {C4AD69A1-2078-4FA6-BA7D-5275C2B5D1E8} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-04-14] ()
Task: {DA166A9C-6477-43E2-A193-7E8E3A24DD05} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {ED2654D8-0848-4CEE-B3F2-81B837B6A5F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-19 15:25 - 2015-02-27 14:38 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2015-04-13 01:26 - 2003-04-19 01:06 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2015-04-14 05:09 - 2015-04-14 05:09 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2015-04-13 01:38 - 2013-02-22 20:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-04-15 12:28 - 2012-09-05 12:51 - 00686744 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2015-05-14 07:19 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2015-04-14 05:09 - 2015-04-14 05:09 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2015-07-11 20:02 - 2015-07-11 20:02 - 00012800 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00009728 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00014848 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00094208 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\src\rgloader\rgloader193.mswin.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00009216 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00094208 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00126976 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00087552 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00016384 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00127316 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\bin\libffi-6.dll
2015-07-11 20:02 - 2015-07-11 20:02 - 00008704 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00013312 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00095744 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00026624 _____ () C:\Users\Allybally\AppData\Local\temp\ocr7609.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-05-14 07:19 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2015-07-11 20:02 - 2015-07-11 20:02 - 00012800 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00009728 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00014848 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00094208 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\src\rgloader\rgloader193.mswin.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00094208 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00118784 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00069120 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00083968 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\bin\zlib1.dll
2015-07-11 20:02 - 2015-07-11 20:02 - 00026624 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00275968 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00015360 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00008192 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00009216 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00023552 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00008704 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00008704 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00008704 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00008704 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00036352 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00126976 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00087552 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00016384 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00127316 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\bin\libffi-6.dll
2015-07-11 20:02 - 2015-07-11 20:02 - 00013312 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00095744 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-07-11 20:02 - 2015-07-11 20:02 - 00026624 _____ () C:\Users\Allybally\AppData\Local\temp\ocr9F69.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-04-14 05:09 - 2015-04-14 05:09 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2015-04-14 05:09 - 2015-04-14 05:09 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3103894336-656722716-3778693516-1000\...\1001movie.com -> 1001movie.com

There are 6091 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3103894336-656722716-3778693516-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Allybally\AppData\Local\CraveWorldClock\wcwallpaper.bmp
DNS Servers: 194.168.4.100 - 194.168.8.100

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Allybally^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Allybally\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B4EE9703-B95D-4F08-A29D-23D8DD05F1D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E15F826-A83A-4FF5-9DDC-12A48876B3AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BED00BCE-ADBD-4770-B7CB-0CC9C91BD65F}] => (Allow) C:\Users\Allybally\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BE7B6E1D-F3E4-4BF4-81AD-FD96E8067D71}] => (Allow) C:\Users\Allybally\AppData\Roaming\uTorrent\uTorrent.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2015 08:03:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 12:09:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:33:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 06:06:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (07/10/2015 03:02:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 01:06:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 12:11:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 12:00:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 11:47:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 11:17:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/09/2015 12:09:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/09/2015 12:09:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/09/2015 12:09:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/09/2015 12:08:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/09/2015 12:08:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/09/2015 12:08:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Integrated Clock Controller Service - Intel® ICCS service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/09/2015 12:08:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The O2SDIOAssist service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/09/2015 12:08:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The O2FLASH service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/09/2015 12:08:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Andrea ST Filters Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/09/2015 12:08:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office:
=========================
Error: (07/11/2015 08:03:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 12:09:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:33:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 06:06:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (07/10/2015 03:02:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 01:06:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 12:11:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 12:00:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 11:47:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 11:17:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-05-07 09:54:23.440
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-05-07 09:54:23.423
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 3993.05 MB
Available physical RAM: 2744.94 MB
Total Virtual: 7984.31 MB
Available Virtual: 6531.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:65.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 7FD2E42D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of log ============================

[pystryker]

Hi

There's nothing showing in the logs, but I'd like to run a rootkit scan to make sure nothing more nefarious is hiding.


Please download TDSSKiller to the desktop.

Alternate download is here.

• Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
• When the main GUI(graphical user interface) window opens, click on Change Parameters
• Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
• Click on Start Scan, the scan will run.
• When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
• A Report will have been created by TDSSKiller in your root directory C:\
• To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
• Post the contents of that log in your next reply please.

Note: Do not have TDSSKiller remove anything if found at this point in time!

Things I need to see in your next post:

TDSSKiller Log

[mrpooh3]

Hi,here is my TDSSKiller log:

 

 

22:08:37.0169 0x093c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:08:43.0589 0x093c  ============================================================
22:08:43.0589 0x093c  Current date / time: 2015/07/11 22:08:43.0589
22:08:43.0589 0x093c  SystemInfo:
22:08:43.0589 0x093c  
22:08:43.0589 0x093c  OS Version: 6.1.7601 ServicePack: 1.0
22:08:43.0589 0x093c  Product type: Workstation
22:08:43.0589 0x093c  ComputerName: ALLYBALLY-PC
22:08:43.0589 0x093c  UserName: Allybally
22:08:43.0589 0x093c  Windows directory: C:\Windows
22:08:43.0589 0x093c  System windows directory: C:\Windows
22:08:43.0589 0x093c  Running under WOW64
22:08:43.0589 0x093c  Processor architecture: Intel x64
22:08:43.0589 0x093c  Number of processors: 4
22:08:43.0589 0x093c  Page size: 0x1000
22:08:43.0589 0x093c  Boot type: Normal boot
22:08:43.0589 0x093c  ============================================================
22:08:45.0488 0x093c  KLMD registered as C:\Windows\system32\drivers\80628681.sys
22:08:45.0658 0x093c  System UUID: {DAFE7F0C-79D4-F971-93C2-2E3A0470A6FA}
22:08:46.0147 0x093c  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:08:46.0151 0x093c  ============================================================
22:08:46.0151 0x093c  \Device\Harddisk0\DR0:
22:08:46.0151 0x093c  MBR partitions:
22:08:46.0151 0x093c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:08:46.0151 0x093c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
22:08:46.0151 0x093c  ============================================================
22:08:46.0187 0x093c  C: <-> \Device\Harddisk0\DR0\Partition2
22:08:46.0187 0x093c  ============================================================
22:08:46.0187 0x093c  Initialize success
22:08:46.0187 0x093c  ============================================================
22:09:33.0887 0x105c  ============================================================
22:09:33.0888 0x105c  Scan started
22:09:33.0888 0x105c  Mode: Manual; SigCheck; TDLFS;
22:09:33.0888 0x105c  ============================================================
22:09:33.0888 0x105c  KSN ping started
22:09:47.0540 0x105c  KSN ping finished: true
22:09:49.0286 0x105c  ================ Scan system memory ========================
22:09:49.0286 0x105c  System memory - ok
22:09:49.0286 0x105c  ================ Scan services =============================
22:09:49.0373 0x105c  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:09:49.0405 0x105c  !SASCORE - ok
22:09:49.0548 0x105c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
22:09:49.0563 0x105c  1394ohci - ok
22:09:49.0621 0x105c  [ 1575A815C27789061F34B4F55AE0B5C3, F41CF20CB26DF5F2BEA83463A790849DC240202CF558DE4F3BF6372230D42566 ] Acceler         C:\Windows\system32\DRIVERS\accelern.sys
22:09:49.0639 0x105c  Acceler - ok
22:09:49.0671 0x105c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:09:49.0685 0x105c  ACPI - ok
22:09:49.0713 0x105c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:09:49.0738 0x105c  AcpiPmi - ok
22:09:49.0826 0x105c  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:09:49.0831 0x105c  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
22:09:52.0487 0x105c  Detect skipped due to KSN trusted
22:09:52.0487 0x105c  Adobe LM Service - ok
22:09:52.0568 0x105c  [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:09:52.0575 0x105c  AdobeARMservice - ok
22:09:52.0706 0x105c  [ B8F7DF2DD3AA8A5AA865162F011636AD, 733AC203ABEEC3295E2CB5FC623260406EA1CF8A4DD317C637F014C9D6612DEB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:09:52.0717 0x105c  AdobeFlashPlayerUpdateSvc - ok
22:09:52.0767 0x105c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:09:52.0784 0x105c  adp94xx - ok
22:09:52.0853 0x105c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:09:52.0867 0x105c  adpahci - ok
22:09:52.0884 0x105c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:09:52.0895 0x105c  adpu320 - ok
22:09:52.0919 0x105c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:09:52.0929 0x105c  AeLookupSvc - ok
22:09:52.0987 0x105c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
22:09:53.0014 0x105c  AESTFilters - ok
22:09:53.0087 0x105c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:09:53.0105 0x105c  AFD - ok
22:09:53.0150 0x105c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:09:53.0159 0x105c  agp440 - ok
22:09:53.0199 0x105c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:09:53.0210 0x105c  ALG - ok
22:09:53.0239 0x105c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:09:53.0247 0x105c  aliide - ok
22:09:53.0262 0x105c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:09:53.0270 0x105c  amdide - ok
22:09:53.0299 0x105c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:09:53.0309 0x105c  AmdK8 - ok
22:09:53.0313 0x105c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:09:53.0323 0x105c  AmdPPM - ok
22:09:53.0369 0x105c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:09:53.0379 0x105c  amdsata - ok
22:09:53.0397 0x105c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:09:53.0407 0x105c  amdsbs - ok
22:09:53.0422 0x105c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:09:53.0430 0x105c  amdxata - ok
22:09:53.0473 0x105c  [ 151FC56EC8B8ADD08FEC21A31C50AA2C, 0AB59170A685413560BB807AF2C6A43CDE72D8AA0EB6682535C4091ABBE35FEF ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
22:09:53.0489 0x105c  ApfiltrService - ok
22:09:53.0551 0x105c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
22:09:53.0561 0x105c  AppID - ok
22:09:53.0575 0x105c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:09:53.0584 0x105c  AppIDSvc - ok
22:09:53.0614 0x105c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:09:53.0624 0x105c  Appinfo - ok
22:09:53.0687 0x105c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:09:53.0711 0x105c  AppMgmt - ok
22:09:53.0752 0x105c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:09:53.0761 0x105c  arc - ok
22:09:53.0778 0x105c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:09:53.0786 0x105c  arcsas - ok
22:09:53.0884 0x105c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:09:53.0926 0x105c  aspnet_state - ok
22:09:53.0953 0x105c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:09:53.0978 0x105c  AsyncMac - ok
22:09:53.0994 0x105c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:09:54.0001 0x105c  atapi - ok
22:09:54.0066 0x105c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:09:54.0086 0x105c  AudioEndpointBuilder - ok
22:09:54.0102 0x105c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:09:54.0123 0x105c  AudioSrv - ok
22:09:54.0215 0x105c  [ 9C7C876ACB9B707ECD08BD434C46A4D3, 4135E95C0E531854268D2009ACD6F932D8ADC4D31E72D3B942F731C60ECCDF1D ] AVP15.0.2       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
22:09:54.0226 0x105c  AVP15.0.2 - ok
22:09:54.0282 0x105c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:09:54.0296 0x105c  AxInstSV - ok
22:09:54.0359 0x105c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:09:54.0392 0x105c  b06bdrv - ok
22:09:54.0439 0x105c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:09:54.0452 0x105c  b57nd60a - ok
22:09:54.0504 0x105c  [ C3D8920A5AAF10A72CEDB57D3339280A, 121C181F9383511B5D1D49AC0EB68A3E1B7945D4642F03619F01E6D401320B47 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
22:09:54.0512 0x105c  BCM42RLY - ok
22:09:54.0683 0x105c  [ D20EE58C13FF343B90550861EBCD9DDD, D177D56FE6AE0408C0A60AC17DEFAAD5EFEC1D7435A495E9265D0744639E8639 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
22:09:54.0778 0x105c  BCM43XX - ok
22:09:54.0844 0x105c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:09:54.0854 0x105c  BDESVC - ok
22:09:54.0900 0x105c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:09:54.0925 0x105c  Beep - ok
22:09:54.0975 0x105c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:09:55.0008 0x105c  BFE - ok
22:09:55.0063 0x105c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:09:55.0163 0x105c  BITS - ok
22:09:55.0205 0x105c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:09:55.0215 0x105c  blbdrive - ok
22:09:55.0257 0x105c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:09:55.0267 0x105c  bowser - ok
22:09:55.0285 0x105c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:09:55.0295 0x105c  BrFiltLo - ok
22:09:55.0298 0x105c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:09:55.0308 0x105c  BrFiltUp - ok
22:09:55.0374 0x105c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
22:09:55.0400 0x105c  BridgeMP - ok
22:09:55.0461 0x105c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:09:55.0473 0x105c  Browser - ok
22:09:55.0491 0x105c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:09:55.0504 0x105c  Brserid - ok
22:09:55.0508 0x105c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:09:55.0519 0x105c  BrSerWdm - ok
22:09:55.0529 0x105c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:09:55.0540 0x105c  BrUsbMdm - ok
22:09:55.0542 0x105c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:09:55.0551 0x105c  BrUsbSer - ok
22:09:55.0596 0x105c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
22:09:55.0606 0x105c  BthEnum - ok
22:09:55.0609 0x105c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:09:55.0621 0x105c  BTHMODEM - ok
22:09:55.0650 0x105c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:09:55.0662 0x105c  BthPan - ok
22:09:55.0694 0x105c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
22:09:55.0712 0x105c  BTHPORT - ok
22:09:55.0752 0x105c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:09:55.0778 0x105c  bthserv - ok
22:09:55.0804 0x105c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
22:09:55.0814 0x105c  BTHUSB - ok
22:09:55.0823 0x105c  catchme - ok
22:09:55.0840 0x105c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:09:55.0866 0x105c  cdfs - ok
22:09:55.0917 0x105c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:09:55.0929 0x105c  cdrom - ok
22:09:55.0956 0x105c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:09:55.0982 0x105c  CertPropSvc - ok
22:09:56.0006 0x105c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:09:56.0017 0x105c  circlass - ok
22:09:56.0109 0x105c  cleanhlp - ok
22:09:56.0154 0x105c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:09:56.0168 0x105c  CLFS - ok
22:09:56.0224 0x105c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:09:56.0234 0x105c  clr_optimization_v2.0.50727_32 - ok
22:09:56.0259 0x105c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:09:56.0268 0x105c  clr_optimization_v2.0.50727_64 - ok
22:09:56.0358 0x105c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:09:56.0403 0x105c  clr_optimization_v4.0.30319_32 - ok
22:09:56.0427 0x105c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:09:56.0439 0x105c  clr_optimization_v4.0.30319_64 - ok
22:09:56.0471 0x105c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:09:56.0480 0x105c  CmBatt - ok
22:09:56.0506 0x105c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:09:56.0514 0x105c  cmdide - ok
22:09:56.0555 0x105c  [ 429B31D047CFAD3CA5DD38120A2CE455, 5CC1459CBBBF2E6788635D4C277B116D90AE01DBE7AD561EB41A668F64801E80 ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
22:09:56.0569 0x105c  cm_km_w - ok
22:09:56.0620 0x105c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
22:09:56.0672 0x105c  CNG - ok
22:09:56.0706 0x105c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:09:56.0713 0x105c  Compbatt - ok
22:09:56.0740 0x105c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:09:56.0752 0x105c  CompositeBus - ok
22:09:56.0767 0x105c  COMSysApp - ok
22:09:56.0906 0x105c  [ 628D509B90B625E5A57F3433E05A0AE8, BE18A6BFDFA6A83DDE529058B9DBE11330B4501C9F460956C223E038F4A6A8CC ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:09:56.0920 0x105c  cphs - ok
22:09:56.0951 0x105c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:09:56.0959 0x105c  crcdisk - ok
22:09:56.0984 0x105c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:09:56.0996 0x105c  CryptSvc - ok
22:09:57.0030 0x105c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
22:09:57.0058 0x105c  CSC - ok
22:09:57.0075 0x105c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
22:09:57.0097 0x105c  CscService - ok
22:09:57.0168 0x105c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:09:57.0201 0x105c  DcomLaunch - ok
22:09:57.0232 0x105c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:09:57.0263 0x105c  defragsvc - ok
22:09:57.0287 0x105c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:09:57.0312 0x105c  DfsC - ok
22:09:57.0359 0x105c  [ 51D50A9A72C18E4629891BF381D123BA, 3C9156F4430A677ACF8F79A648E8FAA668F4A8B58E202B4898CE95396F5A5820 ] DFX11_1         C:\Windows\system32\drivers\dfx11_1x64.sys
22:09:57.0367 0x105c  DFX11_1 - ok
22:09:57.0411 0x105c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:09:57.0435 0x105c  Dhcp - ok
22:09:57.0591 0x105c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:09:57.0640 0x105c  DiagTrack - ok
22:09:57.0683 0x105c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:09:57.0709 0x105c  discache - ok
22:09:57.0739 0x105c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:09:57.0747 0x105c  Disk - ok
22:09:57.0777 0x105c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
22:09:57.0804 0x105c  dmvsc - ok
22:09:57.0849 0x105c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:09:57.0861 0x105c  Dnscache - ok
22:09:57.0886 0x105c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:09:57.0916 0x105c  dot3svc - ok
22:09:57.0940 0x105c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:09:57.0967 0x105c  DPS - ok
22:09:58.0049 0x105c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:09:58.0057 0x105c  drmkaud - ok
22:09:58.0116 0x105c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:09:58.0147 0x105c  DXGKrnl - ok
22:09:58.0208 0x105c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:09:58.0235 0x105c  EapHost - ok
22:09:58.0367 0x105c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:09:58.0521 0x105c  ebdrv - ok
22:09:58.0563 0x105c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
22:09:58.0580 0x105c  EFS - ok
22:09:58.0633 0x105c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:09:58.0653 0x105c  elxstor - ok
22:09:58.0666 0x105c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:09:58.0676 0x105c  ErrDev - ok
22:09:58.0715 0x105c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:09:58.0746 0x105c  EventSystem - ok
22:09:58.0773 0x105c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:09:58.0801 0x105c  exfat - ok
22:09:58.0834 0x105c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:09:58.0863 0x105c  fastfat - ok
22:09:58.0875 0x105c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:09:58.0884 0x105c  fdc - ok
22:09:58.0916 0x105c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:09:58.0942 0x105c  fdPHost - ok
22:09:58.0950 0x105c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:09:58.0975 0x105c  FDResPub - ok
22:09:58.0987 0x105c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:09:58.0996 0x105c  FileInfo - ok
22:09:59.0008 0x105c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:09:59.0032 0x105c  Filetrace - ok
22:09:59.0037 0x105c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:09:59.0050 0x105c  flpydisk - ok
22:09:59.0058 0x105c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:09:59.0072 0x105c  FltMgr - ok
22:09:59.0148 0x105c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
22:09:59.0193 0x105c  FontCache - ok
22:09:59.0240 0x105c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:09:59.0335 0x105c  FontCache3.0.0.0 - ok
22:09:59.0357 0x105c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:09:59.0365 0x105c  FsDepends - ok
22:09:59.0401 0x105c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:09:59.0409 0x105c  Fs_Rec - ok
22:09:59.0451 0x105c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:09:59.0465 0x105c  fvevol - ok
22:09:59.0529 0x105c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:09:59.0538 0x105c  gagp30kx - ok
22:09:59.0586 0x105c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:09:59.0624 0x105c  gpsvc - ok
22:09:59.0643 0x105c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:09:59.0657 0x105c  hcw85cir - ok
22:09:59.0699 0x105c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:09:59.0718 0x105c  HdAudAddService - ok
22:09:59.0754 0x105c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:09:59.0767 0x105c  HDAudBus - ok
22:09:59.0783 0x105c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:09:59.0792 0x105c  HidBatt - ok
22:09:59.0796 0x105c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:09:59.0809 0x105c  HidBth - ok
22:09:59.0820 0x105c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:09:59.0832 0x105c  HidIr - ok
22:09:59.0851 0x105c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
22:09:59.0876 0x105c  hidserv - ok
22:09:59.0906 0x105c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
22:09:59.0934 0x105c  HidUsb - ok
22:09:59.0966 0x105c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:09:59.0993 0x105c  hkmsvc - ok
22:10:00.0020 0x105c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:10:00.0034 0x105c  HomeGroupListener - ok
22:10:00.0059 0x105c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:10:00.0071 0x105c  HomeGroupProvider - ok
22:10:00.0103 0x105c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:10:00.0112 0x105c  HpSAMD - ok
22:10:00.0200 0x105c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:10:00.0242 0x105c  HTTP - ok
22:10:00.0269 0x105c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:10:00.0277 0x105c  hwpolicy - ok
22:10:00.0290 0x105c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:10:00.0301 0x105c  i8042prt - ok
22:10:00.0354 0x105c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:10:00.0370 0x105c  iaStorV - ok
22:10:00.0459 0x105c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
22:10:00.0469 0x105c  ICCS - ok
22:10:00.0541 0x105c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:10:00.0568 0x105c  idsvc - ok
22:10:00.0598 0x105c  IEEtwCollectorService - ok
22:10:00.0791 0x105c  [ C63C32080615F49A4B8CA50523D6AA59, 918F247E44F58E12F428768C0A52F0960E53D450449FB0A0D12C278D333A3CD4 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:10:01.0001 0x105c  igfx - ok
22:10:01.0037 0x105c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:10:01.0045 0x105c  iirsp - ok
22:10:01.0095 0x105c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:10:01.0120 0x105c  IKEEXT - ok
22:10:01.0184 0x105c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:10:01.0214 0x105c  IntcDAud - ok
22:10:01.0242 0x105c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:10:01.0249 0x105c  intelide - ok
22:10:01.0287 0x105c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:10:01.0297 0x105c  intelppm - ok
22:10:01.0328 0x105c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:10:01.0356 0x105c  IPBusEnum - ok
22:10:01.0375 0x105c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:10:01.0401 0x105c  IpFilterDriver - ok
22:10:01.0496 0x105c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:10:01.0518 0x105c  iphlpsvc - ok
22:10:01.0557 0x105c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:10:01.0568 0x105c  IPMIDRV - ok
22:10:01.0581 0x105c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:10:01.0610 0x105c  IPNAT - ok
22:10:01.0634 0x105c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:10:01.0647 0x105c  IRENUM - ok
22:10:01.0664 0x105c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:10:01.0672 0x105c  isapnp - ok
22:10:01.0712 0x105c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:10:01.0765 0x105c  iScsiPrt - ok
22:10:01.0801 0x105c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:10:01.0811 0x105c  kbdclass - ok
22:10:01.0830 0x105c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
22:10:01.0841 0x105c  kbdhid - ok
22:10:01.0864 0x105c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
22:10:01.0874 0x105c  KeyIso - ok
22:10:01.0934 0x105c  [ 5781DA0CFB8833F5D8AEB433233C7294, 5EF52B532257E8CD34CEAFA405FF022CB1127B6A92BEE5578BC73B0380556D2A ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
22:10:01.0954 0x105c  kl1 - ok
22:10:02.0011 0x105c  [ EE7A44540B65B6FF617DCB8929C9FDAE, E9FB0BEAA1692CEBE8F6E1DED6AE49EFE2679F606CD251AE2222095D37129CDA ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
22:10:02.0023 0x105c  kldisk - ok
22:10:02.0064 0x105c  [ 119FC2FA9972458FF15BC17F2C36AB99, 6D45F8C9DC0CA7E8CA24E339B543E255C2A36349F9E510F20415FC4F6A1BD868 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
22:10:02.0077 0x105c  klflt - ok
22:10:02.0099 0x105c  [ B96959CDDDEAE40F5B57C52AC6F94EC0, 207CA534DEACA83231FCE92E248ECFA95B8A12FA7FD3D711B730D76FD4A481DD ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
22:10:02.0113 0x105c  klhk - ok
22:10:02.0158 0x105c  [ BEC7B9DE0AAFB871DE40F24C42744B00, E4D46DF38097B135EBA913BC3F5D4DD58548D4B9E58D55A0E90783C6B68B03B3 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
22:10:02.0188 0x105c  KLIF - ok
22:10:02.0213 0x105c  [ 3B360AA2710679C71E450745B96A801C, 2DDD55D838DA70D4834896AC70BEFB611488D894A79B14D5838401F5D9F93A84 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
22:10:02.0222 0x105c  KLIM6 - ok
22:10:02.0249 0x105c  [ 7DBA65D9D2974298B927287904EFF3D4, F69DDB0FF6CCEAE5EC7CD2A04A55E24D960DF4C6F935475C4AD466506D652255 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
22:10:02.0258 0x105c  klkbdflt - ok
22:10:02.0269 0x105c  [ 99EA6658E783A8D683BC3B72FD9FD235, 28163AE6503A30722497B5176AFDB139C21DC318622ABF867B65AB2C7D96EF59 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
22:10:02.0279 0x105c  klmouflt - ok
22:10:02.0319 0x105c  [ B33399BCA2034648520E34987CE2C0C9, F93B38D7DFAAE44B929BC2F739F03A9A67C6FA4AFC29B07DF96D2C7011DCB1AF ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
22:10:02.0328 0x105c  klpd - ok
22:10:02.0359 0x105c  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
22:10:02.0370 0x105c  kltdi - ok
22:10:02.0386 0x105c  [ 88D5EF6EE17C280167D42B53282AB4BD, CFFF8D7CE24FCE62FB2C21E1B09DF914612C1EF96876855537B207F7BD83E872 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
22:10:02.0399 0x105c  Klwtp - ok
22:10:02.0429 0x105c  [ 1AAA539F0F16716466596C37599C7AF2, 888ABC477C2720CA55BC30C8D5FA0A5490F41B62F2A5502F808E9F709FFC0DBB ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
22:10:02.0444 0x105c  kneps - ok
22:10:02.0480 0x105c  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:10:02.0492 0x105c  KSecDD - ok
22:10:02.0517 0x105c  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:10:02.0528 0x105c  KSecPkg - ok
22:10:02.0560 0x105c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:10:02.0585 0x105c  ksthunk - ok
22:10:02.0619 0x105c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:10:02.0653 0x105c  KtmRm - ok
22:10:02.0676 0x105c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:10:02.0707 0x105c  LanmanServer - ok
22:10:02.0757 0x105c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:10:02.0784 0x105c  LanmanWorkstation - ok
22:10:02.0817 0x105c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:10:02.0843 0x105c  lltdio - ok
22:10:02.0884 0x105c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:10:02.0916 0x105c  lltdsvc - ok
22:10:02.0946 0x105c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:10:02.0972 0x105c  lmhosts - ok
22:10:03.0023 0x105c  [ 5238F7CA49B79C671722059A78E5B8B9, DE7E10E06014D880F93AD1ABF9E1EB71767552F5C0EFF1EC9B5072F8D6238E58 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:10:03.0038 0x105c  LMS - ok
22:10:03.0074 0x105c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:10:03.0084 0x105c  LSI_FC - ok
22:10:03.0099 0x105c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:10:03.0109 0x105c  LSI_SAS - ok
22:10:03.0121 0x105c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:10:03.0130 0x105c  LSI_SAS2 - ok
22:10:03.0135 0x105c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:10:03.0146 0x105c  LSI_SCSI - ok
22:10:03.0161 0x105c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:10:03.0188 0x105c  luafv - ok
22:10:03.0245 0x105c  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:10:03.0253 0x105c  MBAMProtector - ok
22:10:03.0358 0x105c  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
22:10:03.0385 0x105c  MBAMService - ok
22:10:03.0449 0x105c  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:10:03.0458 0x105c  MBAMWebAccessControl - ok
22:10:03.0495 0x105c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:10:03.0503 0x105c  megasas - ok
22:10:03.0524 0x105c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:10:03.0538 0x105c  MegaSR - ok
22:10:03.0562 0x105c  [ 6EA2F13DEAF130753F6FC19AFFFF94A8, ADA5BA2DBCD58372918FD278834B2E13FE0F73E200A2E747AB7B123C31E46825 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:10:03.0572 0x105c  MEIx64 - ok
22:10:03.0608 0x105c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:10:03.0643 0x105c  MMCSS - ok
22:10:03.0659 0x105c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:10:03.0694 0x105c  Modem - ok
22:10:03.0722 0x105c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:10:03.0735 0x105c  monitor - ok
22:10:03.0761 0x105c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:10:03.0770 0x105c  mouclass - ok
22:10:03.0781 0x105c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:10:03.0793 0x105c  mouhid - ok
22:10:03.0826 0x105c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:10:03.0837 0x105c  mountmgr - ok
22:10:03.0879 0x105c  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:10:03.0892 0x105c  MozillaMaintenance - ok
22:10:03.0916 0x105c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:10:03.0950 0x105c  mpio - ok
22:10:03.0960 0x105c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:10:03.0987 0x105c  mpsdrv - ok
22:10:03.0989 0x105c  MpsSvc - ok
22:10:04.0015 0x105c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:10:04.0038 0x105c  MRxDAV - ok
22:10:04.0069 0x105c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:10:04.0099 0x105c  mrxsmb - ok
22:10:04.0126 0x105c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:10:04.0141 0x105c  mrxsmb10 - ok
22:10:04.0164 0x105c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:10:04.0175 0x105c  mrxsmb20 - ok
22:10:04.0212 0x105c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:10:04.0220 0x105c  msahci - ok
22:10:04.0254 0x105c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:10:04.0264 0x105c  msdsm - ok
22:10:04.0276 0x105c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:10:04.0289 0x105c  MSDTC - ok
22:10:04.0304 0x105c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:10:04.0331 0x105c  Msfs - ok
22:10:04.0352 0x105c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:10:04.0377 0x105c  mshidkmdf - ok
22:10:04.0387 0x105c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:10:04.0394 0x105c  msisadrv - ok
22:10:04.0429 0x105c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:10:04.0457 0x105c  MSiSCSI - ok
22:10:04.0459 0x105c  msiserver - ok
22:10:04.0489 0x105c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:10:04.0514 0x105c  MSKSSRV - ok
22:10:04.0516 0x105c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:10:04.0541 0x105c  MSPCLOCK - ok
22:10:04.0543 0x105c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:10:04.0568 0x105c  MSPQM - ok
22:10:04.0586 0x105c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:10:04.0602 0x105c  MsRPC - ok
22:10:04.0606 0x105c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:10:04.0614 0x105c  mssmbios - ok
22:10:04.0624 0x105c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:10:04.0649 0x105c  MSTEE - ok
22:10:04.0652 0x105c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:10:04.0661 0x105c  MTConfig - ok
22:10:04.0665 0x105c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:10:04.0673 0x105c  Mup - ok
22:10:04.0713 0x105c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:10:04.0747 0x105c  napagent - ok
22:10:04.0793 0x105c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:10:04.0812 0x105c  NativeWifiP - ok
22:10:04.0880 0x105c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:10:04.0906 0x105c  NDIS - ok
22:10:04.0946 0x105c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:10:04.0971 0x105c  NdisCap - ok
22:10:04.0993 0x105c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:10:05.0019 0x105c  NdisTapi - ok
22:10:05.0031 0x105c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:10:05.0060 0x105c  Ndisuio - ok
22:10:05.0065 0x105c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:10:05.0093 0x105c  NdisWan - ok
22:10:05.0097 0x105c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:10:05.0123 0x105c  NDProxy - ok
22:10:05.0126 0x105c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:10:05.0151 0x105c  NetBIOS - ok
22:10:05.0174 0x105c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:10:05.0202 0x105c  NetBT - ok
22:10:05.0220 0x105c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
22:10:05.0229 0x105c  Netlogon - ok
22:10:05.0264 0x105c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:10:05.0296 0x105c  Netman - ok
22:10:05.0336 0x105c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:10:05.0472 0x105c  NetMsmqActivator - ok
22:10:05.0489 0x105c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:10:05.0504 0x105c  NetPipeActivator - ok
22:10:05.0535 0x105c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:10:05.0581 0x105c  netprofm - ok
22:10:05.0603 0x105c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:10:05.0614 0x105c  NetTcpActivator - ok
22:10:05.0618 0x105c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:10:05.0629 0x105c  NetTcpPortSharing - ok
22:10:05.0665 0x105c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:10:05.0674 0x105c  nfrd960 - ok
22:10:05.0707 0x105c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:10:05.0735 0x105c  NlaSvc - ok
22:10:05.0750 0x105c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:10:05.0775 0x105c  Npfs - ok
22:10:05.0799 0x105c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:10:05.0825 0x105c  nsi - ok
22:10:05.0828 0x105c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:10:05.0853 0x105c  nsiproxy - ok
22:10:05.0920 0x105c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:10:05.0966 0x105c  Ntfs - ok
22:10:05.0999 0x105c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:10:06.0023 0x105c  Null - ok
22:10:06.0041 0x105c  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
22:10:06.0061 0x105c  nusb3hub - ok
22:10:06.0094 0x105c  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
22:10:06.0118 0x105c  nusb3xhc - ok
22:10:06.0152 0x105c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:10:06.0162 0x105c  nvraid - ok
22:10:06.0195 0x105c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:10:06.0206 0x105c  nvstor - ok
22:10:06.0253 0x105c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:10:06.0263 0x105c  nv_agp - ok
22:10:06.0338 0x105c  [ 4F15919E01025797007393982E777C52, 4820F07C74FA0997DCDE56A3ABD8D0DB90364C10C55BE571CFB1F59D15BB6CCC ] O2FLASH         C:\Windows\system32\o2flash.exe
22:10:06.0351 0x105c  O2FLASH - ok
22:10:06.0376 0x105c  [ 8ED738ABA394BBF6D7802698BE453112, E91E8C27FA111CC20CCB05F41CBF181C398F48A980B523A041CACE242990F77A ] O2MDRRDR        C:\Windows\system32\DRIVERS\O2MDRw7x64.sys
22:10:06.0384 0x105c  O2MDRRDR - ok
22:10:06.0436 0x105c  [ 4635935FC972C582632BF45C26BFCB0E, ABD4AFD71B3C2BD3F741BBE3CEC52C4FA63AC78D353101D2E7DC4DE2725D1CA1 ] O2SDIOAssist    C:\Windows\SysWOW64\srvany.exe
22:10:06.0441 0x105c  O2SDIOAssist - detected UnsignedFile.Multi.Generic ( 1 )
22:10:09.0133 0x105c  Detect skipped due to KSN trusted
22:10:09.0133 0x105c  O2SDIOAssist - ok
22:10:09.0154 0x105c  [ 274D339AA2EF916BB6F5FAB953886ED6, 57C7FEC288829EE7A2F043D8307908E495905C7B410A7CA5020B409C1D35E6E0 ] O2SDJRDR        C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
22:10:09.0163 0x105c  O2SDJRDR - ok
22:10:09.0189 0x105c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:10:09.0200 0x105c  ohci1394 - ok
22:10:09.0233 0x105c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:10:09.0269 0x105c  p2pimsvc - ok
22:10:09.0297 0x105c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:10:09.0316 0x105c  p2psvc - ok
22:10:09.0362 0x105c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:10:09.0374 0x105c  Parport - ok
22:10:09.0406 0x105c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:10:09.0414 0x105c  partmgr - ok
22:10:09.0446 0x105c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:10:09.0473 0x105c  PcaSvc - ok
22:10:09.0479 0x105c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:10:09.0490 0x105c  pci - ok
22:10:09.0507 0x105c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:10:09.0515 0x105c  pciide - ok
22:10:09.0552 0x105c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:10:09.0564 0x105c  pcmcia - ok
22:10:09.0588 0x105c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:10:09.0596 0x105c  pcw - ok
22:10:09.0622 0x105c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:10:09.0643 0x105c  PEAUTH - ok
22:10:09.0783 0x105c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:10:09.0824 0x105c  PeerDistSvc - ok
22:10:09.0845 0x105c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:10:09.0854 0x105c  PerfHost - ok
22:10:09.0927 0x105c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:10:09.0983 0x105c  pla - ok
22:10:10.0037 0x105c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:10:10.0053 0x105c  PlugPlay - ok
22:10:10.0077 0x105c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:10:10.0087 0x105c  PNRPAutoReg - ok
22:10:10.0111 0x105c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:10:10.0138 0x105c  PNRPsvc - ok
22:10:10.0190 0x105c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:10:10.0223 0x105c  PolicyAgent - ok
22:10:10.0290 0x105c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:10:10.0318 0x105c  Power - ok
22:10:10.0345 0x105c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:10:10.0371 0x105c  PptpMiniport - ok
22:10:10.0395 0x105c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:10:10.0406 0x105c  Processor - ok
22:10:10.0454 0x105c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:10:10.0479 0x105c  ProfSvc - ok
22:10:10.0497 0x105c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
22:10:10.0506 0x105c  ProtectedStorage - ok
22:10:10.0528 0x105c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:10:10.0554 0x105c  Psched - ok
22:10:10.0586 0x105c  [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
22:10:10.0594 0x105c  PSKMAD - ok
22:10:10.0669 0x105c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:10:10.0711 0x105c  ql2300 - ok
22:10:10.0732 0x105c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:10:10.0742 0x105c  ql40xx - ok
22:10:10.0783 0x105c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:10:10.0801 0x105c  QWAVE - ok
22:10:10.0824 0x105c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:10:10.0837 0x105c  QWAVEdrv - ok
22:10:10.0845 0x105c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:10:10.0870 0x105c  RasAcd - ok
22:10:10.0893 0x105c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:10:10.0919 0x105c  RasAgileVpn - ok
22:10:10.0936 0x105c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:10:10.0964 0x105c  RasAuto - ok
22:10:10.0987 0x105c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:10:11.0014 0x105c  Rasl2tp - ok
22:10:11.0052 0x105c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:10:11.0082 0x105c  RasMan - ok
22:10:11.0086 0x105c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:10:11.0113 0x105c  RasPppoe - ok
22:10:11.0117 0x105c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:10:11.0143 0x105c  RasSstp - ok
22:10:11.0166 0x105c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:10:11.0195 0x105c  rdbss - ok
22:10:11.0198 0x105c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:10:11.0209 0x105c  rdpbus - ok
22:10:11.0233 0x105c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:10:11.0258 0x105c  RDPCDD - ok
22:10:11.0289 0x105c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:10:11.0310 0x105c  RDPDR - ok
22:10:11.0326 0x105c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:10:11.0350 0x105c  RDPENCDD - ok
22:10:11.0373 0x105c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:10:11.0398 0x105c  RDPREFMP - ok
22:10:11.0470 0x105c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:10:11.0489 0x105c  RdpVideoMiniport - ok
22:10:11.0522 0x105c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:10:11.0549 0x105c  RDPWD - ok
22:10:11.0580 0x105c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:10:11.0591 0x105c  rdyboost - ok
22:10:11.0623 0x105c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:10:11.0699 0x105c  RemoteAccess - ok
22:10:11.0736 0x105c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:10:11.0765 0x105c  RemoteRegistry - ok
22:10:11.0813 0x105c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:10:11.0827 0x105c  RFCOMM - ok
22:10:11.0846 0x105c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:10:11.0872 0x105c  RpcEptMapper - ok
22:10:11.0886 0x105c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:10:11.0896 0x105c  RpcLocator - ok
22:10:11.0924 0x105c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
22:10:11.0957 0x105c  RpcSs - ok
22:10:11.0990 0x105c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:10:12.0016 0x105c  rspndr - ok
22:10:12.0052 0x105c  [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys
22:10:12.0061 0x105c  rusb3hub - ok
22:10:12.0110 0x105c  [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys
22:10:12.0122 0x105c  rusb3xhc - ok
22:10:12.0148 0x105c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:10:12.0157 0x105c  s3cap - ok
22:10:12.0175 0x105c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
22:10:12.0184 0x105c  SamSs - ok
22:10:12.0255 0x105c  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:10:12.0262 0x105c  SASDIFSV - ok
22:10:12.0318 0x105c  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:10:12.0325 0x105c  SASKUTIL - ok
22:10:12.0340 0x105c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:10:12.0350 0x105c  sbp2port - ok
22:10:12.0385 0x105c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:10:12.0414 0x105c  SCardSvr - ok
22:10:12.0443 0x105c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:10:12.0468 0x105c  scfilter - ok
22:10:12.0521 0x105c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:10:12.0566 0x105c  Schedule - ok
22:10:12.0601 0x105c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:10:12.0626 0x105c  SCPolicySvc - ok
22:10:12.0671 0x105c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:10:12.0684 0x105c  sdbus - ok
22:10:12.0711 0x105c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:10:12.0724 0x105c  SDRSVC - ok
22:10:12.0762 0x105c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:10:12.0787 0x105c  secdrv - ok
22:10:12.0800 0x105c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:10:12.0825 0x105c  seclogon - ok
22:10:12.0832 0x105c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
22:10:12.0858 0x105c  SENS - ok
22:10:12.0874 0x105c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:10:12.0883 0x105c  SensrSvc - ok
22:10:12.0891 0x105c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:10:12.0899 0x105c  Serenum - ok
22:10:12.0922 0x105c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:10:12.0932 0x105c  Serial - ok
22:10:12.0961 0x105c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:10:12.0970 0x105c  sermouse - ok
22:10:12.0997 0x105c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:10:13.0024 0x105c  SessionEnv - ok
22:10:13.0040 0x105c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:10:13.0050 0x105c  sffdisk - ok
22:10:13.0052 0x105c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:10:13.0063 0x105c  sffp_mmc - ok
22:10:13.0066 0x105c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:10:13.0076 0x105c  sffp_sd - ok
22:10:13.0079 0x105c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:10:13.0087 0x105c  sfloppy - ok
22:10:13.0135 0x105c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:10:13.0166 0x105c  SharedAccess - ok
22:10:13.0183 0x105c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:10:13.0214 0x105c  ShellHWDetection - ok
22:10:13.0228 0x105c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:10:13.0236 0x105c  SiSRaid2 - ok
22:10:13.0249 0x105c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:10:13.0258 0x105c  SiSRaid4 - ok
22:10:13.0283 0x105c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:10:13.0309 0x105c  Smb - ok
22:10:13.0338 0x105c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:10:13.0349 0x105c  SNMPTRAP - ok
22:10:13.0366 0x105c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:10:13.0373 0x105c  spldr - ok
22:10:13.0411 0x105c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:10:13.0433 0x105c  Spooler - ok
22:10:13.0553 0x105c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:10:13.0702 0x105c  sppsvc - ok
22:10:13.0721 0x105c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:10:13.0748 0x105c  sppuinotify - ok
22:10:13.0783 0x105c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:10:13.0814 0x105c  srv - ok
22:10:13.0899 0x105c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:10:13.0917 0x105c  srv2 - ok
22:10:13.0945 0x105c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:10:13.0957 0x105c  srvnet - ok
22:10:13.0988 0x105c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:10:14.0018 0x105c  SSDPSRV - ok
22:10:14.0031 0x105c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:10:14.0057 0x105c  SstpSvc - ok
22:10:14.0106 0x105c  [ B2D8B364A831427A5741F6C408FA8AE3, 17BA3A936B26A2E4169F87C5E84DDA1E7892511D6B8A2E39564CCC930F582A64 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
22:10:14.0120 0x105c  STacSV - ok
22:10:14.0204 0x105c  [ E4EA2412FB1B8AEE33667A9CC6D456A4, E553D07BBD98CB026033D7D10D859795682D1BFCB9D33D494177B2E747EA5064 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
22:10:14.0211 0x105c  stdcfltn - ok
22:10:14.0244 0x105c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:10:14.0252 0x105c  stexstor - ok
22:10:14.0294 0x105c  [ EF5ACDE92BA3F691BBFEF781CB063501, 4E16919DE52D8766FF88921F6B95B4015842F28EA19EAEF1D808BB3161713583 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
22:10:14.0314 0x105c  STHDA - ok
22:10:14.0357 0x105c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:10:14.0382 0x105c  stisvc - ok
22:10:14.0406 0x105c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:10:14.0415 0x105c  storflt - ok
22:10:14.0442 0x105c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
22:10:14.0462 0x105c  StorSvc - ok
22:10:14.0484 0x105c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:10:14.0492 0x105c  storvsc - ok
22:10:14.0514 0x105c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:10:14.0521 0x105c  swenum - ok
22:10:14.0564 0x105c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:10:14.0602 0x105c  swprv - ok
22:10:14.0673 0x105c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:10:14.0719 0x105c  SysMain - ok
22:10:14.0744 0x105c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:10:14.0758 0x105c  TabletInputService - ok
22:10:14.0796 0x105c  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
22:10:14.0820 0x105c  tap0901 - ok
22:10:14.0847 0x105c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:10:14.0877 0x105c  TapiSrv - ok
22:10:14.0894 0x105c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:10:14.0920 0x105c  TBS - ok
22:10:15.0011 0x105c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:10:15.0056 0x105c  Tcpip - ok
22:10:15.0104 0x105c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:10:15.0149 0x105c  TCPIP6 - ok
22:10:15.0175 0x105c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:10:15.0184 0x105c  tcpipreg - ok
22:10:15.0209 0x105c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:10:15.0229 0x105c  TDPIPE - ok
22:10:15.0259 0x105c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:10:15.0268 0x105c  TDTCP - ok
22:10:15.0298 0x105c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:10:15.0320 0x105c  tdx - ok
22:10:15.0354 0x105c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:10:15.0362 0x105c  TermDD - ok
22:10:15.0404 0x105c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:10:15.0429 0x105c  TermService - ok
22:10:15.0457 0x105c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:10:15.0470 0x105c  Themes - ok
22:10:15.0496 0x105c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:10:15.0526 0x105c  THREADORDER - ok
22:10:15.0555 0x105c  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
22:10:15.0565 0x105c  TPM - ok
22:10:15.0584 0x105c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:10:15.0612 0x105c  TrkWks - ok
22:10:15.0670 0x105c  [ B66EE1D68197DFB9AA24F961E68ACDCC, EB7536089BAF2384437EDE964F7A20AE00C988B8CCB61A8F12CB2BBD84C4FB6E ] trufos          C:\Windows\system32\drivers\trufos.sys
22:10:15.0685 0x105c  trufos - ok
22:10:15.0739 0x105c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:10:15.0768 0x105c  TrustedInstaller - ok
22:10:15.0799 0x105c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:10:15.0808 0x105c  tssecsrv - ok
22:10:15.0835 0x105c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:10:15.0844 0x105c  TsUsbFlt - ok
22:10:15.0857 0x105c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:10:15.0866 0x105c  TsUsbGD - ok
22:10:15.0901 0x105c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:10:15.0928 0x105c  tunnel - ok
22:10:15.0946 0x105c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:10:15.0955 0x105c  uagp35 - ok
22:10:15.0981 0x105c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:10:16.0013 0x105c  udfs - ok
22:10:16.0040 0x105c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:10:16.0051 0x105c  UI0Detect - ok
22:10:16.0080 0x105c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:10:16.0090 0x105c  uliagpkx - ok
22:10:16.0093 0x105c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:10:16.0103 0x105c  umbus - ok
22:10:16.0122 0x105c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:10:16.0187 0x105c  UmPass - ok
22:10:16.0235 0x105c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:10:16.0249 0x105c  UmRdpService - ok
22:10:16.0572 0x105c  [ 527893B84C40532E86AA939B4FDA5DB3, 41FD7BB5F3174FD511518C370E655F5056F042A0E9F5B1FCD0488C16A8CFD17F ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:10:16.0639 0x105c  UNS - ok
22:10:16.0677 0x105c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:10:16.0710 0x105c  upnphost - ok
22:10:16.0743 0x105c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:10:16.0770 0x105c  usbccgp - ok
22:10:16.0783 0x105c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:10:16.0812 0x105c  usbcir - ok
22:10:16.0829 0x105c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:10:16.0839 0x105c  usbehci - ok
22:10:16.0883 0x105c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:10:16.0899 0x105c  usbhub - ok
22:10:16.0935 0x105c  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:10:16.0945 0x105c  usbohci - ok
22:10:16.0962 0x105c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:10:16.0973 0x105c  usbprint - ok
22:10:16.0987 0x105c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
22:10:16.0998 0x105c  USBSTOR - ok
22:10:17.0017 0x105c  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:10:17.0026 0x105c  usbuhci - ok
22:10:17.0069 0x105c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:10:17.0095 0x105c  usbvideo - ok
22:10:17.0126 0x105c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:10:17.0152 0x105c  UxSms - ok
22:10:17.0164 0x105c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
22:10:17.0174 0x105c  VaultSvc - ok
22:10:17.0195 0x105c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:10:17.0203 0x105c  vdrvroot - ok
22:10:17.0231 0x105c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:10:17.0268 0x105c  vds - ok
22:10:17.0300 0x105c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:10:17.0312 0x105c  vga - ok
22:10:17.0315 0x105c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:10:17.0340 0x105c  VgaSave - ok
22:10:17.0362 0x105c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:10:17.0375 0x105c  vhdmp - ok
22:10:17.0395 0x105c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:10:17.0402 0x105c  viaide - ok
22:10:17.0431 0x105c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:10:17.0443 0x105c  vmbus - ok
22:10:17.0460 0x105c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:10:17.0469 0x105c  VMBusHID - ok
22:10:17.0501 0x105c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:10:17.0510 0x105c  volmgr - ok
22:10:17.0519 0x105c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:10:17.0534 0x105c  volmgrx - ok
22:10:17.0544 0x105c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:10:17.0557 0x105c  volsnap - ok
22:10:17.0582 0x105c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:10:17.0593 0x105c  vsmraid - ok
22:10:17.0660 0x105c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:10:17.0720 0x105c  VSS - ok
22:10:17.0770 0x105c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:10:17.0781 0x105c  vwifibus - ok
22:10:17.0784 0x105c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:10:17.0798 0x105c  vwififlt - ok
22:10:17.0849 0x105c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:10:17.0883 0x105c  W32Time - ok
22:10:17.0900 0x105c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:10:17.0910 0x105c  WacomPen - ok
22:10:17.0925 0x105c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:10:17.0951 0x105c  WANARP - ok
22:10:17.0954 0x105c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:10:17.0979 0x105c  Wanarpv6 - ok
22:10:18.0075 0x105c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:10:18.0106 0x105c  WatAdminSvc - ok
22:10:18.0192 0x105c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:10:18.0235 0x105c  wbengine - ok
22:10:18.0267 0x105c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:10:18.0285 0x105c  WbioSrvc - ok
22:10:18.0333 0x105c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:10:18.0355 0x105c  wcncsvc - ok
22:10:18.0373 0x105c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:10:18.0397 0x105c  WcsPlugInService - ok
22:10:18.0419 0x105c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:10:18.0427 0x105c  Wd - ok
22:10:18.0496 0x105c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:10:18.0519 0x105c  Wdf01000 - ok
22:10:18.0546 0x105c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:10:18.0573 0x105c  WdiServiceHost - ok
22:10:18.0577 0x105c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:10:18.0588 0x105c  WdiSystemHost - ok
22:10:18.0623 0x105c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:10:18.0656 0x105c  WebClient - ok
22:10:18.0693 0x105c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:10:18.0724 0x105c  Wecsvc - ok
22:10:18.0743 0x105c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:10:18.0769 0x105c  wercplsupport - ok
22:10:18.0790 0x105c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:10:18.0817 0x105c  WerSvc - ok
22:10:18.0839 0x105c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:10:18.0864 0x105c  WfpLwf - ok
22:10:18.0882 0x105c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:10:18.0890 0x105c  WIMMount - ok
22:10:18.0923 0x105c  WinDefend - ok
22:10:18.0943 0x105c  WinHttpAutoProxySvc - ok
22:10:19.0012 0x105c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:10:19.0041 0x105c  Winmgmt - ok
22:10:19.0129 0x105c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:10:19.0188 0x105c  WinRM - ok
22:10:19.0248 0x105c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:10:19.0277 0x105c  Wlansvc - ok
22:10:19.0315 0x105c  [ 55DBB16FDC57808615323389241FDC99, D6A7133FF287084083A0943FC626C44D4A51A9361CEA88B25B3D04B9725587BF ] wltrysvc        C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
22:10:19.0319 0x105c  wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
22:10:21.0985 0x105c  Detect skipped due to KSN trusted
22:10:21.0985 0x105c  wltrysvc - ok
22:10:22.0032 0x105c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:10:22.0041 0x105c  WmiAcpi - ok
22:10:22.0079 0x105c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:10:22.0092 0x105c  wmiApSrv - ok
22:10:22.0123 0x105c  WMPNetworkSvc - ok
22:10:22.0143 0x105c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:10:22.0169 0x105c  WPCSvc - ok
22:10:22.0207 0x105c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:10:22.0220 0x105c  WPDBusEnum - ok
22:10:22.0251 0x105c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:10:22.0276 0x105c  ws2ifsl - ok
22:10:22.0317 0x105c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
22:10:22.0331 0x105c  wscsvc - ok
22:10:22.0334 0x105c  WSearch - ok
22:10:22.0430 0x105c  [ 14882A15F5CE7B8EADC8E7F54FD5B53B, 75CE9845C6EE66B070EA3D11F5B49935B9D0A607DCC93D3105130F3987E39443 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:10:22.0500 0x105c  wuauserv - ok
22:10:22.0523 0x105c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:10:22.0540 0x105c  WudfPf - ok
22:10:22.0556 0x105c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:10:22.0569 0x105c  WUDFRd - ok
22:10:22.0582 0x105c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:10:22.0593 0x105c  wudfsvc - ok
22:10:22.0614 0x105c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:10:22.0634 0x105c  WwanSvc - ok
22:10:22.0641 0x105c  ================ Scan global ===============================
22:10:22.0668 0x105c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:10:22.0698 0x105c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
22:10:22.0709 0x105c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
22:10:22.0747 0x105c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:10:22.0780 0x105c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:10:22.0788 0x105c  [ Global ] - ok
22:10:22.0788 0x105c  ================ Scan MBR ==================================
22:10:22.0804 0x105c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:10:23.0026 0x105c  \Device\Harddisk0\DR0 - ok
22:10:23.0026 0x105c  ================ Scan VBR ==================================
22:10:23.0028 0x105c  [ 3C12AC505A3A255FE07BFBDAE6E71BD3 ] \Device\Harddisk0\DR0\Partition1
22:10:23.0029 0x105c  \Device\Harddisk0\DR0\Partition1 - ok
22:10:23.0030 0x105c  [ 13AB45763DCD73A0A6ECB3FF994309D6 ] \Device\Harddisk0\DR0\Partition2
22:10:23.0032 0x105c  \Device\Harddisk0\DR0\Partition2 - ok
22:10:23.0032 0x105c  ================ Scan generic autorun ======================
22:10:23.0079 0x105c  [ 53B2231D47375685941EBCA93D4E7C28, EEA8D462491E7C03736D8BAA3FD76024AAE8DD5088F95ABB200ECBD0DC6B83DB ] C:\Windows\system32\igfxtray.exe
22:10:23.0091 0x105c  IgfxTray - ok
22:10:23.0113 0x105c  [ 051D3EBB18BBEC5BB635234389555BA7, F4143718487A67FC996F64E0E1957BC7DA652C0640AB18E78BAFDBF6CA82FA0D ] C:\Windows\system32\hkcmd.exe
22:10:23.0130 0x105c  HotKeysCmds - ok
22:10:23.0150 0x105c  [ 85E3CE8F6A4F2039415FADB4C78F940B, 8D79EA13822DAB0EA96E5EDEA3353A888EB9D5281029758CEAD2C55FE16E125C ] C:\Windows\system32\igfxpers.exe
22:10:23.0168 0x105c  Persistence - ok
22:10:23.0210 0x105c  [ 759CDFE07A593142AD7FD5029E582FE3, 24DF8DD2003F2460CE08C2B64CFC8576DFA2067E71DE2F8FA94553D2391D8471 ] C:\Program Files\IDT\WDM\sttray64.exe
22:10:23.0241 0x105c  SysTrayApp - ok
22:10:23.0459 0x105c  [ 2D0FD457CDF28F7A03074F1D4E476584, 9DE498E6F448DE725CE835B802488341CFA47C0B15C31CB19009C9A7FBF720E4 ] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
22:10:23.0698 0x105c  Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )
22:10:26.0361 0x105c  Detect skipped due to KSN trusted
22:10:26.0361 0x105c  Broadcom Wireless Manager UI - ok
22:10:26.0421 0x105c  [ 0EBD14E7F5A374254754E7DB46A56CD4, FF91B8ABB8E3ACE9DFAE9B5227CFF4D406EEB9CBFCF7B92BA2BCAC3D8E9377E1 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
22:10:26.0443 0x105c  FreeFallProtection - ok
22:10:26.0483 0x105c  [ 5A77E2A4DD76B0733CF30AAD21AB3587, 345C43F209CD29C7A1E8BD88C725D154C29F47B767CD3749EE61601EB4DDDC03 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
22:10:26.0493 0x105c  RUSB3MON - ok
22:10:26.0583 0x105c  [ F86A933FB6D1D0CE951B56FEBBF38980, 1945B0461C1C3780E4725090DD98C4A95C4546A2084CAE27DD436432DBA9823E ] C:\Program Files (x86)\DFX\DFX.exe
22:10:26.0673 0x105c  DFX - ok
22:10:26.0839 0x105c  [ 84463A0AC0E6E0BDCC545D7A4AFD779B, A3D32270708955768376D69DC534870900DCD86D6AF77B80E133006FCE72C666 ] C:\Program Files (x86)\CraveWorldClock\CWClock.exe
22:10:26.0924 0x105c  Crave World Clock - ok
22:10:27.0024 0x105c  [ F25E2808F14C90D05B0363E59C016943, 94107D947061930DFD27A207FA33D365E376441777D740916A967C575BEDC4D9 ] C:\Users\Allybally\AppData\Local\Mixesoft\AppNHost\appnhost.exe
22:10:27.0040 0x105c  appnhost - ok
22:10:27.0082 0x105c  [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files (x86)\RocketDock\RocketDock.exe
22:10:27.0097 0x105c  RocketDock - detected UnsignedFile.Multi.Generic ( 1 )
22:10:29.0897 0x105c  Detect skipped due to KSN trusted
22:10:29.0897 0x105c  RocketDock - ok
22:10:30.0023 0x105c  [ E74BF46DE94E62FA01C61EF084F7A7DD, 51CD74F0790C7FBDF0DEA16F1A582F07F4BCF7C9A87EA72B7D0FBC0B8EFD42EF ] C:\Users\Allybally\AppData\Roaming\Spotify\SpotifyWebHelper.exe
22:10:30.0073 0x105c  Spotify Web Helper - ok
22:10:30.0075 0x105c  Waiting for KSN requests completion. In queue: 6
22:10:31.0075 0x105c  Waiting for KSN requests completion. In queue: 6
22:10:32.0075 0x105c  Waiting for KSN requests completion. In queue: 6
22:10:33.0106 0x105c  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x42000 ( disabled : updated )
22:10:33.0107 0x105c  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x42010 ( disabled )
22:10:33.0131 0x105c  Win FW state via NFP2: enabled
22:10:35.0797 0x105c  ============================================================
22:10:35.0797 0x105c  Scan finished
22:10:35.0797 0x105c  ============================================================
22:10:35.0803 0x0b60  Detected object count: 0
22:10:35.0803 0x0b60  Actual detected object count: 0
22:10:43.0232 0x09cc  Deinitialize success
 

[pystryker]

Excellent, nothing found. Looks like a clean bill of health.

I would like to provide you with some information regarding P2P programs like uTorrent before I clear my tools.

The Dangers of P2P Programs

I noticed that you have a P2P file sharing program on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

There are also new infections out there such as CryptoWall 3.0 and CryptoLocker. When infected with these, all of your personal files on any drive connected to your computer will be affected. These infections copy all your files, encrypt them, and then delete the originals, leaving you with the encrypted copies. You are then presented with a screen telling you you have a certain amount of time to pay the ransom for the decryption code to decrypt your files. Even if you pay the ransom, there decryption process usually results in corrupt and unusable files.

There is nothing we can do to decrypt the files, as they use very sophisticated encryption techniques. Please consider this when using P2P programs. Malware and ransomware writers use P2P to spread their infections.


Let me remove my tools, and you'll be good to go.

• Download Delfix from here
• Ensure Remove disinfection tools is ticked
  
• Click Run
  The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

[mrpooh3]

Hi,I ran delfix and tried to copy and paste the log but couldn't and downloaded and ran it again but after a restart all tools were deleted,here is the 2nd log as I couldn't get the first.

 

# DelFix v10.8 - Logfile created 11/07/2015 at 22:22:39
# Updated 29/07/2014 by Xplode
# Username : Allybally - ALLYBALLY-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...


########## - EOF - ##########

[pystryker]

Hi,I ran delfix and tried to copy and paste the log but couldn't and downloaded and ran it again but after a restart all tools were deleted,here is the 2nd log as I couldn't get the first.

No worries. If we can help you again in the future, please don't hesitate to come and see us.

Safe surfing!

Pystryker

[mrpooh3]

thanks for the help.

All the best,

mrpooh3.

[pystryker]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.